JonTom Posted December 8, 2012 Share Posted December 8, 2012 Hello goofy1139 I have not ran the posted in 18 yet, but i will this afternoon Please do, it is important that we remove all of the malware from your machine. When you run the script, combofix may notify you that an internet connection is required. Even if you cannot connect to the net, allow combofix to proceed. Once the script has been run, please follow with the following tool: Please download MiniToolBox, save it to your desktop and run it. Checkmark the following checkboxes: Flush DNS Report IE Proxy Settings Reset IE Proxy Settings Report FF Proxy Settings Reset FF Proxy Settings List content of Hosts List IP configuration List Winsock Entries List last 10 Event Viewer log List Installed Programs List Devices List Users, Partitions and Memory size. List Minidump Files Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed. Please post the combofix log and the MiniToolBox log in your next reply. Link to comment Share on other sites More sharing options...
goofy1139 Posted December 11, 2012 Author Share Posted December 11, 2012 Hello JonTom, here are the logs. sorry about the wait. ComboFix 12-12-02.01 - Owner 12/10/2012 18:13:00.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6055.4681 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe Command switches used :: c:usersOwnerDesktopCFScript.txt AV: ZoneAlarm Antivirus *Enabled/Outdated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730} FW: ZoneAlarm Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: ZoneAlarm Anti-Spyware *Enabled/Outdated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D} . - REDUCED FUNCTIONALITY MODE - . FILE :: "c:programdataVaudix508d42f54b62d.ocx" "c:programdataVaudix508d44c452574.ocx" . . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:program files (x86)Hosts_Anti_Adwares_PUPs c:program files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware.exe c:program files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware_main.exe . . ((((((((((((((((((((((((( Files Created from 2012-11-11 to 2012-12-11 ))))))))))))))))))))))))))))))) . . 2012-12-11 00:14 . 2012-12-11 00:14 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp 2012-12-11 00:14 . 2012-12-11 00:14 -------- d-----w- c:usersDefaultAppDataLocaltemp 2012-12-10 15:12 . 2012-12-10 15:12 -------- d-----w- C:FRACTURE EXTRAS 2012-12-05 17:06 . 2012-11-29 08:27 96224 ----a-w- c:program files (x86)Mozilla Firefoxwebapprt-stub.exe 2012-12-05 17:06 . 2012-11-29 08:27 270816 ----a-w- c:program files (x86)Mozilla Firefoxupdater.exe 2012-12-05 17:06 . 2012-11-29 08:27 157272 ----a-w- c:program files (x86)Mozilla Firefoxwebapp-uninstaller.exe 2012-12-05 17:06 . 2012-11-29 08:27 73696 ----a-w- c:program files (x86)Mozilla Firefoxbreakpadinjector.dll 2012-11-30 15:39 . 2012-11-30 21:47 -------- d-----w- c:program files (x86)Malwarebytes' Anti-Malware 2012-11-30 15:39 . 2012-09-30 01:54 25928 ----a-w- c:windowssystem32driversmbam.sys 2012-11-30 14:16 . 2012-11-30 14:16 -------- d-----w- c:windowsERUNT 2012-11-30 14:15 . 2012-12-06 01:06 -------- d-----w- C:JRT 2012-11-27 17:18 . 2012-11-27 17:18 -------- d-----w- C:FRST 2012-11-25 02:04 . 2012-12-05 19:46 -------- d-----w- c:usersOwnerAppDataLocalElevatedDiagnostics 2012-11-24 14:58 . 2011-05-30 13:42 240640 ----a-w- c:windowsSysWow64xvidvfw.dll 2012-11-24 14:58 . 2011-05-30 13:42 255488 ----a-w- c:windowssystem32xvidvfw.dll 2012-11-24 14:58 . 2011-05-23 09:52 153088 ----a-w- c:windowsSysWow64xvid.ax 2012-11-24 14:58 . 2011-05-23 07:49 173568 ----a-w- c:windowssystem32xvid.ax 2012-11-24 14:58 . 2011-05-23 07:46 645632 ----a-w- c:windowsSysWow64xvidcore.dll 2012-11-24 14:58 . 2011-05-23 07:45 696832 ----a-w- c:windowssystem32xvidcore.dll 2012-11-24 14:57 . 2012-11-24 14:57 -------- d-----w- c:usersOwner.bitrock 2012-11-24 01:49 . 2012-11-24 14:58 -------- d-----w- c:program files (x86)Xvid 2012-11-21 18:48 . 2010-11-26 23:02 17720 ----a-w- c:windowssystem32driversSmartDefragDriver.sys 2012-11-21 14:17 . 2012-11-21 14:19 -------- d-----w- c:program files (x86)MeadCo Neptune 2012-11-20 22:21 . 2012-01-10 00:59 11864 ----a-w- c:windowssystem32driverskl2.sys 2012-11-20 22:21 . 2012-01-10 00:59 460888 ----a-w- c:windowssystem32driverskl1.sys 2012-11-20 22:16 . 2012-01-10 00:59 485680 ----a-w- c:windowssystem32driversklif.sys 2012-11-20 22:16 . 2012-11-20 22:21 -------- dc----w- c:windowssystem32DRVSTORE 2012-11-20 22:15 . 2012-11-20 22:15 -------- d-----w- c:usersOwnerAppDataRoamingCheckPoint 2012-11-20 22:14 . 2012-11-20 22:14 -------- d-----w- c:program filesCheckPoint 2012-11-20 21:46 . 2012-11-20 22:16 -------- d-----w- c:program files (x86)CheckPoint 2012-11-20 21:46 . 2012-11-20 21:46 -------- d-----w- c:programdataCheckPoint 2012-11-20 18:23 . 2012-11-20 18:23 -------- d-----w- c:usersOwnerAppDataRoamingMalwarebytes 2012-11-20 18:22 . 2012-11-20 18:22 -------- d-----w- c:programdataMalwarebytes 2012-11-20 16:27 . 2012-11-20 16:27 -------- d-----w- c:programdataPCPitstop 2012-11-20 16:25 . 2012-11-21 15:57 -------- d-----w- c:program files (x86)PCPitstop 2012-11-20 12:55 . 2012-11-08 17:24 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{981D4DA8-857B-4241-8D4D-3835FDF581A0}mpengine.dll 2012-11-20 11:53 . 2012-11-20 11:53 -------- d-----w- c:usersOwnerAppDataRoamingConverterLite 2012-11-20 01:03 . 2012-11-20 01:03 -------- d-----w- c:usersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012) 2012-11-17 21:22 . 2012-11-17 21:22 -------- d-----w- c:usersOwner.thumbnails 2012-11-17 21:20 . 2012-11-17 21:20 -------- d-----w- c:usersOwnerAppDataLocalfontconfig 2012-11-17 21:20 . 2012-11-17 21:38 -------- d-----w- c:usersOwner.gimp-2.8 2012-11-17 21:20 . 2012-11-17 21:20 -------- d-----w- c:usersOwnerAppDataLocalgegl-0.2 2012-11-17 21:18 . 2012-11-17 21:19 -------- d-----w- c:program filesGIMP 2 2012-11-17 17:59 . 2012-10-03 17:56 1914248 ----a-w- c:windowssystem32driverstcpip.sys 2012-11-17 17:59 . 2012-10-03 17:44 246272 ----a-w- c:windowssystem32netcorehc.dll 2012-11-17 17:59 . 2012-10-03 17:44 216576 ----a-w- c:windowssystem32ncsi.dll 2012-11-17 17:59 . 2012-10-03 17:42 569344 ----a-w- c:windowssystem32iphlpsvc.dll 2012-11-17 17:59 . 2012-10-03 16:42 156672 ----a-w- c:windowsSysWow64ncsi.dll 2012-11-17 17:59 . 2012-10-03 17:44 70656 ----a-w- c:windowssystem32nlaapi.dll 2012-11-17 17:59 . 2012-10-03 17:44 303104 ----a-w- c:windowssystem32nlasvc.dll 2012-11-17 17:59 . 2012-10-03 17:44 18944 ----a-w- c:windowssystem32netevent.dll 2012-11-17 17:59 . 2012-10-03 16:42 18944 ----a-w- c:windowsSysWow64netevent.dll 2012-11-17 17:59 . 2012-10-03 16:42 175104 ----a-w- c:windowsSysWow64netcorehc.dll 2012-11-17 17:59 . 2012-10-03 16:07 45568 ----a-w- c:windowssystem32driverstcpipreg.sys 2012-11-17 17:59 . 2012-01-13 07:12 52224 ----a-w- c:windowsSysWow64nlaapi.dll 2012-11-16 02:35 . 2012-07-26 04:47 2560 ----a-w- c:windowssystem32driversen-USwdf01000.sys.mui 2012-11-16 02:35 . 2012-07-26 04:55 785512 ----a-w- c:windowssystem32driversWdf01000.sys 2012-11-16 02:35 . 2012-07-26 04:55 54376 ----a-w- c:windowssystem32driversWdfLdr.sys 2012-11-16 02:35 . 2012-07-26 02:36 9728 ----a-w- c:windowssystem32Wdfres.dll 2012-11-16 02:29 . 2012-07-26 03:08 84992 ----a-w- c:windowssystem32WUDFSvc.dll 2012-11-16 02:29 . 2012-07-26 03:08 194048 ----a-w- c:windowssystem32WUDFPlatform.dll 2012-11-16 02:29 . 2012-07-26 02:26 87040 ----a-w- c:windowssystem32driversWUDFPf.sys 2012-11-16 02:29 . 2012-07-26 02:26 198656 ----a-w- c:windowssystem32driversWUDFRd.sys 2012-11-16 02:29 . 2012-07-26 03:08 45056 ----a-w- c:windowssystem32WUDFCoinstaller.dll 2012-11-16 02:29 . 2012-07-26 03:08 229888 ----a-w- c:windowssystem32WUDFHost.exe 2012-11-16 02:29 . 2012-07-26 03:08 744448 ----a-w- c:windowssystem32WUDFx.dll 2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin7.dll 2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin6.dll 2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin5.dll 2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin4.dll 2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin3.dll 2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin2.dll 2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin.dll 2012-11-16 02:15 . 2012-11-16 02:15 -------- d-----w- c:program files (x86)QuickTime 2012-11-15 12:36 . 2012-10-09 18:17 55296 ----a-w- c:windowssystem32dhcpcsvc6.dll 2012-11-15 12:36 . 2012-10-09 18:17 226816 ----a-w- c:windowssystem32dhcpcore6.dll 2012-11-15 12:36 . 2012-10-09 17:40 44032 ----a-w- c:windowsSysWow64dhcpcsvc6.dll 2012-11-15 12:36 . 2012-10-09 17:40 193536 ----a-w- c:windowsSysWow64dhcpcore6.dll 2012-11-15 12:36 . 2012-10-18 18:25 3149824 ----a-w- c:windowssystem32win32k.sys 2012-11-15 12:31 . 2012-09-25 22:47 78336 ----a-w- c:windowsSysWow64synceng.dll 2012-11-15 12:31 . 2012-09-25 22:46 95744 ----a-w- c:windowssystem32synceng.dll 2012-11-15 01:50 . 2012-11-15 01:50 96768 ----a-w- c:windowsSysWow64sspicli.dll 2012-11-15 01:50 . 2012-11-15 01:50 458712 ----a-w- c:windowssystem32driverscng.sys 2012-11-15 01:50 . 2012-11-15 01:50 340992 ----a-w- c:windowssystem32schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 307200 ----a-w- c:windowssystem32ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 247808 ----a-w- c:windowsSysWow64schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 220160 ----a-w- c:windowsSysWow64ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 22016 ----a-w- c:windowsSysWow64secur32.dll 2012-11-15 01:50 . 2012-11-15 01:50 154480 ----a-w- c:windowssystem32driversksecpkg.sys 2012-11-15 01:50 . 2012-11-15 01:50 1448448 ----a-w- c:windowssystem32lsasrv.dll 2012-11-15 01:49 . 2012-11-15 01:49 514560 ----a-w- c:windowsSysWow64qdvd.dll 2012-11-15 01:49 . 2012-11-15 01:49 366592 ----a-w- c:windowssystem32qdvd.dll 2012-11-14 20:32 . 2012-11-14 20:32 30568 ----a-w- c:windowssystem32driversavgtpx64.sys 2012-11-14 20:30 . 2012-12-11 00:16 15712 ----a-w- c:windowssystem32driversSWDUMon.sys 2012-11-14 20:30 . 2012-11-14 20:30 -------- d-----w- c:usersOwnerAppDataLocalSlimWare Utilities Inc 2012-11-14 20:29 . 2012-11-14 20:29 -------- d--h--w- c:programdataCommon Files 2012-11-14 20:29 . 2012-11-14 20:29 -------- d-----w- c:program files (x86)SlimDrivers 2012-11-12 21:06 . 2012-11-30 17:06 -------- d-----w- c:usersOwnerAppDataLocalMindDabble_4p 2012-11-12 21:06 . 2012-11-12 21:06 -------- d-----w- c:program files (x86)MindDabble_4p 2012-11-12 19:26 . 2012-11-12 19:26 -------- d-----w- c:usersOwnerAppDataLocalAPlusGamer_63 2012-11-12 19:26 . 2012-11-12 19:26 -------- d-----w- c:program files (x86)APlusGamer_63 2012-11-12 19:05 . 2012-11-12 19:05 -------- d-----w- c:program files (x86)BrainTrainAge . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-24 01:35 . 2012-10-06 20:26 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll 2012-11-18 22:46 . 2012-07-31 00:28 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl 2012-11-18 22:46 . 2012-07-31 00:28 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe 2012-11-15 12:25 . 2012-07-25 12:45 66395536 ----a-w- c:windowssystem32MRT.exe 2012-10-30 23:50 . 2012-08-03 22:43 285328 ----a-w- c:windowssystem32aswBoot.exe 2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:windowsSysWow64QuickTimeVR.qtx 2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:windowsSysWow64QuickTime.qts 2012-10-22 22:34 . 2012-10-22 22:34 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll 2012-10-22 22:34 . 2012-10-22 22:35 821736 ----a-w- c:windowsSysWow64npDeployJava1.dll 2012-10-22 22:34 . 2012-10-22 22:35 746984 ----a-w- c:windowsSysWow64deployJava1.dll 2012-10-17 13:39 . 2012-10-17 13:39 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCore-2Microsoft.MediaCenter.Sports.UI.dll 2012-10-17 13:39 . 2012-10-17 13:39 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkup-2markup.dll 2012-10-17 13:37 . 2012-10-17 13:37 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSM-2StartResources.dll 2012-10-06 20:26 . 2012-10-06 20:26 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkupmarkup.dll 2012-10-06 20:26 . 2012-10-06 20:26 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSMStartResources.dll 2012-10-06 20:26 . 2012-10-06 20:26 539984 ----a-w- c:programdataMicrosofteHomePackagesMCESpotlightMCESpotlightSpotlightResources.dll 2012-09-14 19:19 . 2012-10-12 13:06 2048 ----a-w- c:windowssystem32tzres.dll 2012-09-14 18:28 . 2012-10-12 13:06 2048 ----a-w- c:windowsSysWow64tzres.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{30C456C5-0E73-2343-38F0-D9F9CF8B0F52}] 2012-10-28 14:44 129024 ----a-w- c:programdataVaudix508d44c452574.ocx . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE}] 2012-10-28 14:36 129024 ----a-w- c:programdataVaudix508d42f54b62d.ocx . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar] "{8945176c-2823-4272-9735-873e75bfe1b4}"= "c:program files (x86)APlusGamer_63bar1.bin63bar.dll" [bU] . [HKEY_CLASSES_ROOTclsid{8945176c-2823-4272-9735-873e75bfe1b4}] . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "IDMan"="c:new folder (2)Internet Download Manager v6.11. 8.1 (IDM) +Crack + Key [h33t][iahq76]IDMan.exe" [2010-05-26 16:16 3220912] "Xvid"="c:program files (x86)XvidCheckUpdate.exe" [2011-01-17 8192] "AnyDVD"="c:program files (x86)SlySoftAnyDVDAnyDVDtray.exe" [2012-11-23 6663840] . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun] "CLMLServer"="c:program files (x86)CyberLinkPower2GoCLMLSvc.exe" [2009-11-02 103720] "Samsung PanelMgr"="c:windowsSamsungPanelMgrSSMMgr.exe" [2010-06-08 618496] "UVS10 Preload"="c:program files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe" [2006-03-07 36864] "UpdatePPShortCut"="c:program files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" [2009-05-20 222504] "Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848] "APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-10-12 59280] "PowerDVD12DMREngine"="c:program files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [2012-09-19 505872] "PowerDVD12Agent"="c:program files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [2012-09-19 374560] "QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-10-25 421888] . c:usersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup MagicDisc.lnk - c:program files (x86)MagicDiscMagicDisc.exe [2012-9-15 576000] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:windowsSysWOW64nvinit.dll . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32] "wave6"=wdmaud.drv . R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-09-19 90640] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944] R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:windowssystem32DRIVERSAVerPola.sys [2011-01-04 534144] R3 BBUpdate;BBUpdate;c:program files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe [2012-02-10 240408] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:program filesIntelWiFibinPanDhcpDns.exe [2011-01-05 340240] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2012-11-15 19456] R3 Samsung UPD Service;Samsung UPD Service;c:windowsSystem32SUPDSvc.exe [2010-08-09 166704] R3 StkCMini;Syntek AVStream USB2.0 ATV;c:windowssystem32DriversStkCMini.sys [2010-04-16 1816968] R3 SWDUMon;SWDUMon;c:windowssystem32DRIVERSSWDUMon.sys [2012-12-11 15712] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2012-11-15 57856] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2012-07-25 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32DRIVERSwdcsam64.sys [2008-05-06 14464] R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:windowssystem32DRIVERSnvpciflt.sys [2010-12-14 25576] S0 SmartDefragDriver;SmartDefragDriver;c:windowsSystem32DriversSmartDefragDriver.sys [2010-11-26 17720] S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-14 30568] S1 kl2;kl2;c:windowssystem32DRIVERSkl2.sys [2012-01-10 11864] S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:windowssystem32DriversSABI.sys [2009-05-28 13824] S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34];c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-09-19 22:12 147704] S2 BBSvc;BingBar Service;c:program files (x86)MicrosoftBingBar7.1.361.0BBSvc.exe [2012-02-10 193816] S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-09-19 78352] S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-09-19 295440] S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:program filesIntelWiMAXBinDMAgent.exe [2011-06-06 498688] S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.sys [2012-08-02 158944] S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:program filesCheckPointZAForceFieldISWKL.sys [2012-08-30 33712] S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:program filesCheckPointZAForceFieldIswSvc.exe [2012-08-30 827560] S2 MBAMScheduler;MBAMScheduler;c:program files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [2012-09-30 399432] S2 MBAMService;MBAMService;c:program files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2012-09-30 676936] S2 nlsX86cc;Nalpeiron Licensing Service;c:windowsSysWOW64nlssrv32.exe [2010-11-22 66560] S2 ntk_PowerDVD12;ntk_PowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-06-20 83704] S2 UNS;Intel® Management and Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-10-06 2655768] S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:program filesIntelWiMAXBinAppSrv.exe [2011-06-06 986112] S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:windowssystem32DRIVERSbpenum.sys [2011-05-19 84480] S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:windowssystem32DRIVERSbpmp.sys [2011-05-19 182272] S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:windowssystem32Driversbpusb.sys [2011-05-19 83968] S3 clwvd;CyberLink WebCam Virtual Driver;c:windowssystem32DRIVERSclwvd.sys [2010-11-10 31088] S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys [2010-11-12 138024] S3 IntcDAud;Intel® Display Audio;c:windowssystem32DRIVERSIntcDAud.sys [2010-10-15 317440] S3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [2012-09-30 25928] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:windowssystem32DRIVERSnusb3hub.sys [2010-10-11 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:windowssystem32DRIVERSnusb3xhc.sys [2010-10-11 180736] S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2011-06-10 539240] S3 wdkmd;Intel WiDi KMD;c:windowssystem32DRIVERSWDKMD.sys [2010-11-30 42392] . . Contents of the 'Scheduled Tasks' folder . 2012-12-10 c:windowsTasksAdobe Flash Player Updater.job - c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-31 22:46] . 2012-12-11 c:windowsTasksSlimDrivers Startup.job - c:program files (x86)SlimDriversSlimDrivers.exe [2012-10-14 21:29] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersIDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOTCLSID{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 23432 ----a-w- c:program files (x86)Internet Download ManagerIDMShellExt64.dll . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "IgfxTray"="c:windowssystem32igfxtray.exe" [2011-01-04 167960] "HotKeysCmds"="c:windowssystem32hkcmd.exe" [2011-01-04 391704] "Persistence"="c:windowssystem32igfxpers.exe" [2011-01-04 417304] "RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2010-11-30 11660904] "IntelWireless"="c:program filesCommon FilesIntelWirelessCommoniFrmewrk.exe" [2011-01-05 1933584] "ETDCtrl"="c:program files (x86)ElantechETDCtrl.exe" [bU] "IntelWirelessWiMAX"="c:program filesIntelWiMAXBinWiMAXCU.exe" [2011-06-02 1622016] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows] "AppInit_DLLs"=c:windowsSystem32nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:windowssystem32blank.htm uStart Page = hxxp://www.google.com mStart Page = hxxp://samsung.msn.com mLocal Page = c:windowsSysWOW64blank.htm IE: Download all links with IDM - c:new folder (2)Internet Download Manager v6.11. 8.1 (IDM) +Crack + Key [h33t][iahq76]IEGetAll.htm IE: Download FLV video content with IDM - c:new folder (2)Internet Download Manager v6.11. 8.1 (IDM) +Crack + Key [h33t][iahq76]IEGetVL.htm IE: Download with IDM - c:new folder (2)Internet Download Manager v6.11. 8.1 (IDM) +Crack + Key [h33t][iahq76]IEExt.htm FF - ProfilePath - c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default FF - prefs.js: keyword.URL - hxxp://www.goodsearch.com/search.aspx?toolbarcharity=___toolbarcharity___&id=goodsearchtb&v=2_1&keywords= FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2012-11-04 18:39; 50970cb9d50ba@50970cb9d50f3.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions50970cb9d50ba@50970cb9d50f3.com.xpi FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com FF - ExtSQL: 2012-11-20 16:15; {FFB96CC1-7EB3-449D-B827-DB661701C6BB}; c:program filesCheckPointZAForceFieldWOW64TrustChecker FF - ExtSQL: !HIDDEN! 2012-11-12 13:26; 63ffxtbr@APlusGamer_63.com; c:program files (x86)APlusGamer_63bar1.bin FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:program files (x86)MindDabble_4pbar1.bin . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) . . . [HKEY_LOCAL_MACHINESYSTEMControlSet001services{73526619-C24F-470B-9BED-53D455FBB5C6}] "ImagePath"="??c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):c5,88,12,3d,a1,66,02,aa,b6,69,27,77,2a,36,ce,6b,62,5d,c5,5b,dd, 32,c3,0e,3c,fd,35,14,a9,f8,c3,8a,76,15,a2,42,fb,fb,4e,66,00,00,00,00,00,00, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):92,20,a6,2c,ac,da,97,ad,d1,24,a3,f8,5b,7f,d7,fc,ab,59,6e,1b,bf, 51,95,0a,ae,4d,7b,37,63,5b,fa,ad,73,d0,1a,32,83,42,de,9e,00,00,00,00,00,00, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{b5572adb-f71b-41a1-ad6e-0832b120e9ea}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:000000f0 "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,85,b1,12,f9,90,dd,23,a1,46,8f,3c,f2,5c,68,ee,21,c4,91,5d,38,fc,54, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{c9fa1039-b2b9-4ecb-85ad-32f7d18bc0ed}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000012c "Therad"=dword:00000001 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68, . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:Windowssystem32MacromedFlashFlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus] @="0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:program files (x86)GoforFilesGFFUpdater.exe c:program files (x86)Common FilesAdobeARM1.0armsvc.exe c:program files (x86)IObitSmart Defrag 2SmartDefrag.exe c:program files (x86)Malwarebytes' Anti-Malwarembamgui.exe c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe c:program files (x86)CyberLinkShared filesRichVideo.exe c:program files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe c:program files (x86)SamsungEasy Display ManagerWifiManager.exe c:program files (x86)CyberLinkYouCamYCMMirage.exe c:new folder (2)Internet Download Manager v6.11. 8.1 (IDM) +Crack + Key [h33t][iahq76]IDMan.exe c:program files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe c:program files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe c:program files (x86)SamsungSamsung Support CenterSSCKbdHk.exe c:program files (x86)SamsungSamsung Update PlusSUPBackground.exe c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSHardwareTranscode.exe c:program files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe . ************************************************************************** . Completion time: 2012-12-10 18:42:06 - machine was rebooted ComboFix-quarantined-files.txt 2012-12-11 00:42 ComboFix2.txt 2012-12-03 17:11 . Pre-Run: 76,139,724,800 bytes free Post-Run: 75,595,681,792 bytes free . - - End Of File - - 72B58F4FA36BEA16E452D82E870828F7 MiniToolBox by Farbar Version: 25-11-2012 Ran by Owner (administrator) on 10-12-2012 at 20:40:33 Running from "C:UsersOwnerDesktop" Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal *************************************************************************** ========================= Flush DNS: =================================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========================= IE Proxy Settings: ============================== Proxy is not enabled. No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= FF Proxy Settings: ============================== "network.proxy.type", 0 "Reset FF Proxy Settings": Firefox Proxy settings were reset. ========================= Hosts content: ================================= 127.0.0.1 localhost ========================= IP Configuration: ================================ Intel® Centrino® Advanced-N 6250 AGN = Wireless Network Connection (Connected) Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected) Intel® Centrino® WiMAX 6250 = Local Area Connection 2 (Media disconnected) Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected) # ---------------------------------- # IPv4 Configuration # ---------------------------------- pushd interface ipv4 reset set global popd # End of IPv4 configuration Windows IP Configuration Host Name . . . . . . . . . . . . : Owner-PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection 2: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel® Centrino® WiMAX 6250 Physical Address. . . . . . . . . : 64-D4-DA-1D-0F-92 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Wireless LAN adapter Wireless Network Connection 2: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter Physical Address. . . . . . . . . : 00-23-15-AE-6F-31 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6250 AGN Physical Address. . . . . . . . . : 00-23-15-AE-6F-30 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::d954:f86b:c6c9:aa%11(Preferred) Autoconfiguration IPv4 Address. . : 169.254.0.170(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : DHCPv6 IAID . . . . . . . . . . . : 369107733 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-37-DD-DA-E8-03-9A-9D-4E-63 DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1 fec0:0:0:ffff::2%1 fec0:0:0:ffff::3%1 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller Physical Address. . . . . . . . . : E8-03-9A-9D-4E-63 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Tunnel adapter isatap.{EF589019-EF09-4585-8068-B38719BE845F}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Teredo Tunneling Pseudo-Interface: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Server: UnKnown Address: fec0:0:0:ffff::1 Ping request could not find host google.com. Please check the name and try again. Server: UnKnown Address: fec0:0:0:ffff::1 Ping request could not find host yahoo.com. Please check the name and try again. Pinging 127.0.0.1 with 32 bytes of data: Request timed out. Request timed out. Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 0, Lost = 2 (100% loss), =========================================================================== Interface List 16...64 d4 da 1d 0f 92 ......Intel® Centrino® WiMAX 6250 12...00 23 15 ae 6f 31 ......Microsoft Virtual WiFi Miniport Adapter 11...00 23 15 ae 6f 30 ......Intel® Centrino® Advanced-N 6250 AGN 10...e8 03 9a 9d 4e 63 ......Realtek PCIe GBE Family Controller 1...........................Software Loopback Interface 1 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 169.254.0.0 255.255.0.0 On-link 169.254.0.170 281 169.254.0.170 255.255.255.255 On-link 169.254.0.170 281 169.254.255.255 255.255.255.255 On-link 169.254.0.170 281 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 169.254.0.170 281 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 169.254.0.170 281 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 1 306 ::1/128 On-link 11 281 fe80::/64 On-link 11 281 fe80::d954:f86b:c6c9:aa/128 On-link 1 306 ff00::/8 On-link 11 281 ff00::/8 On-link =========================================================================== Persistent Routes: None ========================= Winsock entries ===================================== Catalog5 01 C:WindowsSysWOW64NLAapi.dll [52224] (Microsoft Corporation) Catalog5 02 C:WindowsSysWOW64napinsp.dll [52224] (Microsoft Corporation) Catalog5 03 C:WindowsSysWOW64pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 04 C:WindowsSysWOW64pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 05 C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [145280] (Microsoft Corp.) Catalog5 06 C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [145280] (Microsoft Corp.) Catalog5 07 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation) Catalog5 08 C:WindowsSysWOW64winrnr.dll [20992] (Microsoft Corporation) Catalog9 01 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation) Catalog9 02 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation) Catalog9 03 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation) Catalog9 04 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation) Catalog9 05 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation) Catalog9 06 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation) Catalog9 07 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation) Catalog9 08 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation) Catalog9 09 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation) Catalog9 10 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation) x64-Catalog5 01 C:WindowsSystem32NLAapi.dll [70656] (Microsoft Corporation) x64-Catalog5 02 C:WindowsSystem32napinsp.dll [68096] (Microsoft Corporation) x64-Catalog5 03 C:WindowsSystem32pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 04 C:WindowsSystem32pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 05 C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [170880] (Microsoft Corp.) x64-Catalog5 06 C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [170880] (Microsoft Corp.) x64-Catalog5 07 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation) x64-Catalog5 08 C:WindowsSystem32winrnr.dll [28672] (Microsoft Corporation) x64-Catalog9 01 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 02 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 03 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 04 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 05 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 06 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 07 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 08 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 09 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 10 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors: ================== Error: (12/10/2012 07:45:19 AM) (Source: Application Error) (User: ) Description: Faulting application name: NvXDSync.exe, version: 7.17.12.6610, time stamp: 0x4d0108c6 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e Exception code: 0xc0000374 Fault offset: 0x00000000000c40f2 Faulting process id: 0x470 Faulting application start time: 0xNvXDSync.exe0 Faulting application path: NvXDSync.exe1 Faulting module path: NvXDSync.exe2 Report Id: NvXDSync.exe3 Error: (12/08/2012 08:49:13 AM) (Source: Application Error) (User: ) Description: Faulting application name: CLMSHardwareTranscode.exe, version: 2.2.0.10510, time stamp: 0x504dcabc Faulting module name: CLMSHardwareTranscode.exe, version: 2.2.0.10510, time stamp: 0x504dcabc Exception code: 0xc0000005 Fault offset: 0x00002415 Faulting process id: 0x1244 Faulting application start time: 0xCLMSHardwareTranscode.exe0 Faulting application path: CLMSHardwareTranscode.exe1 Faulting module path: CLMSHardwareTranscode.exe2 Report Id: CLMSHardwareTranscode.exe3 Error: (12/03/2012 00:10:11 PM) (Source: Application Hang) (User: ) Description: The program iexplore.exe version 9.0.8112.16455 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: e50 Start Time: 01cdd17f7d6f0233 Termination Time: 16 Application Path: C:Program Files (x86)Internet Exploreriexplore.exe Report Id: System errors: ============= Error: (12/10/2012 06:36:55 PM) (Source: DCOM) (User: ) Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C} Error: (12/10/2012 06:36:55 PM) (Source: DCOM) (User: ) Description: {C37BFDB8-9D49-4DCB-8D83-6C34A5FBA8ED} Error: (12/10/2012 06:34:35 PM) (Source: DCOM) (User: ) Description: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (12/10/2012 06:36:50 PM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. Error: (12/10/2012 06:35:50 PM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. Error: (12/10/2012 06:35:50 PM) (Source: Service Control Manager) (User: ) Description: The CyberLink PowerDVD 12 Media Server Service service failed to start due to the following error: %%1053 Error: (12/10/2012 06:35:50 PM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the CyberLink PowerDVD 12 Media Server Service service to connect. Error: (12/10/2012 06:33:50 PM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. Error: (12/10/2012 06:33:17 PM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. Error: (12/10/2012 06:33:14 PM) (Source: Service Control Manager) (User: ) Description: The Security Center service hung on starting. Microsoft Office Sessions: ========================= Error: (12/10/2012 07:45:19 AM) (Source: Application Error)(User: ) Description: NvXDSync.exe7.17.12.66104d0108c6ntdll.dll6.1.7601.177254ec4aa8ec000037400000000000c40f247001cdd6dc873fd261C:Program FilesNVIDIA CorporationDisplayNvXDSync.exeC:WindowsSYSTEM32ntdll.dlld5df44f9-42cf-11e2-9b7f-e8039a9d4e63 Error: (12/08/2012 08:49:13 AM) (Source: Application Error)(User: ) Description: CLMSHardwareTranscode.exe2.2.0.10510504dcabcCLMSHardwareTranscode.exe2.2.0.10510504dcabcc000000500002415124401cdd5532f2b8f4dC:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSHardwareTranscode.exeC:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSHardwareTranscode.exe6de052ec-4146-11e2-a540-e8039a9d4e63 Error: (12/03/2012 00:10:11 PM) (Source: Application Hang)(User: ) Description: iexplore.exe9.0.8112.16455e5001cdd17f7d6f023316C:Program Files (x86)Internet Exploreriexplore.exe CodeIntegrity Errors: =================================== Date: 2012-12-10 18:14:19.280 Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2ComboFixcatchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-10 18:14:19.217 Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2ComboFixcatchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-10 18:14:19.155 Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2ComboFixcatchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-10 18:14:19.108 Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2ComboFixcatchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-03 10:35:21.671 Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2ComboFixcatchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-03 10:35:21.624 Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2ComboFixcatchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-11-20 19:37:29.306 Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume2Program FilesCheckPointZAForceFieldPluginsISWSHEX.dll because the set of per-page image hashes could not be found on the system. Date: 2012-11-20 19:13:35.076 Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume2Program FilesCheckPointZAForceFieldPluginsISWSHEX.dll because the set of per-page image hashes could not be found on the system. Date: 2012-08-02 22:30:41.921 Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume2WindowsSystem32nvoptimusmft.dll because the set of per-page image hashes could not be found on the system. Date: 2012-07-30 12:31:29.110 Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume2WindowsSystem32nvoptimusmft.dll because the set of per-page image hashes could not be found on the system. =========================== Installed Programs ============================ ???? ??? Windows Live (Version: 15.4.3502.0922) ???? Windows Live (Version: 15.4.3502.0922) ?????? ??????? ?? Windows Live (Version: 15.4.3502.0922) ???????? ?? Messenger (Version: 15.4.3502.0922) ???????? ?????????? Windows Live (Version: 15.4.3502.0922) ????????? Messenger (Version: 15.4.3502.0922) ?????????? Windows Live (Version: 15.4.3502.0922) ??????????? ?? Windows Live (Version: 15.4.3502.0922) Adobe AIR (Version: 3.4.0.2540) Adobe Download Assistant (Version: 1.2.2) Adobe Flash Player 11 ActiveX (Version: 11.4.402.287) Adobe Flash Player 11 Plugin (Version: 11.5.502.110) Adobe Reader X (10.1.4) (Version: 10.1.4) Agatha Christie - Death on the Nile (Version: 2.2.0.82) All Sound Recorder 1.78 „Messenger“ pagalbine priemone (Version: 15.4.3502.0922) Angry Birds Space (Version: 1.3.0) AnyDVD (Version: 7.1.2.0) Apple Application Support (Version: 2.3) Apple Software Update (Version: 2.1.3.127) ASPCA Reminder by We-Care.com v4.1.17.1 (Version: 4.1.17.1) Audacity 2.0 AVerMedia C039 USB Capture Card 10.2.64.51 (Version: 10.2.64.51) AVS Update Manager 1.0 AVS Video Converter 8 AVS4YOU Software Navigator 1.4 „Windows Live Essentials“ (Version: 15.4.3502.0922) „Windows Live Mail“ (Version: 15.4.3502.0922) „Windows Live Messenger“ (Version: 15.4.3502.0922) „Windows Live“ fotogalerija (Version: 15.4.3502.0922) Bad Piggies (Version: 1.0.0) BatteryLifeExtender (Version: 1.0.11) Battle vs. Chess (Version: 1.0) Bejeweled 2 Deluxe (Version: 2.2.0.95) Best Buy pc app (Version: 3.0.0.0) Bing Bar (Version: 7.1.361.0) Bing Rewards Client Installer (Version: 16.0.345.0) Brain Train Age V3.91 Brutal Chess Build-a-lot (Version: 2.2.0.82) ChargeableUSB (Version: 1.0.0.0) Chessmaster 9000 Chessmaster Grandmaster Edition (Version: 1.00.0000) Chuzzle Deluxe (Version: 2.2.0.82) CloneDVD2 (Version: 2.9.3.0) Codec (Version: 1.0) Complemento Messenger (Version: 15.4.3502.0922) Complément Messenger (Version: 15.4.3502.0922) ConverterLite 1.6.1 (Version: 1.6.1) CyberLink MediaShow (Version: 5.0.1130a) CyberLink PhotoNow (Version: 1.1.6904) CyberLink Power2Go (Version: 6.1.3802) CyberLink PowerDirector (Version: 8.0.2718a) CyberLink PowerDVD 12 (Version: 12.0.2118a.57) CyberLink PowerProducer (Version: 5.0.2.2429) CyberLink YouCam (Version: 3.1.3509) D3DX10 (Version: 15.4.2368.0902) Diner Dash 2 Restaurant Rescue (Version: 2.2.0.82) Doplnok programu Messenger (Version: 15.4.3502.0922) DVD Shrink 3.2 DVD Shrink version 4.1 (Version: 4.1) DVDFab 8.2.1.5 (10/10/2012) Qt DVDneXtCOPYneXtTech DVDStyler v2.3 Easy Content Share (Version: 1.0) Easy Display Manager (Version: 3.2) Easy Migration (Version: 1.0) Easy Network Manager (Version: 4.4.7) Easy SpeedUp Manager (Version: 2.1.1.1) EasyBatteryManager (Version: 4.0.0.4) EasyFileShare (Version: 1.0.11) ETDWare PS/2-X64 8.0.7.2_WHQL (Version: 8.0.7.2) Farm Frenzy (Version: 2.2.0.82) Fast Start (Version: 2.2.0.0) Fotogalerija Windows Live (Version: 15.4.3502.0922) Free Sound Recorder v9.3.1 Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922) Galeria fotografii uslugi Windows Live (Version: 15.4.3502.0922) Galerie de photos Windows Live (Version: 15.4.3502.0922) Galerie foto Windows Live (Version: 15.4.3502.0922) Galería fotográfica de Windows Live (Version: 15.4.3502.0922) GIMP 2.8.2 (Version: 2.8.2) GoforFiles (Version: 1.2.0) Graboid Video 3.28 (Version: 3.28) Insaniquarium Deluxe (Version: 2.2.0.82) Intel PROSet Wireless Intel WiMAX Tutorial (Version: 1.5.3.1) Intel® Control Center (Version: 1.2.1.1007) Intel® Management Engine Components (Version: 7.0.0.1118) Intel® Processor Graphics (Version: 8.15.10.2253) Intel® PROSet/Wireless WiFi Software (Version: 14.0.2000) Intel® Rapid Storage Technology (Version: 10.0.0.1046) Intel® Wireless Display Intel® Wireless Display (Version: 2.0.27.0) Intel® PROSet/Wireless WiMAX Software (Version: 6.05.0000) Internet Download Manager Java 7 Update 9 (Version: 7.0.90) Java Auto Updater (Version: 2.1.9.0) John Deere Drive Green (Version: 2.2.0.82) Junk Mail filter update (Version: 15.4.3502.0922) Kurzweil 3000 v.10 (Version: 10.00.0000) Magic ISO Maker v5.4 (build 0239) MagicDisc 2.7.106 Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000) Mesh Runtime (Version: 15.4.5722.2) Messenger-kumppani (Version: 15.4.3502.0922) Messenger ??? ?? (Version: 15.4.3502.0922) Messenger ???? (Version: 15.4.3502.0922) Messenger ????? (Version: 15.4.3502.0922) Messenger Assistent (Version: 15.4.3502.0922) Messenger Companion (Version: 15.4.3502.0922) Messenger kíséro (Version: 15.4.3502.0922) Messenger Pratilac (Version: 15.4.3502.0922) Messenger Suradnik (Version: 15.4.3502.0922) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Games for Windows - LIVE (Version: 3.3.24.0) Microsoft Games for Windows - LIVE Redistributable (Version: 3.2.3.0) Microsoft Office 2010 (Version: 14.0.4763.1000) Microsoft Silverlight (Version: 5.1.10411.0) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000) Microsoft Text-to-Speech Engine 4.0 (English) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Movie Color Enhancer (Version: 1.0) Mozilla Firefox 17.0.1 (x86 en-US) (Version: 17.0.1) Mozilla Maintenance Service (Version: 17.0.1) MSVCRT (Version: 15.4.2862.0708) MSVCRT_amd64 (Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) Multimedia POP (Version: 1.1) NaturalReaderFree (Version: 11) NVIDIA Control Panel 266.10 (Version: 266.10) NVIDIA Graphics Driver 266.10 (Version: 266.10) NVIDIA Install Application (Version: 2.265.34.0) NVIDIA Optimus 1.0.11 (Version: 1.0.11) NVIDIA Update Components (Version: 1.0.11) Peggle (Version: 2.2.0.82) Penguins! (Version: 2.2.0.82) Pirate101 (Version: 1.0.0) Plants vs. Zombies (Version: 2.2.0.82) Poczta uslugi Windows Live (Version: 15.4.3502.0922) Podstawowe programy Windows Live (Version: 15.4.3502.0922) Polar Golfer (Version: 2.2.0.82) Pomocnik Messenger (Version: 15.4.3502.0922) Pošta Windows Live (Version: 15.4.3502.0922) QuickTime (Version: 7.73.80.64) Raccolta foto di Windows Live (Version: 15.4.3502.0922) Realtek Ethernet Controller Driver (Version: 7.46.610.2011) Realtek High Definition Audio Driver (Version: 6.0.1.6257) Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.26.0) S?????? f?t???af??? t?? Windows Live (Version: 15.4.3502.0922) Samsung AnyWeb Print (Version: 1.0) Samsung AnyWeb Print (Version: 1.1.21.0) Samsung Recovery Solution 5 (Version: 5.0.0.8) Samsung Support Center (Version: 1.1.21) Samsung Universal Print Driver (Version: 2.01.06.00:16) Samsung Universal Scan Driver (Version: 1.2.1.0) Samsung Update Plus (Version: 3.0.0.17) Skype™ 5.10 (Version: 5.10.116) SlimDrivers (Version: 2.2.24428) Smart Defrag 2 (Version: 2.6) Smart Driver Updater v3.0 (Version: 3.0) SmartSound Quicktracks Plugin (Version: 3.0.2.7) Spotify (Version: 0.8.5.1333.g822e0de8) Spremljevalec Messenger (Version: 15.4.3502.0922) SRS Premium Sound Control Panel (Version: 1.10.1000) The Ringtone Maker v5.2.9 (Version: 5.2.9.110) Ulead VideoStudio 10 (Version: 10.0) Ulead VideoStudio SE DVD (Version: 10.0) UMPlayer 0.98 [P4] (Version: 0.98) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) USB2.0 Grabber (Version: 7.12.000.002) User Guide (Version: 1.0) Link to comment Share on other sites More sharing options...
JonTom Posted December 11, 2012 Share Posted December 11, 2012 Hello goofy1139 Thank you for the logs. We are going to have to try and troubleshoot exactly what is causing your connection issues. Lets begin with the following: Please run your Zonealarm uninstaller program. The program can probably be accessed from Programs on your Start Menu. If you do not see it listed there, please navigate to the following locations and see if the uninstaller is present: C:\Program Files\CheckPoint\ZAForceField and: C:\Program Files (x86)\CheckPoint\ZoneAlarm If the uninstaller is listed in either one of those folders, please run it, then rescan your machine with Farbar's Recovery Scan Tool. Post the new FRST log in your next reply and let me know if you are now able to connect to the net. NOTE please be very careful to keep your browsing to a minimum while zonealarm is uninstalled. Link to comment Share on other sites More sharing options...
goofy1139 Posted December 11, 2012 Author Share Posted December 11, 2012 Hello JonTom, The only uninstaller I found and ran was in C:Program FilesCheckPointZAForceField Here is the log Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2012 Ran by SYSTEM at 11-12-2012 09:59:00 Running from F: Windows 7 Home Premium (X64) OS Language: English(US) The current controlset is ControlSet001 ==================== Registry (Whitelisted) =================== HKLM...Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s [11660904 2010-11-30] (Realtek Semiconductor) HKLM...Run: [intelWireless] "C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe" /tf Intel Wireless Tray [1933584 2011-01-04] (Intel® Corporation) HKLM...Run: [ETDCtrl] %ProgramFiles%ElantechETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.) HKLM...Run: [intelWirelessWiMAX] "C:Program FilesIntelWiMAXBinWiMAXCU.exe" /tasktray /nosplash [1622016 2011-06-02] (Intel® Corporation) HKLM-x32...Run: [CLMLServer] "C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe" [103720 2009-11-01] (CyberLink) HKLM-x32...Run: [samsung PanelMgr] C:WindowsSamsungPanelMgrSSMMgr.exe /autorun [618496 2010-06-07] () HKLM-x32...Run: [uVS10 Preload] C:Program Files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe [36864 2006-03-06] (Ulead Systems, Inc.) HKLM-x32...Run: [updatePPShortCut] "C:Program Files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" "C:Program Files (x86)CyberLinkPowerProducer" UpdateWithCreateOnce "SoftwareCyberLinkPowerProducer5.0" [222504 2009-05-19] (CyberLink Corp.) HKLM-x32...Run: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated) HKLM-x32...Run: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM-x32...Run: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [59280 2012-10-11] (Apple Inc.) HKLM-x32...Run: [PowerDVD12DMREngine] "C:Program Files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [505872 2012-09-18] (CyberLink) HKLM-x32...Run: [PowerDVD12Agent] "C:Program Files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [374560 2012-09-18] (CyberLink Corp.) HKLM-x32...Run: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.) HKUOwner...Run: [iDMan] C:New folder (2)Internet Download Manager v6.11. 8.1 (IDM) +Crack + Key [h33t][iahq76]IDMan.exe /onboot [3220912 2010-05-26] (Tonec Inc.) HKUOwner...Run: [Xvid] C:Program Files (x86)XvidCheckUpdate.exe [8192 2011-01-17] () HKUOwner...Run: [AnyDVD] C:Program Files (x86)SlySoftAnyDVDAnyDVDtray.exe [6663840 2012-11-23] (SlySoft, Inc.) AppInit_DLLs: C:WindowsSystem32nvinitx.dll Startup: C:UsersOwnerStart MenuProgramsStartupMagicDisc.lnk ShortcutTarget: MagicDisc.lnk -> C:Program Files (x86)MagicDiscMagicDisc.exe (MagicISO, Inc.) ==================== Services (Whitelisted) =================== 2 CLHNServiceForPowerDVD12; C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [90640 2012-09-18] (CyberLink Corp.) 2 CyberLink PowerDVD 12 Media Server Monitor Service; "C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe" [78352 2012-09-18] (CyberLink) 2 CyberLink PowerDVD 12 Media Server Service; "C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe" [295440 2012-09-18] (CyberLink) 2 MBAMScheduler; "C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation) 2 MBAMService; "C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe" [676936 2012-09-29] (Malwarebytes Corporation) 3 MyWiFiDHCPDNS; C:Program FilesIntelWiFibinPanDhcpDns.exe [340240 2011-01-04] () 2 nlsX86cc; "C:WindowsSysWOW64nlssrv32.exe" [66560 2010-11-22] (Nalpeiron Ltd.) 2 RichVideo; "C:Program Files (x86)CyberLinkShared filesRichVideo.exe" [244904 2009-11-30] () 2 vsmon; C:Program Files (x86)CheckPointZoneAlarmvsmon.exe -service [2447440 2012-10-09] (Check Point Software Technologies LTD) ==================== Drivers (Whitelisted) ===================== 3 AnyDVD; C:WindowsSystem32DriversAnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.) 3 AnyDVD; C:WindowsSysWow64DriversAnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.) 3 AVerPola; C:WindowsSystem32DriversAVerPola.sys [534144 2011-01-03] (AVerMedia TECHNOLOGIES, Inc.) 1 avgtp; ??C:Windowssystem32driversavgtpx64.sys [30568 2012-11-14] (AVG Technologies) 0 KL1; C:WindowsSystem32DriversKL1.sys [460888 2012-01-09] (Kaspersky Lab ZAO) 1 kl2; C:WindowsSystem32Driverskl2.sys [11864 2012-01-09] (Kaspersky Lab ZAO) 1 KLIF; C:WindowsSystem32DriversKLIF.sys [485680 2012-01-09] (Kaspersky Lab) 3 MBAMProtector; ??C:Windowssystem32driversmbam.sys [25928 2012-09-29] (Malwarebytes Corporation) 2 ntk_PowerDVD12; ??C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.) 0 SmartDefragDriver; C:WindowsSystem32DriversSmartDefragDriver.sys [17720 2010-11-26] () 3 StkCMini; C:WindowsSystem32DriversStkCMini.sys [1816968 2010-04-16] (Syntek) 3 SWDUMon; C:WindowsSystem32DriversSWDUMon.sys [15712 2012-12-11] () 1 Vsdatant; C:WindowsSystem32DriversVsdatant.sys [454232 2011-05-07] (Check Point Software Technologies LTD) 2 {73526619-C24F-470B-9BED-53D455FBB5C6}; ??C:Program Files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [147704 2012-09-19] (CyberLink Corp.) 3 catchme; ??C:ComboFixcatchme.sys [x] ==================== NetSvcs (Whitelisted) ==================== ==================== One Month Created Files and Folders ======== 2012-12-11 07:50 - 2012-12-11 07:50 - 00000048 ____A C:WindowsAE0F15C41BFB83F3.log 2012-12-11 07:47 - 2012-12-11 06:17 - 01461029 ____A (Farbar) C:UsersOwnerDesktopFRST64.exe 2012-12-10 18:40 - 2012-12-10 18:41 - 00030347 ____A C:UsersOwnerDesktopResult.txt 2012-12-10 18:38 - 2012-12-08 12:46 - 00752213 ____A (Farbar) C:UsersOwnerDesktopMiniToolBox.exe 2012-12-10 18:31 - 2012-12-10 18:31 - 00031862 ____A C:UsersOwnerDesktop12-10-12test.txt 2012-12-10 16:42 - 2012-12-10 16:42 - 00031862 ____A C:ComboFix.txt 2012-12-10 16:12 - 2012-12-10 16:12 - 00001302 ____A C:CF-Submit.htm 2012-12-10 16:11 - 2012-12-10 18:26 - 00000000 ____D C:ComboFix 2012-12-10 07:12 - 2012-12-10 07:12 - 00000000 ____D C:FRACTURE EXTRAS 2012-12-09 06:52 - 2012-12-09 06:52 - 00000000 ____D C:UsersOwnerDesktopNew Folder 2012-12-09 06:25 - 2012-12-09 06:26 - 00000000 ____D C:UsersOwnerDesktopcf 2012-12-07 15:51 - 2012-12-07 15:51 - 00089974 ____A C:UsersOwnerDesktopIce Age_ Continental Drift.pds 2012-12-07 14:15 - 2012-12-07 14:15 - 00089950 ____A C:UsersOwnerDocumentsicemp4.pds 2012-12-07 13:56 - 2012-12-07 14:13 - 465468200 ____A C:UsersOwnerDocumentsProduce.mp4 2012-12-07 13:56 - 2012-12-07 13:56 - 00003539 ____A C:UsersOwnerDocumentsProduce.THM 2012-12-06 10:30 - 2012-12-06 10:30 - 00000000 ____D C:UsersOwnerDesktopSTEPPENWOLF 2012-12-05 15:46 - 2012-12-05 15:42 - 01995672 ____A (Driver Whiz) C:UsersOwnerDesktopDriverwhiz_2.exe 2012-12-05 09:06 - 2012-12-05 09:06 - 00001147 ____A C:UsersPublicDesktopMozilla Firefox.lnk 2012-12-05 09:02 - 2012-12-05 09:03 - 00002323 ____A C:UsersOwnerDesktopFSS.txt 2012-12-05 09:00 - 2012-12-05 05:44 - 00696153 ____A (Farbar) C:UsersOwnerDesktopFSS.exe 2012-12-04 09:49 - 2012-12-04 09:49 - 00000324 ____A C:UsersOwnerDesktopmessup.txt 2012-12-04 05:48 - 2012-12-04 05:48 - 00001724 ____A C:AdwCleaner[s6].txt 2012-12-03 09:38 - 2012-12-03 09:38 - 00032483 ____A C:UsersOwnerDesktopx.txt 2012-12-03 08:27 - 2011-06-25 22:45 - 00256000 ____A C:WindowsPEV.exe 2012-12-03 08:27 - 2010-11-07 09:20 - 00208896 ____A C:WindowsMBR.exe 2012-12-03 08:27 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:WindowsNIRCMD.exe 2012-12-03 08:27 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:WindowsSWREG.exe 2012-12-03 08:27 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:WindowsSWSC.exe 2012-12-03 08:27 - 2000-08-30 16:00 - 00098816 ____A C:Windowssed.exe 2012-12-03 08:27 - 2000-08-30 16:00 - 00080412 ____A C:Windowsgrep.exe 2012-12-03 08:27 - 2000-08-30 16:00 - 00068096 ____A C:Windowszip.exe 2012-12-03 08:24 - 2012-12-10 18:26 - 00000000 ____D C:Qoobox 2012-12-03 08:23 - 2012-12-03 09:06 - 00000000 ____D C:Windowserdnt 2012-12-03 05:40 - 2012-12-03 05:41 - 05009299 ____R (Swearware) C:UsersOwnerDesktopComboFix.exe 2012-12-02 18:48 - 2012-12-02 14:45 - 00856731 ____A C:UsersOwnerDesktopSecurityCheck.exe 2012-12-02 18:40 - 2012-12-02 18:40 - 00000490 ____A C:UsersOwnerDesktopcomp websites.txt 2012-12-01 11:47 - 2012-12-01 11:47 - 00011384 ____A C:UsersOwnerDesktopJRT.txt 2012-11-30 07:39 - 2012-11-30 13:47 - 00001109 ____A C:UsersPublicDesktopMalwarebytes Anti-Malware.lnk 2012-11-30 07:39 - 2012-11-30 13:47 - 00000000 ____D C:Program Files (x86)Malwarebytes' Anti-Malware 2012-11-30 07:39 - 2012-09-29 17:54 - 00025928 ____A (Malwarebytes Corporation) C:WindowsSystem32Driversmbam.sys 2012-11-30 06:16 - 2012-11-30 06:16 - 00000000 ____D C:WindowsERUNT 2012-11-30 06:15 - 2012-12-05 17:06 - 00000000 ____D C:JRT 2012-11-30 06:15 - 2012-12-01 11:43 - 00000347 ____A C:UsersOwnerDownloadsaskregvalue_x64.dat 2012-11-30 05:50 - 2012-11-30 05:53 - 00000000 ____D C:UsersOwnerDesktopmark new comp stuff 2012-11-30 05:50 - 2012-11-30 04:16 - 10669952 ____A (Malwarebytes Corporation ) C:UsersOwnerDesktopmbam-setup-1.65.1.1000.exe 2012-11-30 05:50 - 2012-11-30 04:15 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.com 2012-11-30 05:50 - 2012-11-30 04:12 - 00912454 ____A C:UsersOwnerDesktopJRT.exe 2012-11-30 05:50 - 2012-11-30 04:10 - 00448512 ___RA (OldTimer Tools) C:UsersOwnerDesktopTFC.exe 2012-11-27 09:18 - 2012-11-27 09:18 - 00000000 ____D C:FRST 2012-11-25 12:29 - 2012-11-25 07:22 - 04732416 ____A (AVAST Software) C:UsersOwnerDesktopaswMBR.exe 2012-11-25 11:14 - 2012-11-28 08:04 - 00000000 ____D C:UsersOwnerDesktopfor marks computer 2012-11-25 11:14 - 2012-11-25 08:06 - 00011464 ____A C:UsersOwnerDesktophelp1.txt 2012-11-25 11:14 - 2012-11-25 07:36 - 00027239 ____A C:UsersOwnerDesktopcomp help 2012-11-25 11:14 - 2012-11-25 07:18 - 00602112 ____A C:UsersOwnerDesktopOTL.exe 2012-11-25 11:08 - 2012-11-25 11:08 - 00000732 ____A C:UsersOwnerDesktopfor marks computer - Shortcut.lnk 2012-11-24 14:56 - 2012-11-24 14:56 - 00001236 ____A C:AdwCleaner[s5].txt 2012-11-24 14:52 - 2012-11-24 18:05 - 00001181 ____A C:UsersOwnerDesktopDesinstaller_HOSTS_Anti-PUPs.lnk 2012-11-24 14:40 - 2012-11-24 14:40 - 00001157 ____A C:AdwCleaner[s4].txt 2012-11-24 07:07 - 2012-11-24 07:08 - 00001096 ____A C:AdwCleaner[s3].txt 2012-11-24 06:58 - 2011-05-30 05:42 - 00255488 ____A C:WindowsSystem32xvidvfw.dll 2012-11-24 06:58 - 2011-05-30 05:42 - 00240640 ____A C:WindowsSysWOW64xvidvfw.dll 2012-11-24 06:58 - 2011-05-23 01:52 - 00153088 ____A C:WindowsSysWOW64xvid.ax 2012-11-24 06:58 - 2011-05-22 23:49 - 00173568 ____A C:WindowsSystem32xvid.ax 2012-11-24 06:58 - 2011-05-22 23:46 - 00645632 ____A C:WindowsSysWOW64xvidcore.dll 2012-11-24 06:58 - 2011-05-22 23:45 - 00696832 ____A C:WindowsSystem32xvidcore.dll 2012-11-24 06:57 - 2012-11-24 06:57 - 00000000 ____D C:UsersOwner.bitrock 2012-11-24 06:54 - 2012-11-24 06:54 - 00001550 ____A C:AdwCleaner[s2].txt 2012-11-23 17:49 - 2012-11-24 06:58 - 00000000 ____D C:Program Files (x86)Xvid 2012-11-23 14:53 - 2012-11-23 14:53 - 00051166 ____A C:UsersOwnerDocumentsAdwCleaner[s1]1.txt 2012-11-23 14:31 - 2012-11-23 14:32 - 00051166 ____A C:AdwCleaner[s1].txt 2012-11-23 14:27 - 2012-11-23 14:27 - 00543531 ____A C:UsersOwnerDesktopAdwCleaner.exe 2012-11-23 06:52 - 2012-11-23 06:52 - 00009544 ____A C:UsersOwnerDesktopbridesmaids unrated.pds 2012-11-21 11:11 - 2012-12-01 12:03 - 00025658 ____A C:UsersOwnerDesktopdds.txt 2012-11-21 11:11 - 2012-12-01 12:03 - 00010123 ____A C:UsersOwnerDesktopattach.txt 2012-11-21 10:48 - 2010-11-26 15:02 - 00017720 ____A C:WindowsSystem32DriversSmartDefragDriver.sys 2012-11-21 07:29 - 2012-11-21 07:29 - 02213976 ____A (Kaspersky Lab ZAO) C:UsersOwnerDesktoptdsskiller.exe 2012-11-21 07:26 - 2012-11-21 07:26 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.EXE 2012-11-21 06:18 - 2012-11-21 06:18 - 00169816 ____A (Microsoft Corporation) C:UsersOwnerDownloadsMeadCo_Neptune.exe 2012-11-21 06:17 - 2012-11-21 06:19 - 00000000 ____D C:Program Files (x86)MeadCo Neptune 2012-11-20 14:22 - 2012-11-21 05:17 - 00415934 ____A C:WindowsSystem32Driversvsconfig.xml 2012-11-20 14:21 - 2012-01-09 16:59 - 00460888 ____A (Kaspersky Lab ZAO) C:WindowsSystem32Driverskl1.sys 2012-11-20 14:21 - 2012-01-09 16:59 - 00011864 ____A (Kaspersky Lab ZAO) C:WindowsSystem32Driverskl2.sys 2012-11-20 14:16 - 2012-11-20 14:16 - 00000762 ____A C:UsersPublicDesktopZoneAlarm Security.lnk 2012-11-20 14:16 - 2012-11-20 14:16 - 00000000 ____D C:UsersOwnerDocumentsForceField Shared Files 2012-11-20 14:16 - 2012-01-09 16:59 - 00485680 ____A (Kaspersky Lab) C:WindowsSystem32Driversklif.sys 2012-11-20 14:15 - 2012-11-20 14:15 - 00000000 ____D C:UsersOwnerAppDataRoamingCheckPoint 2012-11-20 14:14 - 2012-11-20 14:14 - 00000000 ____D C:Program FilesCheckPoint 2012-11-20 13:46 - 2012-11-20 14:16 - 00000000 ____D C:Program Files (x86)CheckPoint 2012-11-20 13:46 - 2012-11-20 13:46 - 00000000 ____D C:UsersAll UsersCheckPoint 2012-11-20 13:00 - 2012-12-11 06:28 - 00030712 ____A C:WindowsPFRO.log 2012-11-20 10:23 - 2012-11-20 10:23 - 00000000 ____D C:UsersOwnerAppDataRoamingMalwarebytes 2012-11-20 10:22 - 2012-11-20 10:22 - 00000000 ____D C:UsersAll UsersMalwarebytes 2012-11-20 08:27 - 2012-11-20 08:27 - 00000000 ____D C:UsersAll UsersPCPitstop 2012-11-20 08:25 - 2012-11-21 07:57 - 00000000 ____D C:Program Files (x86)PCPitstop 2012-11-20 03:53 - 2012-11-20 03:53 - 00000000 ____D C:UsersOwnerAppDataRoamingConverterLite 2012-11-20 03:36 - 2012-11-20 03:36 - 00000000 ____D C:UsersOwnerDocumentsMy Video 2012-11-19 19:27 - 2012-11-19 19:27 - 00010486 ____A C:UsersOwnerDesktopkill bill.pds 2012-11-19 17:03 - 2012-11-19 17:03 - 00000000 ____D C:UsersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012) 2012-11-19 12:16 - 2012-11-19 12:16 - 00181636 ____A C:UsersOwnerDesktopdisk music.pds 2012-11-19 11:25 - 2012-11-19 11:25 - 00001019 ____A C:UsersUpdatusUserDesktopARWizard3.lnk 2012-11-17 18:29 - 2012-11-17 18:29 - 00157793 ____A C:UsersOwnerDesktopbeer.pds 2012-11-17 13:25 - 2012-11-17 13:25 - 00001374 ____A C:UsersOwnerAppDataLocalrecently-used.xbel 2012-11-17 13:22 - 2012-11-17 13:22 - 00000000 ____D C:UsersOwner.thumbnails 2012-11-17 13:20 - 2012-11-17 13:38 - 00000000 ____D C:UsersOwner.gimp-2.8 2012-11-17 13:20 - 2012-11-17 13:20 - 00000000 ____D C:UsersOwnerAppDataLocalgegl-0.2 2012-11-17 13:18 - 2012-11-17 13:19 - 00000000 ____D C:Program FilesGIMP 2 2012-11-17 12:01 - 2012-11-17 12:01 - 01555254 ____A C:UsersOwnerDocumentsSnapshot.bmp 2012-11-17 11:20 - 2012-11-17 11:41 - 3152334848 ____A C:UsersOwnerDesktopBottoms Up.mpg 2012-11-17 10:47 - 2012-11-17 10:47 - 00054406 ____A C:UsersOwnerDesktopbottom.pds 2012-11-17 09:59 - 2012-10-03 09:56 - 01914248 ____A (Microsoft Corporation) C:WindowsSystem32Driverstcpip.sys 2012-11-17 09:59 - 2012-10-03 09:44 - 00303104 ____A (Microsoft Corporation) C:WindowsSystem32nlasvc.dll 2012-11-17 09:59 - 2012-10-03 09:44 - 00246272 ____A (Microsoft Corporation) C:WindowsSystem32netcorehc.dll 2012-11-17 09:59 - 2012-10-03 09:44 - 00216576 ____A (Microsoft Corporation) C:WindowsSystem32ncsi.dll 2012-11-17 09:59 - 2012-10-03 09:44 - 00070656 ____A (Microsoft Corporation) C:WindowsSystem32nlaapi.dll 2012-11-17 09:59 - 2012-10-03 09:44 - 00018944 ____A (Microsoft Corporation) C:WindowsSystem32netevent.dll 2012-11-17 09:59 - 2012-10-03 09:42 - 00569344 ____A (Microsoft Corporation) C:WindowsSystem32iphlpsvc.dll 2012-11-17 09:59 - 2012-10-03 08:42 - 00175104 ____A (Microsoft Corporation) C:WindowsSysWOW64netcorehc.dll 2012-11-17 09:59 - 2012-10-03 08:42 - 00156672 ____A (Microsoft Corporation) C:WindowsSysWOW64ncsi.dll 2012-11-17 09:59 - 2012-10-03 08:42 - 00018944 ____A (Microsoft Corporation) C:WindowsSysWOW64netevent.dll 2012-11-17 09:59 - 2012-10-03 08:07 - 00045568 ____A (Microsoft Corporation) C:WindowsSystem32Driverstcpipreg.sys 2012-11-17 09:59 - 2012-01-12 23:12 - 00052224 ____A (Microsoft Corporation) C:WindowsSysWOW64nlaapi.dll 2012-11-16 15:54 - 2012-11-16 16:52 - 1609062400 ____A C:UsersOwnerDocumentsbottoms up.mpg 2012-11-16 03:37 - 2012-12-11 07:49 - 00005442 ____A C:Windowssetupact.log 2012-11-16 03:37 - 2012-11-16 03:37 - 00000000 ____A C:Windowssetuperr.log 2012-11-15 18:35 - 2012-07-25 20:55 - 00785512 ____A (Microsoft Corporation) C:WindowsSystem32DriversWdf01000.sys 2012-11-15 18:35 - 2012-07-25 20:55 - 00054376 ____A (Microsoft Corporation) C:WindowsSystem32DriversWdfLdr.sys 2012-11-15 18:35 - 2012-07-25 18:36 - 00009728 ____A (Microsoft Corporation) C:WindowsSystem32Wdfres.dll 2012-11-15 18:35 - 2012-06-02 06:35 - 00000003 ____A C:WindowsSystem32DriversMsftWdf_Kernel_01011_Inbox_Critical.Wdf 2012-11-15 18:30 - 2012-10-08 04:19 - 17811968 ____A (Microsoft Corporation) C:WindowsSystem32mshtml.dll 2012-11-15 18:30 - 2012-10-08 03:42 - 10925568 ____A (Microsoft Corporation) C:WindowsSystem32ieframe.dll 2012-11-15 18:30 - 2012-10-08 03:31 - 02312704 ____A (Microsoft Corporation) C:WindowsSystem32jscript9.dll 2012-11-15 18:30 - 2012-10-08 03:24 - 01346048 ____A (Microsoft Corporation) C:WindowsSystem32urlmon.dll 2012-11-15 18:30 - 2012-10-08 03:23 - 01392128 ____A (Microsoft Corporation) C:WindowsSystem32wininet.dll 2012-11-15 18:30 - 2012-10-08 03:22 - 01494528 ____A (Microsoft Corporation) C:WindowsSystem32inetcpl.cpl 2012-11-15 18:30 - 2012-10-08 03:22 - 00237056 ____A (Microsoft Corporation) C:WindowsSystem32url.dll 2012-11-15 18:30 - 2012-10-08 03:20 - 00085504 ____A (Microsoft Corporation) C:WindowsSystem32jsproxy.dll 2012-11-15 18:30 - 2012-10-08 03:18 - 00173056 ____A (Microsoft Corporation) C:WindowsSystem32ieUnatt.exe 2012-11-15 18:30 - 2012-10-08 03:17 - 00816640 ____A (Microsoft Corporation) C:WindowsSystem32jscript.dll 2012-11-15 18:30 - 2012-10-08 03:17 - 00599040 ____A (Microsoft Corporation) C:WindowsSystem32vbscript.dll 2012-11-15 18:30 - 2012-10-08 03:15 - 02144768 ____A (Microsoft Corporation) C:WindowsSystem32iertutil.dll 2012-11-15 18:30 - 2012-10-08 03:15 - 00729088 ____A (Microsoft Corporation) C:WindowsSystem32msfeeds.dll 2012-11-15 18:30 - 2012-10-08 03:13 - 02382848 ____A (Microsoft Corporation) C:WindowsSystem32mshtml.tlb 2012-11-15 18:30 - 2012-10-08 03:13 - 00096768 ____A (Microsoft Corporation) C:WindowsSystem32mshtmled.dll 2012-11-15 18:30 - 2012-10-08 03:09 - 00248320 ____A (Microsoft Corporation) C:WindowsSystem32ieui.dll 2012-11-15 18:30 - 2012-10-08 00:28 - 12320768 ____A (Microsoft Corporation) C:WindowsSysWOW64mshtml.dll 2012-11-15 18:30 - 2012-10-08 00:02 - 09738240 ____A (Microsoft Corporation) C:WindowsSysWOW64ieframe.dll 2012-11-15 18:30 - 2012-10-07 23:56 - 01800704 ____A (Microsoft Corporation) C:WindowsSysWOW64jscript9.dll 2012-11-15 18:30 - 2012-10-07 23:48 - 01129472 ____A (Microsoft Corporation) C:WindowsSysWOW64wininet.dll 2012-11-15 18:30 - 2012-10-07 23:48 - 01103872 ____A (Microsoft Corporation) C:WindowsSysWOW64urlmon.dll 2012-11-15 18:30 - 2012-10-07 23:47 - 01427968 ____A (Microsoft Corporation) C:WindowsSysWOW64inetcpl.cpl 2012-11-15 18:30 - 2012-10-07 23:46 - 00231936 ____A (Microsoft Corporation) C:WindowsSysWOW64url.dll 2012-11-15 18:30 - 2012-10-07 23:45 - 00065024 ____A (Microsoft Corporation) C:WindowsSysWOW64jsproxy.dll 2012-11-15 18:30 - 2012-10-07 23:44 - 00142848 ____A (Microsoft Corporation) C:WindowsSysWOW64ieUnatt.exe 2012-11-15 18:30 - 2012-10-07 23:43 - 00717824 ____A (Microsoft Corporation) C:WindowsSysWOW64jscript.dll 2012-11-15 18:30 - 2012-10-07 23:43 - 00420864 ____A (Microsoft Corporation) C:WindowsSysWOW64vbscript.dll 2012-11-15 18:30 - 2012-10-07 23:42 - 00607744 ____A (Microsoft Corporation) C:WindowsSysWOW64msfeeds.dll 2012-11-15 18:30 - 2012-10-07 23:41 - 01793024 ____A (Microsoft Corporation) C:WindowsSysWOW64iertutil.dll 2012-11-15 18:30 - 2012-10-07 23:41 - 00073216 ____A (Microsoft Corporation) C:WindowsSysWOW64mshtmled.dll 2012-11-15 18:30 - 2012-10-07 23:40 - 02382848 ____A (Microsoft Corporation) C:WindowsSysWOW64mshtml.tlb 2012-11-15 18:30 - 2012-10-07 23:37 - 00176640 ____A (Microsoft Corporation) C:WindowsSysWOW64ieui.dll 2012-11-15 18:29 - 2012-07-25 19:08 - 00744448 ____A (Microsoft Corporation) C:WindowsSystem32WUDFx.dll 2012-11-15 18:29 - 2012-07-25 19:08 - 00229888 ____A (Microsoft Corporation) C:WindowsSystem32WUDFHost.exe 2012-11-15 18:29 - 2012-07-25 19:08 - 00194048 ____A (Microsoft Corporation) C:WindowsSystem32WUDFPlatform.dll 2012-11-15 18:29 - 2012-07-25 19:08 - 00084992 ____A (Microsoft Corporation) C:WindowsSystem32WUDFSvc.dll 2012-11-15 18:29 - 2012-07-25 19:08 - 00045056 ____A (Microsoft Corporation) C:WindowsSystem32WUDFCoinstaller.dll 2012-11-15 18:29 - 2012-07-25 18:26 - 00198656 ____A (Microsoft Corporation) C:WindowsSystem32DriversWUDFRd.sys 2012-11-15 18:29 - 2012-07-25 18:26 - 00087040 ____A (Microsoft Corporation) C:WindowsSystem32DriversWUDFPf.sys 2012-11-15 18:29 - 2012-06-02 06:57 - 00000003 ____A C:WindowsSystem32DriversMsftWdf_User_01_11_00_Inbox_Critical.Wdf 2012-11-15 18:15 - 2012-11-15 18:15 - 00001845 ____A C:UsersPublicDesktopQuickTime Player.lnk 2012-11-15 18:15 - 2012-11-15 18:15 - 00000000 ____D C:Program Files (x86)QuickTime 2012-11-15 06:14 - 2012-11-15 06:14 - 44687360 ____A C:WindowsSystem32configCOMPONENTS.iobit 2012-11-15 04:36 - 2012-10-18 10:25 - 03149824 ____A (Microsoft Corporation) C:WindowsSystem32win32k.sys 2012-11-15 04:36 - 2012-10-09 10:17 - 00226816 ____A (Microsoft Corporation) C:WindowsSystem32dhcpcore6.dll 2012-11-15 04:36 - 2012-10-09 10:17 - 00055296 ____A (Microsoft Corporation) C:WindowsSystem32dhcpcsvc6.dll 2012-11-15 04:36 - 2012-10-09 09:40 - 00193536 ____A (Microsoft Corporation) C:WindowsSysWOW64dhcpcore6.dll 2012-11-15 04:36 - 2012-10-09 09:40 - 00044032 ____A (Microsoft Corporation) C:WindowsSysWOW64dhcpcsvc6.dll 2012-11-15 04:31 - 2012-09-25 14:47 - 00078336 ____A (Microsoft Corporation) C:WindowsSysWOW64synceng.dll 2012-11-15 04:31 - 2012-09-25 14:46 - 00095744 ____A (Microsoft Corporation) C:WindowsSystem32synceng.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 05773824 ____A (Microsoft Corporation) C:WindowsSystem32mstscax.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 04916224 ____A (Microsoft Corporation) C:WindowsSysWOW64mstscax.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 03174912 ____A (Microsoft Corporation) C:WindowsSystem32rdpcorets.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 01123840 ____A (Microsoft Corporation) C:WindowsSystem32mstsc.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 01048064 ____A (Microsoft Corporation) C:WindowsSysWOW64mstsc.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 00384000 ____A (Microsoft Corporation) C:WindowsSystem32wksprt.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 00322560 ____A (Microsoft Corporation) C:WindowsSystem32aaclient.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00269312 ____A (Microsoft Corporation) C:WindowsSysWOW64aaclient.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00243200 ____A (Microsoft Corporation) C:WindowsSystem32rdpudd.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00228864 ____A (Microsoft Corporation) C:WindowsSystem32rdpendp_winip.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00192000 ____A (Microsoft Corporation) C:WindowsSysWOW64rdpendp_winip.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00062976 ____A (Microsoft Corporation) C:WindowsSystem32TSWbPrxy.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 00057856 ____A (Microsoft Corporation) C:WindowsSystem32DriversTsUsbFlt.sys 2012-11-14 17:51 - 2012-11-14 17:51 - 00054272 ____A (Microsoft Corporation) C:WindowsSystem32MsRdpWebAccess.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00046592 ____A (Microsoft Corporation) C:WindowsSysWOW64MsRdpWebAccess.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00044032 ____A (Microsoft Corporation) C:WindowsSystem32tsgqec.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00043520 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbGDCoInstaller.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00037376 ____A (Microsoft Corporation) C:WindowsSysWOW64tsgqec.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00019456 ____A (Microsoft Corporation) C:WindowsSystem32Driversrdpvideominiport.sys 2012-11-14 17:51 - 2012-11-14 17:51 - 00018432 ____A (Microsoft Corporation) C:WindowsSystem32wksprtPS.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00016896 ____A (Microsoft Corporation) C:WindowsSysWOW64wksprtPS.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00015360 ____A (Microsoft Corporation) C:WindowsSystem32RdpGroupPolicyExtension.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyExtension.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyControl.exe 2012-11-14 17:50 - 2012-11-14 17:50 - 01448448 ____A (Microsoft Corporation) C:WindowsSystem32lsasrv.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00458712 ____A (Microsoft Corporation) C:WindowsSystem32Driverscng.sys 2012-11-14 17:50 - 2012-11-14 17:50 - 00340992 ____A (Microsoft Corporation) C:WindowsSystem32schannel.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00307200 ____A (Microsoft Corporation) C:WindowsSystem32ncrypt.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00247808 ____A (Microsoft Corporation) C:WindowsSysWOW64schannel.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00220160 ____A (Microsoft Corporation) C:WindowsSysWOW64ncrypt.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00154480 ____A (Microsoft Corporation) C:WindowsSystem32Driversksecpkg.sys 2012-11-14 17:50 - 2012-11-14 17:50 - 00096768 ____A (Microsoft Corporation) C:WindowsSysWOW64sspicli.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00022016 ____A (Microsoft Corporation) C:WindowsSysWOW64secur32.dll 2012-11-14 17:49 - 2012-11-14 17:49 - 00514560 ____A (Microsoft Corporation) C:WindowsSysWOW64qdvd.dll 2012-11-14 17:49 - 2012-11-14 17:49 - 00366592 ____A (Microsoft Corporation) C:WindowsSystem32qdvd.dll 2012-11-14 17:45 - 2012-11-14 17:45 - 65363968 ____A C:WindowsSystem32configSOFTWARE.iobit 2012-11-14 17:45 - 2012-11-14 17:45 - 19095552 ____A C:WindowsSystem32configSYSTEM.iobit 2012-11-14 17:45 - 2012-11-14 17:45 - 00311296 ____A C:WindowsSystem32configDEFAULT.iobit 2012-11-14 17:45 - 2012-11-14 17:45 - 00061440 ____A C:WindowsSystem32configSAM.iobit 2012-11-14 17:45 - 2012-11-14 17:45 - 00028672 ____A C:WindowsSystem32configSECURITY.iobit 2012-11-14 12:32 - 2012-11-14 12:32 - 00030568 ____A (AVG Technologies) C:WindowsSystem32Driversavgtpx64.sys 2012-11-14 12:30 - 2012-12-11 07:50 - 00015712 ____A C:WindowsSystem32DriversSWDUMon.sys 2012-11-14 12:30 - 2012-12-11 07:50 - 00000410 ____A C:WindowsTasksSlimDrivers Startup.job 2012-11-14 12:30 - 2012-11-14 12:30 - 00000000 ____D C:UsersOwnerAppDataLocalSlimWare Utilities Inc 2012-11-14 12:29 - 2012-11-14 12:29 - 00002467 ____A C:UsersPublicDesktopSlimDrivers.lnk 2012-11-14 12:29 - 2012-11-14 12:29 - 00000000 ____D C:UsersPublicDocumentsDownloaded Installers 2012-11-14 08:21 - 2012-11-14 08:27 - 00000359 ____A C:UsersOwnerDesktopwisconbeer.txt 2012-11-12 13:06 - 2012-11-30 09:06 - 00000000 ____D C:UsersOwnerAppDataLocalMindDabble_4p 2012-11-12 13:06 - 2012-11-12 13:06 - 00000000 ____D C:Program Files (x86)MindDabble_4p 2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:UsersOwnerAppDataLocalAPlusGamer_63 2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:Program Files (x86)APlusGamer_63 2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersUpdatusUserDesktopBrain Train Age.lnk 2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersOwnerDesktopBrain Train Age.lnk 2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersUpdatusUserDesktopUpdate.lnk 2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersOwnerDesktopUpdate.lnk 2012-11-12 11:05 - 2012-11-12 11:05 - 00000000 ____D C:Program Files (x86)BrainTrainAge 2012-11-12 10:33 - 2012-11-12 10:34 - 74027949 ____A (The Code::Blocks Team) C:UsersOwnerDesktopcodeblocks-10.05mingw-setup.exe ==================== One Month Modified Files and Folders ======= 2012-12-11 07:50 - 2012-12-11 07:50 - 00000048 ____A C:WindowsAE0F15C41BFB83F3.log 2012-12-11 07:50 - 2012-11-14 12:30 - 00015712 ____A C:WindowsSystem32DriversSWDUMon.sys 2012-12-11 07:50 - 2012-11-14 12:30 - 00000410 ____A C:WindowsTasksSlimDrivers Startup.job 2012-12-11 07:49 - 2012-11-16 03:37 - 00005442 ____A C:Windowssetupact.log 2012-12-11 07:49 - 2009-07-13 21:08 - 00000006 ___AH C:WindowsTasksSA.DAT 2012-12-11 07:48 - 2011-02-20 21:12 - 01877928 ____A C:WindowsWindowsUpdate.log 2012-12-11 06:56 - 2012-07-30 16:28 - 00000830 ____A C:WindowsTasksAdobe Flash Player Updater.job 2012-12-11 06:46 - 2009-07-13 20:45 - 00014144 ___AH C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-12-11 06:46 - 2009-07-13 20:45 - 00014144 ___AH C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-12-11 06:28 - 2012-11-20 13:00 - 00030712 ____A C:WindowsPFRO.log 2012-12-11 06:17 - 2012-12-11 07:47 - 01461029 ____A (Farbar) C:UsersOwnerDesktopFRST64.exe 2012-12-11 04:46 - 2009-07-13 21:13 - 00726316 ____A C:WindowsSystem32PerfStringBackup.INI 2012-12-10 18:41 - 2012-12-10 18:40 - 00030347 ____A C:UsersOwnerDesktopResult.txt 2012-12-10 18:31 - 2012-12-10 18:31 - 00031862 ____A C:UsersOwnerDesktop12-10-12test.txt 2012-12-10 18:26 - 2012-12-10 16:11 - 00000000 ____D C:ComboFix 2012-12-10 18:26 - 2012-12-03 08:24 - 00000000 ____D C:Qoobox 2012-12-10 16:42 - 2012-12-10 16:42 - 00031862 ____A C:ComboFix.txt 2012-12-10 16:16 - 2009-07-13 18:34 - 00000215 ____A C:Windowssystem.ini 2012-12-10 16:12 - 2012-12-10 16:12 - 00001302 ____A C:CF-Submit.htm 2012-12-10 07:12 - 2012-12-10 07:12 - 00000000 ____D C:FRACTURE EXTRAS 2012-12-09 19:55 - 2012-08-03 14:43 - 00000000 ____D C:Program Files (x86)Google 2012-12-09 19:48 - 2012-07-30 07:28 - 00000000 ____D C:UsersOwnerDownloadsVideo 2012-12-09 19:47 - 2012-07-30 09:16 - 00000000 ____D C:UsersOwner.umplayer 2012-12-09 06:52 - 2012-12-09 06:52 - 00000000 ____D C:UsersOwnerDesktopNew Folder 2012-12-09 06:26 - 2012-12-09 06:25 - 00000000 ____D C:UsersOwnerDesktopcf 2012-12-08 12:46 - 2012-12-10 18:38 - 00752213 ____A (Farbar) C:UsersOwnerDesktopMiniToolBox.exe 2012-12-08 06:49 - 2012-07-30 09:43 - 00000000 ____D C:UsersOwnerAppDataLocalCrashDumps 2012-12-07 15:51 - 2012-12-07 15:51 - 00089974 ____A C:UsersOwnerDesktopIce Age_ Continental Drift.pds 2012-12-07 14:17 - 2012-09-23 15:34 - 00000000 ____D C:UsersOwnerDesktoptgwi 2012-12-07 14:15 - 2012-12-07 14:15 - 00089950 ____A C:UsersOwnerDocumentsicemp4.pds 2012-12-07 14:13 - 2012-12-07 13:56 - 465468200 ____A C:UsersOwnerDocumentsProduce.mp4 2012-12-07 13:56 - 2012-12-07 13:56 - 00003539 ____A C:UsersOwnerDocumentsProduce.THM 2012-12-06 10:30 - 2012-12-06 10:30 - 00000000 ____D C:UsersOwnerDesktopSTEPPENWOLF 2012-12-06 09:49 - 2012-09-01 12:04 - 00000000 ____D C:UsersOwnerAppDataRoamingIDM 2012-12-06 09:28 - 2012-07-29 03:52 - 00000000 ____D C:Program Files (x86)Mozilla Maintenance Service 2012-12-05 17:56 - 2012-07-30 07:28 - 00000000 ____D C:UsersOwnerAppDataRoamingDMCache 2012-12-05 17:06 - 2012-11-30 06:15 - 00000000 ____D C:JRT 2012-12-05 15:52 - 2009-07-13 19:20 - 00000000 ____D C:WindowsSystem32NDF 2012-12-05 15:42 - 2012-12-05 15:46 - 01995672 ____A (Driver Whiz) C:UsersOwnerDesktopDriverwhiz_2.exe 2012-12-05 09:06 - 2012-12-05 09:06 - 00001147 ____A C:UsersPublicDesktopMozilla Firefox.lnk 2012-12-05 09:06 - 2012-07-29 03:52 - 00000000 ____D C:Program Files (x86)Mozilla Firefox 2012-12-05 09:03 - 2012-12-05 09:02 - 00002323 ____A C:UsersOwnerDesktopFSS.txt 2012-12-05 05:44 - 2012-12-05 09:00 - 00696153 ____A (Farbar) C:UsersOwnerDesktopFSS.exe 2012-12-04 11:50 - 2012-07-19 01:29 - 00000000 ____D C:UsersOwnerAppDataLocalApps2.0 2012-12-04 09:49 - 2012-12-04 09:49 - 00000324 ____A C:UsersOwnerDesktopmessup.txt 2012-12-04 05:48 - 2012-12-04 05:48 - 00001724 ____A C:AdwCleaner[s6].txt 2012-12-04 04:28 - 2009-07-13 21:08 - 00032544 ____A C:WindowsTasksSCHEDLGU.TXT 2012-12-03 09:38 - 2012-12-03 09:38 - 00032483 ____A C:UsersOwnerDesktopx.txt 2012-12-03 09:11 - 2009-07-13 19:20 - 00000000 __RHD C:usersDefault 2012-12-03 09:06 - 2012-12-03 08:23 - 00000000 ____D C:Windowserdnt 2012-12-03 08:36 - 2009-07-13 18:34 - 67108864 ____A C:WindowsSystem32configSOFTWARE.bak 2012-12-03 08:36 - 2009-07-13 18:34 - 19922944 ____A C:WindowsSystem32configSYSTEM.bak 2012-12-03 08:36 - 2009-07-13 18:34 - 00311296 ____A C:WindowsSystem32configDEFAULT.bak 2012-12-03 08:36 - 2009-07-13 18:34 - 00061440 ____A C:WindowsSystem32configSAM.bak 2012-12-03 08:36 - 2009-07-13 18:34 - 00028672 ____A C:WindowsSystem32configSECURITY.bak 2012-12-03 05:41 - 2012-12-03 05:40 - 05009299 ____R (Swearware) C:UsersOwnerDesktopComboFix.exe 2012-12-02 18:40 - 2012-12-02 18:40 - 00000490 ____A C:UsersOwnerDesktopcomp websites.txt 2012-12-02 14:45 - 2012-12-02 18:48 - 00856731 ____A C:UsersOwnerDesktopSecurityCheck.exe 2012-12-01 12:03 - 2012-11-21 11:11 - 00025658 ____A C:UsersOwnerDesktopdds.txt 2012-12-01 12:03 - 2012-11-21 11:11 - 00010123 ____A C:UsersOwnerDesktopattach.txt 2012-12-01 11:47 - 2012-12-01 11:47 - 00011384 ____A C:UsersOwnerDesktopJRT.txt 2012-12-01 11:43 - 2012-11-30 06:15 - 00000347 ____A C:UsersOwnerDownloadsaskregvalue_x64.dat 2012-11-30 20:10 - 2012-09-22 05:42 - 00001101 ____A C:UsersPublicDesktopAnyDVD.lnk 2012-11-30 13:47 - 2012-11-30 07:39 - 00001109 ____A C:UsersPublicDesktopMalwarebytes Anti-Malware.lnk 2012-11-30 13:47 - 2012-11-30 07:39 - 00000000 ____D C:Program Files (x86)Malwarebytes' Anti-Malware 2012-11-30 09:06 - 2012-11-12 13:06 - 00000000 ____D C:UsersOwnerAppDataLocalMindDabble_4p 2012-11-30 06:16 - 2012-11-30 06:16 - 00000000 ____D C:WindowsERUNT 2012-11-30 05:53 - 2012-11-30 05:50 - 00000000 ____D C:UsersOwnerDesktopmark new comp stuff 2012-11-30 04:16 - 2012-11-30 05:50 - 10669952 ____A (Malwarebytes Corporation ) C:UsersOwnerDesktopmbam-setup-1.65.1.1000.exe 2012-11-30 04:15 - 2012-11-30 05:50 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.com 2012-11-30 04:12 - 2012-11-30 05:50 - 00912454 ____A C:UsersOwnerDesktopJRT.exe 2012-11-30 04:10 - 2012-11-30 05:50 - 00448512 ___RA (OldTimer Tools) C:UsersOwnerDesktopTFC.exe 2012-11-28 08:04 - 2012-11-25 11:14 - 00000000 ____D C:UsersOwnerDesktopfor marks computer 2012-11-28 07:51 - 2012-07-29 04:08 - 00000000 ____D C:UsersOwnerAppDataRoaminguTorrent 2012-11-28 04:31 - 2012-08-03 14:42 - 00000000 ____D C:UsersAll UsersAVAST Software 2012-11-27 09:18 - 2012-11-27 09:18 - 00000000 ____D C:FRST 2012-11-25 11:08 - 2012-11-25 11:08 - 00000732 ____A C:UsersOwnerDesktopfor marks computer - Shortcut.lnk 2012-11-25 08:06 - 2012-11-25 11:14 - 00011464 ____A C:UsersOwnerDesktophelp1.txt 2012-11-25 07:36 - 2012-11-25 11:14 - 00027239 ____A C:UsersOwnerDesktopcomp help 2012-11-25 07:22 - 2012-11-25 12:29 - 04732416 ____A (AVAST Software) C:UsersOwnerDesktopaswMBR.exe 2012-11-25 07:18 - 2012-11-25 11:14 - 00602112 ____A C:UsersOwnerDesktopOTL.exe 2012-11-24 18:05 - 2012-11-24 14:52 - 00001181 ____A C:UsersOwnerDesktopDesinstaller_HOSTS_Anti-PUPs.lnk 2012-11-24 14:56 - 2012-11-24 14:56 - 00001236 ____A C:AdwCleaner[s5].txt 2012-11-24 14:40 - 2012-11-24 14:40 - 00001157 ____A C:AdwCleaner[s4].txt 2012-11-24 07:08 - 2012-11-24 07:07 - 00001096 ____A C:AdwCleaner[s3].txt 2012-11-24 06:58 - 2012-11-23 17:49 - 00000000 ____D C:Program Files (x86)Xvid 2012-11-24 06:57 - 2012-11-24 06:57 - 00000000 ____D C:UsersOwner.bitrock 2012-11-24 06:57 - 2012-07-19 01:23 - 00000000 ____D C:usersOwner 2012-11-24 06:54 - 2012-11-24 06:54 - 00001550 ____A C:AdwCleaner[s2].txt 2012-11-23 14:53 - 2012-11-23 14:53 - 00051166 ____A C:UsersOwnerDocumentsAdwCleaner[s1]1.txt 2012-11-23 14:32 - 2012-11-23 14:31 - 00051166 ____A C:AdwCleaner[s1].txt 2012-11-23 14:27 - 2012-11-23 14:27 - 00543531 ____A C:UsersOwnerDesktopAdwCleaner.exe 2012-11-23 13:31 - 2012-08-02 19:08 - 00001779 ____A C:UsersOwnerDesktoppremier.txt 2012-11-23 06:52 - 2012-11-23 06:52 - 00009544 ____A C:UsersOwnerDesktopbridesmaids unrated.pds 2012-11-22 16:34 - 2012-07-30 07:28 - 00000000 ____D C:UsersOwnerDownloadsCompressed 2012-11-21 08:14 - 2012-09-15 05:28 - 00000000 ____D C:New folder (2) 2012-11-21 07:59 - 2012-10-15 13:09 - 00000000 ____D C:Program Files (x86)TextAloud 2012-11-21 07:57 - 2012-11-20 08:25 - 00000000 ____D C:Program Files (x86)PCPitstop 2012-11-21 07:54 - 2012-10-14 18:14 - 00000000 ____D C:Program Files (x86)IVONA 2012-11-21 07:50 - 2012-08-09 14:42 - 00000000 ____D C:UsersOwnerAppDataRoamingAnvisoft 2012-11-21 07:50 - 2012-08-09 14:42 - 00000000 ____D C:Program Files (x86)Anvisoft 2012-11-21 07:49 - 2012-08-11 10:53 - 00000000 ____D C:UsersOwnerAppDataRoamingApple Computer 2012-11-21 07:29 - 2012-11-21 07:29 - 02213976 ____A (Kaspersky Lab ZAO) C:UsersOwnerDesktoptdsskiller.exe 2012-11-21 07:26 - 2012-11-21 07:26 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.EXE 2012-11-21 06:19 - 2012-11-21 06:17 - 00000000 ____D C:Program Files (x86)MeadCo Neptune 2012-11-21 06:18 - 2012-11-21 06:18 - 00169816 ____A (Microsoft Corporation) C:UsersOwnerDownloadsMeadCo_Neptune.exe 2012-11-21 06:16 - 2012-09-02 06:28 - 00000000 ____D C:Program Files (x86)Internet Download Manager 2012-11-21 05:17 - 2012-11-20 14:22 - 00415934 ____A C:WindowsSystem32Driversvsconfig.xml 2012-11-20 14:16 - 2012-11-20 14:16 - 00000762 ____A C:UsersPublicDesktopZoneAlarm Security.lnk 2012-11-20 14:16 - 2012-11-20 14:16 - 00000000 ____D C:UsersOwnerDocumentsForceField Shared Files 2012-11-20 14:16 - 2012-11-20 13:46 - 00000000 ____D C:Program Files (x86)CheckPoint 2012-11-20 14:15 - 2012-11-20 14:15 - 00000000 ____D C:UsersOwnerAppDataRoamingCheckPoint 2012-11-20 14:14 - 2012-11-20 14:14 - 00000000 ____D C:Program FilesCheckPoint 2012-11-20 13:46 - 2012-11-20 13:46 - 00000000 ____D C:UsersAll UsersCheckPoint 2012-11-20 10:34 - 2012-08-03 15:02 - 00000000 ____D C:UsersOwnerAppDataLocalSpotify 2012-11-20 10:34 - 2012-08-03 14:53 - 00000000 ____D C:UsersOwnerAppDataRoamingSpotify 2012-11-20 10:23 - 2012-11-20 10:23 - 00000000 ____D C:UsersOwnerAppDataRoamingMalwarebytes 2012-11-20 10:22 - 2012-11-20 10:22 - 00000000 ____D C:UsersAll UsersMalwarebytes 2012-11-20 08:27 - 2012-11-20 08:27 - 00000000 ____D C:UsersAll UsersPCPitstop 2012-11-20 03:53 - 2012-11-20 03:53 - 00000000 ____D C:UsersOwnerAppDataRoamingConverterLite 2012-11-20 03:53 - 2012-10-21 17:31 - 00001947 ____A C:UsersPublicDesktopConverterLite.lnk 2012-11-20 03:36 - 2012-11-20 03:36 - 00000000 ____D C:UsersOwnerDocumentsMy Video 2012-11-19 19:27 - 2012-11-19 19:27 - 00010486 ____A C:UsersOwnerDesktopkill bill.pds 2012-11-19 17:03 - 2012-11-19 17:03 - 00000000 ____D C:UsersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012) 2012-11-19 16:15 - 2012-07-30 10:38 - 00014336 __ASH C:UsersOwnerThumbs.db 2012-11-19 12:16 - 2012-11-19 12:16 - 00181636 ____A C:UsersOwnerDesktopdisk music.pds 2012-11-19 11:25 - 2012-11-19 11:25 - 00001019 ____A C:UsersUpdatusUserDesktopARWizard3.lnk 2012-11-19 08:58 - 2012-08-02 19:07 - 00002902 ____A C:UsersOwnerDesktopkt work 608-264-9826 Your IP 71.90.87.244.odt 2012-11-18 14:50 - 2011-02-20 21:42 - 00000000 ____D C:UsersAll UsersAdobe 2012-11-18 14:46 - 2012-07-30 16:28 - 00697272 ____A (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerApp.exe 2012-11-18 14:46 - 2012-07-30 16:28 - 00073656 ____A (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerCPLApp.cpl 2012-11-18 09:55 - 2009-07-13 19:20 - 00000000 ____D C:Windowsrescache 2012-11-17 18:29 - 2012-11-17 18:29 - 00157793 ____A C:UsersOwnerDesktopbeer.pds 2012-11-17 13:38 - 2012-11-17 13:20 - 00000000 ____D C:UsersOwner.gimp-2.8 2012-11-17 13:28 - 2012-08-07 13:33 - 00000000 ____D C:UsersOwnerAppDataRoamingCyberLink 2012-11-17 13:25 - 2012-11-17 13:25 - 00001374 ____A C:UsersOwnerAppDataLocalrecently-used.xbel 2012-11-17 13:22 - 2012-11-17 13:22 - 00000000 ____D C:UsersOwner.thumbnails 2012-11-17 13:20 - 2012-11-17 13:20 - 00000000 ____D C:UsersOwnerAppDataLocalgegl-0.2 2012-11-17 13:19 - 2012-11-17 13:18 - 00000000 ____D C:Program FilesGIMP 2 2012-11-17 12:01 - 2012-11-17 12:01 - 01555254 ____A C:UsersOwnerDocumentsSnapshot.bmp 2012-11-17 11:41 - 2012-11-17 11:20 - 3152334848 ____A C:UsersOwnerDesktopBottoms Up.mpg 2012-11-17 10:47 - 2012-11-17 10:47 - 00054406 ____A C:UsersOwnerDesktopbottom.pds 2012-11-16 16:52 - 2012-11-16 15:54 - 1609062400 ____A C:UsersOwnerDocumentsbottoms up.mpg 2012-11-16 15:50 - 2012-08-07 13:35 - 00000000 ____D C:UsersOwnerDocumentsYoucam 2012-11-16 07:40 - 2012-07-30 09:17 - 00000000 ____D C:UsersOwnerAppDataLocalMPlayer 2012-11-16 03:39 - 2012-07-19 01:29 - 00076920 ____A C:UsersOwnerAppDataLocalGDIPFONTCACHEV1.DAT 2012-11-16 03:37 - 2012-11-16 03:37 - 00000000 ____A C:Windowssetuperr.log 2012-11-16 03:37 - 2009-07-13 20:45 - 00305776 ____A C:WindowsSystem32FNTCACHE.DAT 2012-11-15 18:38 - 2009-07-13 19:20 - 00000000 ____D C:WindowsPolicyDefinitions 2012-11-15 18:15 - 2012-11-15 18:15 - 00001845 ____A C:UsersPublicDesktopQuickTime Player.lnk 2012-11-15 18:15 - 2012-11-15 18:15 - 00000000 ____D C:Program Files (x86)QuickTime 2012-11-15 18:15 - 2012-08-07 15:26 - 00000000 ____D C:UsersAll UsersApple Computer 2012-11-15 06:14 - 2012-11-15 06:14 - 44687360 ____A C:WindowsSystem32configCOMPONENTS.iobit 2012-11-15 04:25 - 2012-07-25 04:45 - 66395536 ____A (Microsoft Corporation) C:WindowsSystem32MRT.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 05773824 ____A (Microsoft Corporation) C:WindowsSystem32mstscax.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 04916224 ____A (Microsoft Corporation) C:WindowsSysWOW64mstscax.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 03174912 ____A (Microsoft Corporation) C:WindowsSystem32rdpcorets.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 01123840 ____A (Microsoft Corporation) C:WindowsSystem32mstsc.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 01048064 ____A (Microsoft Corporation) C:WindowsSysWOW64mstsc.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 00384000 ____A (Microsoft Corporation) C:WindowsSystem32wksprt.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 00322560 ____A (Microsoft Corporation) C:WindowsSystem32aaclient.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00269312 ____A (Microsoft Corporation) C:WindowsSysWOW64aaclient.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00243200 ____A (Microsoft Corporation) C:WindowsSystem32rdpudd.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00228864 ____A (Microsoft Corporation) C:WindowsSystem32rdpendp_winip.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00192000 ____A (Microsoft Corporation) C:WindowsSysWOW64rdpendp_winip.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00062976 ____A (Microsoft Corporation) C:WindowsSystem32TSWbPrxy.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 00057856 ____A (Microsoft Corporation) C:WindowsSystem32DriversTsUsbFlt.sys 2012-11-14 17:51 - 2012-11-14 17:51 - 00054272 ____A (Microsoft Corporation) C:WindowsSystem32MsRdpWebAccess.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00046592 ____A (Microsoft Corporation) C:WindowsSysWOW64MsRdpWebAccess.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00044032 ____A (Microsoft Corporation) C:WindowsSystem32tsgqec.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00043520 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbGDCoInstaller.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00037376 ____A (Microsoft Corporation) C:WindowsSysWOW64tsgqec.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00019456 ____A (Microsoft Corporation) C:WindowsSystem32Driversrdpvideominiport.sys 2012-11-14 17:51 - 2012-11-14 17:51 - 00018432 ____A (Microsoft Corporation) C:WindowsSystem32wksprtPS.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00016896 ____A (Microsoft Corporation) C:WindowsSysWOW64wksprtPS.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00015360 ____A (Microsoft Corporation) C:WindowsSystem32RdpGroupPolicyExtension.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyExtension.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyControl.exe 2012-11-14 17:50 - 2012-11-14 17:50 - 01448448 ____A (Microsoft Corporation) C:WindowsSystem32lsasrv.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00458712 ____A (Microsoft Corporation) C:WindowsSystem32Driverscng.sys 2012-11-14 17:50 - 2012-11-14 17:50 - 00340992 ____A (Microsoft Corporation) C:WindowsSystem32schannel.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00307200 ____A (Microsoft Corporation) C:WindowsSystem32ncrypt.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00247808 ____A (Microsoft Corporation) C:WindowsSysWOW64schannel.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00220160 ____A (Microsoft Corporation) C:WindowsSysWOW64ncrypt.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00154480 ____A (Microsoft Corporation) C:WindowsSystem32Driversksecpkg.sys 2012-11-14 17:50 - 2012-11-14 17:50 - 00096768 ____A (Microsoft Corporation) C:WindowsSysWOW64sspicli.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00022016 ____A (Microsoft Corporation) C:WindowsSysWOW64secur32.dll 2012-11-14 17:49 - 2012-11-14 17:49 - 00514560 ____A (Microsoft Corporation) C:WindowsSysWOW64qdvd.dll 2012-11-14 17:49 - 2012-11-14 17:49 - 00366592 ____A (Microsoft Corporation) C:WindowsSystem32qdvd.dll 2012-11-14 17:45 - 2012-11-14 17:45 - 65363968 ____A C:WindowsSystem32configSOFTWARE.iobit 2012-11-14 17:45 - 2012-11-14 17:45 - 19095552 ____A C:WindowsSystem32configSYSTEM.iobit 2012-11-14 17:45 - 2012-11-14 17:45 - 00311296 ____A C:WindowsSystem32configDEFAULT.iobit 2012-11-14 17:45 - 2012-11-14 17:45 - 00061440 ____A C:WindowsSystem32configSAM.iobit 2012-11-14 17:45 - 2012-11-14 17:45 - 00028672 ____A C:WindowsSystem32configSECURITY.iobit 2012-11-14 12:32 - 2012-11-14 12:32 - 00030568 ____A (AVG Technologies) C:WindowsSystem32Driversavgtpx64.sys 2012-11-14 12:30 - 2012-11-14 12:30 - 00000000 ____D C:UsersOwnerAppDataLocalSlimWare Utilities Inc 2012-11-14 12:29 - 2012-11-14 12:29 - 00002467 ____A C:UsersPublicDesktopSlimDrivers.lnk 2012-11-14 12:29 - 2012-11-14 12:29 - 00000000 ____D C:UsersPublicDocumentsDownloaded Installers 2012-11-14 11:45 - 2012-08-02 19:08 - 00000541 ____A C:UsersOwnerDesktopphone.txt 2012-11-14 08:27 - 2012-11-14 08:21 - 00000359 ____A C:UsersOwnerDesktopwisconbeer.txt 2012-11-12 13:06 - 2012-11-12 13:06 - 00000000 ____D C:Program Files (x86)MindDabble_4p 2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:UsersOwnerAppDataLocalAPlusGamer_63 2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:Program Files (x86)APlusGamer_63 2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersUpdatusUserDesktopBrain Train Age.lnk 2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersOwnerDesktopBrain Train Age.lnk 2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersUpdatusUserDesktopUpdate.lnk 2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersOwnerDesktopUpdate.lnk 2012-11-12 11:05 - 2012-11-12 11:05 - 00000000 ____D C:Program Files (x86)BrainTrainAge 2012-11-12 10:34 - 2012-11-12 10:33 - 74027949 ____A (The Code::Blocks Team) C:UsersOwnerDesktopcodeblocks-10.05mingw-setup.exe ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:WindowsSystem32winlogon.exe => MD5 is legit C:WindowsSystem32wininit.exe => MD5 is legit C:WindowsSysWOW64wininit.exe => MD5 is legit C:Windowsexplorer.exe => MD5 is legit C:WindowsSysWOW64explorer.exe => MD5 is legit C:WindowsSystem32svchost.exe => MD5 is legit C:WindowsSysWOW64svchost.exe => MD5 is legit C:WindowsSystem32services.exe => MD5 is legit C:WindowsSystem32User32.dll => MD5 is legit C:WindowsSysWOW64User32.dll => MD5 is legit C:WindowsSystem32userinit.exe => MD5 is legit C:WindowsSysWOW64userinit.exe => MD5 is legit C:WindowsSystem32Driversvolsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM....exe: exefile => OK HKLM...exefileDefaultIcon: %1 => OK HKLM...exefileopencommand: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2012-11-30 06:57:43 Restore point made on: 2012-12-02 17:44:40 Restore point made on: 2012-12-10 06:33:52 ==================== Memory info =========================== Percentage of memory in use: 11% Total physical RAM: 6056.37 MB Available physical RAM: 5340.92 MB Total Pagefile: 6054.52 MB Available Pagefile: 5334.86 MB Total Virtual: 8192 MB Available Virtual: 8191.91 MB ==================== Partitions ============================= 1 Drive c: () (Fixed) (Total:586.07 GB) (Free:70.1 GB) NTFS 3 Drive f: (USB20FD) (Removable) (Total:7.59 GB) (Free:7.51 GB) FAT32 4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS 5 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 596 GB 0 B Disk 1 Online 7788 MB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 100 MB 1024 KB Partition 2 Primary 586 GB 101 MB Partition 3 OEM 9 GB 586 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C NTFS Partition 586 GB Healthy ========================================================= Disk: 0 Partition 3 Type : 12 Hidden: Yes Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 RECOVERY NTFS Partition 9 GB Healthy Hidden ========================================================= Partitions of Disk 1: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 7782 MB 5820 KB ================================================================================== Disk: 1 Partition 1 Type : 0C Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 F USB20FD FAT32 Removable 7782 MB Healthy ========================================================= Last Boot: 2012-12-05 03:49 ==================== End Of Log ============================= I still have problems with internet Link to comment Share on other sites More sharing options...
JonTom Posted December 12, 2012 Share Posted December 12, 2012 Hello goofy1139 There are still some traces of Zonealarm showing in your latest log. Lets try this: Please un-install your ZoneAlarm product Click on "Start" then on "Control Panel" and then on the "Programs and Features" tab. Find your Zonealarm program, click on it once and then click on the "uninstall" button. If you are prompted to re-boot your computer to complete the uninstall please do so. Once you have done that (or if Zonealarm is not listed in your program list) please download and run the Zonealarm removal tool located here: http://download.zone...nload/clean.exe After completing the steps above please post a new FRST log and let me know if you are still having problems Link to comment Share on other sites More sharing options...
goofy1139 Posted December 12, 2012 Author Share Posted December 12, 2012 Hello JonTom After uninstalling ZoneAlarm I was able to get online! Thank You so much! Here is the new FRST log. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2012 Ran by SYSTEM at 12-12-2012 13:37:45 Running from F: Windows 7 Home Premium (X64) OS Language: English(US) The current controlset is ControlSet001 ==================== Registry (Whitelisted) =================== HKLM...Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s [11660904 2010-11-30] (Realtek Semiconductor) HKLM...Run: [intelWireless] "C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe" /tf Intel Wireless Tray [1933584 2011-01-04] (Intel® Corporation) HKLM...Run: [ETDCtrl] %ProgramFiles%ElantechETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.) HKLM...Run: [intelWirelessWiMAX] "C:Program FilesIntelWiMAXBinWiMAXCU.exe" /tasktray /nosplash [1622016 2011-06-02] (Intel® Corporation) HKLM-x32...Run: [CLMLServer] "C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe" [103720 2009-11-01] (CyberLink) HKLM-x32...Run: [samsung PanelMgr] C:WindowsSamsungPanelMgrSSMMgr.exe /autorun [618496 2010-06-07] () HKLM-x32...Run: [uVS10 Preload] C:Program Files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe [36864 2006-03-06] (Ulead Systems, Inc.) HKLM-x32...Run: [updatePPShortCut] "C:Program Files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" "C:Program Files (x86)CyberLinkPowerProducer" UpdateWithCreateOnce "SoftwareCyberLinkPowerProducer5.0" [222504 2009-05-19] (CyberLink Corp.) HKLM-x32...Run: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated) HKLM-x32...Run: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM-x32...Run: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [59280 2012-10-11] (Apple Inc.) HKLM-x32...Run: [PowerDVD12DMREngine] "C:Program Files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [505872 2012-09-18] (CyberLink) HKLM-x32...Run: [PowerDVD12Agent] "C:Program Files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [374560 2012-09-18] (CyberLink Corp.) HKLM-x32...Run: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.) HKUOwner...Run: [iDMan] C:New folder (2)Internet Download Manager v6.11. 8.1 (IDM) +Crack + Key [h33t][iahq76]IDMan.exe /onboot [3220912 2010-05-26] (Tonec Inc.) HKUOwner...Run: [Xvid] C:Program Files (x86)XvidCheckUpdate.exe [8192 2011-01-17] () HKUOwner...Run: [AnyDVD] C:Program Files (x86)SlySoftAnyDVDAnyDVDtray.exe [6663840 2012-11-23] (SlySoft, Inc.) TcpipParameters: [DhcpNameServer] 24.196.64.53 68.113.206.10 24.178.162.3 AppInit_DLLs: C:WindowsSystem32nvinitx.dll Startup: C:UsersOwnerStart MenuProgramsStartupMagicDisc.lnk ShortcutTarget: MagicDisc.lnk -> C:Program Files (x86)MagicDiscMagicDisc.exe (MagicISO, Inc.) ==================== Services (Whitelisted) =================== 2 CLHNServiceForPowerDVD12; C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [90640 2012-09-18] (CyberLink Corp.) 2 CyberLink PowerDVD 12 Media Server Monitor Service; "C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe" [78352 2012-09-18] (CyberLink) 2 CyberLink PowerDVD 12 Media Server Service; "C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe" [295440 2012-09-18] (CyberLink) 2 MBAMScheduler; "C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation) 2 MBAMService; "C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe" [676936 2012-09-29] (Malwarebytes Corporation) 3 MyWiFiDHCPDNS; C:Program FilesIntelWiFibinPanDhcpDns.exe [340240 2011-01-04] () 2 nlsX86cc; "C:WindowsSysWOW64nlssrv32.exe" [66560 2010-11-22] (Nalpeiron Ltd.) 2 RichVideo; "C:Program Files (x86)CyberLinkShared filesRichVideo.exe" [244904 2009-11-30] () ==================== Drivers (Whitelisted) ===================== 3 AnyDVD; C:WindowsSystem32DriversAnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.) 3 AnyDVD; C:WindowsSysWow64DriversAnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.) 3 AVerPola; C:WindowsSystem32DriversAVerPola.sys [534144 2011-01-03] (AVerMedia TECHNOLOGIES, Inc.) 1 avgtp; ??C:Windowssystem32driversavgtpx64.sys [30568 2012-11-14] (AVG Technologies) 3 MBAMProtector; ??C:Windowssystem32driversmbam.sys [25928 2012-09-29] (Malwarebytes Corporation) 2 ntk_PowerDVD12; ??C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.) 0 SmartDefragDriver; C:WindowsSystem32DriversSmartDefragDriver.sys [17720 2010-11-26] () 3 StkCMini; C:WindowsSystem32DriversStkCMini.sys [1816968 2010-04-16] (Syntek) 3 SWDUMon; C:WindowsSystem32DriversSWDUMon.sys [15712 2012-12-12] () 2 {73526619-C24F-470B-9BED-53D455FBB5C6}; ??C:Program Files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [147704 2012-09-19] (CyberLink Corp.) 3 catchme; ??C:ComboFixcatchme.sys [x] ==================== NetSvcs (Whitelisted) ==================== ==================== One Month Created Files and Folders ======== 2012-12-12 11:34 - 2012-12-12 11:34 - 00000024 ____A C:WindowsAE0F15C41BFB83F3.log 2012-12-12 11:20 - 2012-12-12 11:20 - 00001994 ____A C:UsersOwnerDesktopFSS.txt 2012-12-12 11:12 - 2012-12-12 11:12 - 00046663 ____A C:UsersOwnerDesktopFRST.txt 2012-12-12 09:44 - 2012-12-12 09:44 - 00000000 ____D C:Program Files (x86)CheckPoint 2012-12-11 18:21 - 2012-12-11 18:21 - 00006130 ____A C:WirelessDiagLog.csv 2012-12-11 07:47 - 2012-12-11 06:17 - 01461029 ____A (Farbar) C:UsersOwnerDesktopFRST64.exe 2012-12-10 18:40 - 2012-12-10 18:41 - 00030347 ____A C:UsersOwnerDesktopResult.txt 2012-12-10 18:38 - 2012-12-08 12:46 - 00752213 ____A (Farbar) C:UsersOwnerDesktopMiniToolBox.exe 2012-12-10 18:31 - 2012-12-10 18:31 - 00031862 ____A C:UsersOwnerDesktop12-10-12test.txt 2012-12-10 16:42 - 2012-12-10 16:42 - 00031862 ____A C:ComboFix.txt 2012-12-10 16:12 - 2012-12-10 16:12 - 00001302 ____A C:CF-Submit.htm 2012-12-10 16:11 - 2012-12-10 18:26 - 00000000 ____D C:ComboFix 2012-12-10 07:12 - 2012-12-10 07:12 - 00000000 ____D C:FRACTURE EXTRAS 2012-12-09 06:52 - 2012-12-09 06:52 - 00000000 ____D C:UsersOwnerDesktopNew Folder 2012-12-09 06:25 - 2012-12-09 06:26 - 00000000 ____D C:UsersOwnerDesktopcf 2012-12-07 15:51 - 2012-12-07 15:51 - 00089974 ____A C:UsersOwnerDesktopIce Age_ Continental Drift.pds 2012-12-07 14:15 - 2012-12-07 14:15 - 00089950 ____A C:UsersOwnerDocumentsicemp4.pds 2012-12-07 13:56 - 2012-12-07 14:13 - 465468200 ____A C:UsersOwnerDocumentsProduce.mp4 2012-12-07 13:56 - 2012-12-07 13:56 - 00003539 ____A C:UsersOwnerDocumentsProduce.THM 2012-12-06 10:30 - 2012-12-06 10:30 - 00000000 ____D C:UsersOwnerDesktopSTEPPENWOLF 2012-12-05 15:46 - 2012-12-05 15:42 - 01995672 ____A (Driver Whiz) C:UsersOwnerDesktopDriverwhiz_2.exe 2012-12-05 09:06 - 2012-12-05 09:06 - 00001147 ____A C:UsersPublicDesktopMozilla Firefox.lnk 2012-12-05 09:00 - 2012-12-12 11:05 - 00697869 ____A (Farbar) C:UsersOwnerDesktopFSS.exe 2012-12-04 09:49 - 2012-12-04 09:49 - 00000324 ____A C:UsersOwnerDesktopmessup.txt 2012-12-04 05:48 - 2012-12-04 05:48 - 00001724 ____A C:AdwCleaner[s6].txt 2012-12-03 09:38 - 2012-12-03 09:38 - 00032483 ____A C:UsersOwnerDesktopx.txt 2012-12-03 08:27 - 2011-06-25 22:45 - 00256000 ____A C:WindowsPEV.exe 2012-12-03 08:27 - 2010-11-07 09:20 - 00208896 ____A C:WindowsMBR.exe 2012-12-03 08:27 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:WindowsNIRCMD.exe 2012-12-03 08:27 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:WindowsSWREG.exe 2012-12-03 08:27 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:WindowsSWSC.exe 2012-12-03 08:27 - 2000-08-30 16:00 - 00098816 ____A C:Windowssed.exe 2012-12-03 08:27 - 2000-08-30 16:00 - 00080412 ____A C:Windowsgrep.exe 2012-12-03 08:27 - 2000-08-30 16:00 - 00068096 ____A C:Windowszip.exe 2012-12-03 08:24 - 2012-12-10 18:26 - 00000000 ____D C:Qoobox 2012-12-03 08:23 - 2012-12-03 09:06 - 00000000 ____D C:Windowserdnt 2012-12-03 05:40 - 2012-12-03 05:41 - 05009299 ____R (Swearware) C:UsersOwnerDesktopComboFix.exe 2012-12-02 18:48 - 2012-12-02 14:45 - 00856731 ____A C:UsersOwnerDesktopSecurityCheck.exe 2012-12-02 18:40 - 2012-12-02 18:40 - 00000490 ____A C:UsersOwnerDesktopcomp websites.txt 2012-12-01 11:47 - 2012-12-01 11:47 - 00011384 ____A C:UsersOwnerDesktopJRT.txt 2012-11-30 07:39 - 2012-11-30 13:47 - 00001109 ____A C:UsersPublicDesktopMalwarebytes Anti-Malware.lnk 2012-11-30 07:39 - 2012-11-30 13:47 - 00000000 ____D C:Program Files (x86)Malwarebytes' Anti-Malware 2012-11-30 07:39 - 2012-09-29 17:54 - 00025928 ____A (Malwarebytes Corporation) C:WindowsSystem32Driversmbam.sys 2012-11-30 06:16 - 2012-11-30 06:16 - 00000000 ____D C:WindowsERUNT 2012-11-30 06:15 - 2012-12-05 17:06 - 00000000 ____D C:JRT 2012-11-30 06:15 - 2012-12-01 11:43 - 00000347 ____A C:UsersOwnerDownloadsaskregvalue_x64.dat 2012-11-30 05:50 - 2012-11-30 05:53 - 00000000 ____D C:UsersOwnerDesktopmark new comp stuff 2012-11-30 05:50 - 2012-11-30 04:16 - 10669952 ____A (Malwarebytes Corporation ) C:UsersOwnerDesktopmbam-setup-1.65.1.1000.exe 2012-11-30 05:50 - 2012-11-30 04:15 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.com 2012-11-30 05:50 - 2012-11-30 04:12 - 00912454 ____A C:UsersOwnerDesktopJRT.exe 2012-11-30 05:50 - 2012-11-30 04:10 - 00448512 ___RA (OldTimer Tools) C:UsersOwnerDesktopTFC.exe 2012-11-27 09:18 - 2012-12-12 11:11 - 00000000 ____D C:FRST 2012-11-25 12:29 - 2012-11-25 07:22 - 04732416 ____A (AVAST Software) C:UsersOwnerDesktopaswMBR.exe 2012-11-25 11:14 - 2012-11-28 08:04 - 00000000 ____D C:UsersOwnerDesktopfor marks computer 2012-11-25 11:14 - 2012-11-25 08:06 - 00011464 ____A C:UsersOwnerDesktophelp1.txt 2012-11-25 11:14 - 2012-11-25 07:36 - 00027239 ____A C:UsersOwnerDesktopcomp help 2012-11-25 11:14 - 2012-11-25 07:18 - 00602112 ____A C:UsersOwnerDesktopOTL.exe 2012-11-25 11:08 - 2012-11-25 11:08 - 00000732 ____A C:UsersOwnerDesktopfor marks computer - Shortcut.lnk 2012-11-24 14:56 - 2012-11-24 14:56 - 00001236 ____A C:AdwCleaner[s5].txt 2012-11-24 14:52 - 2012-11-24 18:05 - 00001181 ____A C:UsersOwnerDesktopDesinstaller_HOSTS_Anti-PUPs.lnk 2012-11-24 14:40 - 2012-11-24 14:40 - 00001157 ____A C:AdwCleaner[s4].txt 2012-11-24 07:07 - 2012-11-24 07:08 - 00001096 ____A C:AdwCleaner[s3].txt 2012-11-24 06:58 - 2011-05-30 05:42 - 00255488 ____A C:WindowsSystem32xvidvfw.dll 2012-11-24 06:58 - 2011-05-30 05:42 - 00240640 ____A C:WindowsSysWOW64xvidvfw.dll 2012-11-24 06:58 - 2011-05-23 01:52 - 00153088 ____A C:WindowsSysWOW64xvid.ax 2012-11-24 06:58 - 2011-05-22 23:49 - 00173568 ____A C:WindowsSystem32xvid.ax 2012-11-24 06:58 - 2011-05-22 23:46 - 00645632 ____A C:WindowsSysWOW64xvidcore.dll 2012-11-24 06:58 - 2011-05-22 23:45 - 00696832 ____A C:WindowsSystem32xvidcore.dll 2012-11-24 06:57 - 2012-11-24 06:57 - 00000000 ____D C:UsersOwner.bitrock 2012-11-24 06:54 - 2012-11-24 06:54 - 00001550 ____A C:AdwCleaner[s2].txt 2012-11-23 17:49 - 2012-11-24 06:58 - 00000000 ____D C:Program Files (x86)Xvid 2012-11-23 14:53 - 2012-11-23 14:53 - 00051166 ____A C:UsersOwnerDocumentsAdwCleaner[s1]1.txt 2012-11-23 14:31 - 2012-11-23 14:32 - 00051166 ____A C:AdwCleaner[s1].txt 2012-11-23 14:27 - 2012-11-23 14:27 - 00543531 ____A C:UsersOwnerDesktopAdwCleaner.exe 2012-11-23 06:52 - 2012-11-23 06:52 - 00009544 ____A C:UsersOwnerDesktopbridesmaids unrated.pds 2012-11-21 11:11 - 2012-12-01 12:03 - 00025658 ____A C:UsersOwnerDesktopdds.txt 2012-11-21 11:11 - 2012-12-01 12:03 - 00010123 ____A C:UsersOwnerDesktopattach.txt 2012-11-21 10:48 - 2010-11-26 15:02 - 00017720 ____A C:WindowsSystem32DriversSmartDefragDriver.sys 2012-11-21 07:29 - 2012-11-21 07:29 - 02213976 ____A (Kaspersky Lab ZAO) C:UsersOwnerDesktoptdsskiller.exe 2012-11-21 07:26 - 2012-11-21 07:26 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.EXE 2012-11-21 06:18 - 2012-11-21 06:18 - 00169816 ____A (Microsoft Corporation) C:UsersOwnerDownloadsMeadCo_Neptune.exe 2012-11-21 06:17 - 2012-11-21 06:19 - 00000000 ____D C:Program Files (x86)MeadCo Neptune 2012-11-20 14:15 - 2012-11-20 14:15 - 00000000 ____D C:UsersOwnerAppDataRoamingCheckPoint 2012-11-20 13:46 - 2012-12-12 09:44 - 00000000 ____D C:UsersAll UsersCheckPoint 2012-11-20 13:00 - 2012-12-12 09:44 - 00054332 ____A C:WindowsPFRO.log 2012-11-20 10:23 - 2012-11-20 10:23 - 00000000 ____D C:UsersOwnerAppDataRoamingMalwarebytes 2012-11-20 10:22 - 2012-11-20 10:22 - 00000000 ____D C:UsersAll UsersMalwarebytes 2012-11-20 08:27 - 2012-11-20 08:27 - 00000000 ____D C:UsersAll UsersPCPitstop 2012-11-20 08:25 - 2012-11-21 07:57 - 00000000 ____D C:Program Files (x86)PCPitstop 2012-11-20 03:53 - 2012-11-20 03:53 - 00000000 ____D C:UsersOwnerAppDataRoamingConverterLite 2012-11-20 03:36 - 2012-11-20 03:36 - 00000000 ____D C:UsersOwnerDocumentsMy Video 2012-11-19 19:27 - 2012-11-19 19:27 - 00010486 ____A C:UsersOwnerDesktopkill bill.pds 2012-11-19 17:03 - 2012-11-19 17:03 - 00000000 ____D C:UsersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012) 2012-11-19 12:16 - 2012-11-19 12:16 - 00181636 ____A C:UsersOwnerDesktopdisk music.pds 2012-11-19 11:25 - 2012-11-19 11:25 - 00001019 ____A C:UsersUpdatusUserDesktopARWizard3.lnk 2012-11-17 18:29 - 2012-11-17 18:29 - 00157793 ____A C:UsersOwnerDesktopbeer.pds 2012-11-17 13:25 - 2012-11-17 13:25 - 00001374 ____A C:UsersOwnerAppDataLocalrecently-used.xbel 2012-11-17 13:22 - 2012-11-17 13:22 - 00000000 ____D C:UsersOwner.thumbnails 2012-11-17 13:20 - 2012-11-17 13:38 - 00000000 ____D C:UsersOwner.gimp-2.8 2012-11-17 13:20 - 2012-11-17 13:20 - 00000000 ____D C:UsersOwnerAppDataLocalgegl-0.2 2012-11-17 13:18 - 2012-11-17 13:19 - 00000000 ____D C:Program FilesGIMP 2 2012-11-17 12:01 - 2012-11-17 12:01 - 01555254 ____A C:UsersOwnerDocumentsSnapshot.bmp 2012-11-17 11:20 - 2012-11-17 11:41 - 3152334848 ____A C:UsersOwnerDesktopBottoms Up.mpg 2012-11-17 10:47 - 2012-11-17 10:47 - 00054406 ____A C:UsersOwnerDesktopbottom.pds 2012-11-17 09:59 - 2012-10-03 09:56 - 01914248 ____A (Microsoft Corporation) C:WindowsSystem32Driverstcpip.sys 2012-11-17 09:59 - 2012-10-03 09:44 - 00303104 ____A (Microsoft Corporation) C:WindowsSystem32nlasvc.dll 2012-11-17 09:59 - 2012-10-03 09:44 - 00246272 ____A (Microsoft Corporation) C:WindowsSystem32netcorehc.dll 2012-11-17 09:59 - 2012-10-03 09:44 - 00216576 ____A (Microsoft Corporation) C:WindowsSystem32ncsi.dll 2012-11-17 09:59 - 2012-10-03 09:44 - 00070656 ____A (Microsoft Corporation) C:WindowsSystem32nlaapi.dll 2012-11-17 09:59 - 2012-10-03 09:44 - 00018944 ____A (Microsoft Corporation) C:WindowsSystem32netevent.dll 2012-11-17 09:59 - 2012-10-03 09:42 - 00569344 ____A (Microsoft Corporation) C:WindowsSystem32iphlpsvc.dll 2012-11-17 09:59 - 2012-10-03 08:42 - 00175104 ____A (Microsoft Corporation) C:WindowsSysWOW64netcorehc.dll 2012-11-17 09:59 - 2012-10-03 08:42 - 00156672 ____A (Microsoft Corporation) C:WindowsSysWOW64ncsi.dll 2012-11-17 09:59 - 2012-10-03 08:42 - 00018944 ____A (Microsoft Corporation) C:WindowsSysWOW64netevent.dll 2012-11-17 09:59 - 2012-10-03 08:07 - 00045568 ____A (Microsoft Corporation) C:WindowsSystem32Driverstcpipreg.sys 2012-11-17 09:59 - 2012-01-12 23:12 - 00052224 ____A (Microsoft Corporation) C:WindowsSysWOW64nlaapi.dll 2012-11-16 15:54 - 2012-11-16 16:52 - 1609062400 ____A C:UsersOwnerDocumentsbottoms up.mpg 2012-11-16 03:37 - 2012-12-12 11:32 - 00005890 ____A C:Windowssetupact.log 2012-11-16 03:37 - 2012-11-16 03:37 - 00000000 ____A C:Windowssetuperr.log 2012-11-15 18:35 - 2012-07-25 20:55 - 00785512 ____A (Microsoft Corporation) C:WindowsSystem32DriversWdf01000.sys 2012-11-15 18:35 - 2012-07-25 20:55 - 00054376 ____A (Microsoft Corporation) C:WindowsSystem32DriversWdfLdr.sys 2012-11-15 18:35 - 2012-07-25 18:36 - 00009728 ____A (Microsoft Corporation) C:WindowsSystem32Wdfres.dll 2012-11-15 18:35 - 2012-06-02 06:35 - 00000003 ____A C:WindowsSystem32DriversMsftWdf_Kernel_01011_Inbox_Critical.Wdf 2012-11-15 18:30 - 2012-10-08 04:19 - 17811968 ____A (Microsoft Corporation) C:WindowsSystem32mshtml.dll 2012-11-15 18:30 - 2012-10-08 03:42 - 10925568 ____A (Microsoft Corporation) C:WindowsSystem32ieframe.dll 2012-11-15 18:30 - 2012-10-08 03:31 - 02312704 ____A (Microsoft Corporation) C:WindowsSystem32jscript9.dll 2012-11-15 18:30 - 2012-10-08 03:24 - 01346048 ____A (Microsoft Corporation) C:WindowsSystem32urlmon.dll 2012-11-15 18:30 - 2012-10-08 03:23 - 01392128 ____A (Microsoft Corporation) C:WindowsSystem32wininet.dll 2012-11-15 18:30 - 2012-10-08 03:22 - 01494528 ____A (Microsoft Corporation) C:WindowsSystem32inetcpl.cpl 2012-11-15 18:30 - 2012-10-08 03:22 - 00237056 ____A (Microsoft Corporation) C:WindowsSystem32url.dll 2012-11-15 18:30 - 2012-10-08 03:20 - 00085504 ____A (Microsoft Corporation) C:WindowsSystem32jsproxy.dll 2012-11-15 18:30 - 2012-10-08 03:18 - 00173056 ____A (Microsoft Corporation) C:WindowsSystem32ieUnatt.exe 2012-11-15 18:30 - 2012-10-08 03:17 - 00816640 ____A (Microsoft Corporation) C:WindowsSystem32jscript.dll 2012-11-15 18:30 - 2012-10-08 03:17 - 00599040 ____A (Microsoft Corporation) C:WindowsSystem32vbscript.dll 2012-11-15 18:30 - 2012-10-08 03:15 - 02144768 ____A (Microsoft Corporation) C:WindowsSystem32iertutil.dll 2012-11-15 18:30 - 2012-10-08 03:15 - 00729088 ____A (Microsoft Corporation) C:WindowsSystem32msfeeds.dll 2012-11-15 18:30 - 2012-10-08 03:13 - 02382848 ____A (Microsoft Corporation) C:WindowsSystem32mshtml.tlb 2012-11-15 18:30 - 2012-10-08 03:13 - 00096768 ____A (Microsoft Corporation) C:WindowsSystem32mshtmled.dll 2012-11-15 18:30 - 2012-10-08 03:09 - 00248320 ____A (Microsoft Corporation) C:WindowsSystem32ieui.dll 2012-11-15 18:30 - 2012-10-08 00:28 - 12320768 ____A (Microsoft Corporation) C:WindowsSysWOW64mshtml.dll 2012-11-15 18:30 - 2012-10-08 00:02 - 09738240 ____A (Microsoft Corporation) C:WindowsSysWOW64ieframe.dll 2012-11-15 18:30 - 2012-10-07 23:56 - 01800704 ____A (Microsoft Corporation) C:WindowsSysWOW64jscript9.dll 2012-11-15 18:30 - 2012-10-07 23:48 - 01129472 ____A (Microsoft Corporation) C:WindowsSysWOW64wininet.dll 2012-11-15 18:30 - 2012-10-07 23:48 - 01103872 ____A (Microsoft Corporation) C:WindowsSysWOW64urlmon.dll 2012-11-15 18:30 - 2012-10-07 23:47 - 01427968 ____A (Microsoft Corporation) C:WindowsSysWOW64inetcpl.cpl 2012-11-15 18:30 - 2012-10-07 23:46 - 00231936 ____A (Microsoft Corporation) C:WindowsSysWOW64url.dll 2012-11-15 18:30 - 2012-10-07 23:45 - 00065024 ____A (Microsoft Corporation) C:WindowsSysWOW64jsproxy.dll 2012-11-15 18:30 - 2012-10-07 23:44 - 00142848 ____A (Microsoft Corporation) C:WindowsSysWOW64ieUnatt.exe 2012-11-15 18:30 - 2012-10-07 23:43 - 00717824 ____A (Microsoft Corporation) C:WindowsSysWOW64jscript.dll 2012-11-15 18:30 - 2012-10-07 23:43 - 00420864 ____A (Microsoft Corporation) C:WindowsSysWOW64vbscript.dll 2012-11-15 18:30 - 2012-10-07 23:42 - 00607744 ____A (Microsoft Corporation) C:WindowsSysWOW64msfeeds.dll 2012-11-15 18:30 - 2012-10-07 23:41 - 01793024 ____A (Microsoft Corporation) C:WindowsSysWOW64iertutil.dll 2012-11-15 18:30 - 2012-10-07 23:41 - 00073216 ____A (Microsoft Corporation) C:WindowsSysWOW64mshtmled.dll 2012-11-15 18:30 - 2012-10-07 23:40 - 02382848 ____A (Microsoft Corporation) C:WindowsSysWOW64mshtml.tlb 2012-11-15 18:30 - 2012-10-07 23:37 - 00176640 ____A (Microsoft Corporation) C:WindowsSysWOW64ieui.dll 2012-11-15 18:29 - 2012-07-25 19:08 - 00744448 ____A (Microsoft Corporation) C:WindowsSystem32WUDFx.dll 2012-11-15 18:29 - 2012-07-25 19:08 - 00229888 ____A (Microsoft Corporation) C:WindowsSystem32WUDFHost.exe 2012-11-15 18:29 - 2012-07-25 19:08 - 00194048 ____A (Microsoft Corporation) C:WindowsSystem32WUDFPlatform.dll 2012-11-15 18:29 - 2012-07-25 19:08 - 00084992 ____A (Microsoft Corporation) C:WindowsSystem32WUDFSvc.dll 2012-11-15 18:29 - 2012-07-25 19:08 - 00045056 ____A (Microsoft Corporation) C:WindowsSystem32WUDFCoinstaller.dll 2012-11-15 18:29 - 2012-07-25 18:26 - 00198656 ____A (Microsoft Corporation) C:WindowsSystem32DriversWUDFRd.sys 2012-11-15 18:29 - 2012-07-25 18:26 - 00087040 ____A (Microsoft Corporation) C:WindowsSystem32DriversWUDFPf.sys 2012-11-15 18:29 - 2012-06-02 06:57 - 00000003 ____A C:WindowsSystem32DriversMsftWdf_User_01_11_00_Inbox_Critical.Wdf 2012-11-15 18:15 - 2012-11-15 18:15 - 00001845 ____A C:UsersPublicDesktopQuickTime Player.lnk 2012-11-15 18:15 - 2012-11-15 18:15 - 00000000 ____D C:Program Files (x86)QuickTime 2012-11-15 06:14 - 2012-11-15 06:14 - 44687360 ____A C:WindowsSystem32configCOMPONENTS.iobit 2012-11-15 04:36 - 2012-10-18 10:25 - 03149824 ____A (Microsoft Corporation) C:WindowsSystem32win32k.sys 2012-11-15 04:36 - 2012-10-09 10:17 - 00226816 ____A (Microsoft Corporation) C:WindowsSystem32dhcpcore6.dll 2012-11-15 04:36 - 2012-10-09 10:17 - 00055296 ____A (Microsoft Corporation) C:WindowsSystem32dhcpcsvc6.dll 2012-11-15 04:36 - 2012-10-09 09:40 - 00193536 ____A (Microsoft Corporation) C:WindowsSysWOW64dhcpcore6.dll 2012-11-15 04:36 - 2012-10-09 09:40 - 00044032 ____A (Microsoft Corporation) C:WindowsSysWOW64dhcpcsvc6.dll 2012-11-15 04:31 - 2012-09-25 14:47 - 00078336 ____A (Microsoft Corporation) C:WindowsSysWOW64synceng.dll 2012-11-15 04:31 - 2012-09-25 14:46 - 00095744 ____A (Microsoft Corporation) C:WindowsSystem32synceng.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 05773824 ____A (Microsoft Corporation) C:WindowsSystem32mstscax.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 04916224 ____A (Microsoft Corporation) C:WindowsSysWOW64mstscax.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 03174912 ____A (Microsoft Corporation) C:WindowsSystem32rdpcorets.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 01123840 ____A (Microsoft Corporation) C:WindowsSystem32mstsc.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 01048064 ____A (Microsoft Corporation) C:WindowsSysWOW64mstsc.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 00384000 ____A (Microsoft Corporation) C:WindowsSystem32wksprt.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 00322560 ____A (Microsoft Corporation) C:WindowsSystem32aaclient.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00269312 ____A (Microsoft Corporation) C:WindowsSysWOW64aaclient.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00243200 ____A (Microsoft Corporation) C:WindowsSystem32rdpudd.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00228864 ____A (Microsoft Corporation) C:WindowsSystem32rdpendp_winip.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00192000 ____A (Microsoft Corporation) C:WindowsSysWOW64rdpendp_winip.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00062976 ____A (Microsoft Corporation) C:WindowsSystem32TSWbPrxy.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 00057856 ____A (Microsoft Corporation) C:WindowsSystem32DriversTsUsbFlt.sys 2012-11-14 17:51 - 2012-11-14 17:51 - 00054272 ____A (Microsoft Corporation) C:WindowsSystem32MsRdpWebAccess.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00046592 ____A (Microsoft Corporation) C:WindowsSysWOW64MsRdpWebAccess.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00044032 ____A (Microsoft Corporation) C:WindowsSystem32tsgqec.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00043520 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbGDCoInstaller.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00037376 ____A (Microsoft Corporation) C:WindowsSysWOW64tsgqec.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00019456 ____A (Microsoft Corporation) C:WindowsSystem32Driversrdpvideominiport.sys 2012-11-14 17:51 - 2012-11-14 17:51 - 00018432 ____A (Microsoft Corporation) C:WindowsSystem32wksprtPS.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00016896 ____A (Microsoft Corporation) C:WindowsSysWOW64wksprtPS.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00015360 ____A (Microsoft Corporation) C:WindowsSystem32RdpGroupPolicyExtension.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyExtension.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyControl.exe 2012-11-14 17:50 - 2012-11-14 17:50 - 01448448 ____A (Microsoft Corporation) C:WindowsSystem32lsasrv.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00458712 ____A (Microsoft Corporation) C:WindowsSystem32Driverscng.sys 2012-11-14 17:50 - 2012-11-14 17:50 - 00340992 ____A (Microsoft Corporation) C:WindowsSystem32schannel.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00307200 ____A (Microsoft Corporation) C:WindowsSystem32ncrypt.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00247808 ____A (Microsoft Corporation) C:WindowsSysWOW64schannel.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00220160 ____A (Microsoft Corporation) C:WindowsSysWOW64ncrypt.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00154480 ____A (Microsoft Corporation) C:WindowsSystem32Driversksecpkg.sys 2012-11-14 17:50 - 2012-11-14 17:50 - 00096768 ____A (Microsoft Corporation) C:WindowsSysWOW64sspicli.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00022016 ____A (Microsoft Corporation) C:WindowsSysWOW64secur32.dll 2012-11-14 17:49 - 2012-11-14 17:49 - 00514560 ____A (Microsoft Corporation) C:WindowsSysWOW64qdvd.dll 2012-11-14 17:49 - 2012-11-14 17:49 - 00366592 ____A (Microsoft Corporation) C:WindowsSystem32qdvd.dll 2012-11-14 17:45 - 2012-11-14 17:45 - 65363968 ____A C:WindowsSystem32configSOFTWARE.iobit 2012-11-14 17:45 - 2012-11-14 17:45 - 19095552 ____A C:WindowsSystem32configSYSTEM.iobit 2012-11-14 17:45 - 2012-11-14 17:45 - 00311296 ____A C:WindowsSystem32configDEFAULT.iobit 2012-11-14 17:45 - 2012-11-14 17:45 - 00061440 ____A C:WindowsSystem32configSAM.iobit 2012-11-14 17:45 - 2012-11-14 17:45 - 00028672 ____A C:WindowsSystem32configSECURITY.iobit 2012-11-14 12:32 - 2012-11-14 12:32 - 00030568 ____A (AVG Technologies) C:WindowsSystem32Driversavgtpx64.sys 2012-11-14 12:30 - 2012-12-12 11:33 - 00015712 ____A C:WindowsSystem32DriversSWDUMon.sys 2012-11-14 12:30 - 2012-12-12 11:33 - 00000410 ____A C:WindowsTasksSlimDrivers Startup.job 2012-11-14 12:30 - 2012-11-14 12:30 - 00000000 ____D C:UsersOwnerAppDataLocalSlimWare Utilities Inc 2012-11-14 12:29 - 2012-11-14 12:29 - 00002467 ____A C:UsersPublicDesktopSlimDrivers.lnk 2012-11-14 12:29 - 2012-11-14 12:29 - 00000000 ____D C:UsersPublicDocumentsDownloaded Installers 2012-11-14 08:21 - 2012-11-14 08:27 - 00000359 ____A C:UsersOwnerDesktopwisconbeer.txt 2012-11-12 13:06 - 2012-11-30 09:06 - 00000000 ____D C:UsersOwnerAppDataLocalMindDabble_4p 2012-11-12 13:06 - 2012-11-12 13:06 - 00000000 ____D C:Program Files (x86)MindDabble_4p 2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:UsersOwnerAppDataLocalAPlusGamer_63 2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:Program Files (x86)APlusGamer_63 2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersUpdatusUserDesktopBrain Train Age.lnk 2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersOwnerDesktopBrain Train Age.lnk 2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersUpdatusUserDesktopUpdate.lnk 2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersOwnerDesktopUpdate.lnk 2012-11-12 11:05 - 2012-11-12 11:05 - 00000000 ____D C:Program Files (x86)BrainTrainAge 2012-11-12 10:33 - 2012-11-12 10:34 - 74027949 ____A (The Code::Blocks Team) C:UsersOwnerDesktopcodeblocks-10.05mingw-setup.exe ==================== One Month Modified Files and Folders ======= 2012-12-12 11:34 - 2012-12-12 11:34 - 00000024 ____A C:WindowsAE0F15C41BFB83F3.log 2012-12-12 11:33 - 2012-11-14 12:30 - 00015712 ____A C:WindowsSystem32DriversSWDUMon.sys 2012-12-12 11:33 - 2012-11-14 12:30 - 00000410 ____A C:WindowsTasksSlimDrivers Startup.job 2012-12-12 11:32 - 2012-11-16 03:37 - 00005890 ____A C:Windowssetupact.log 2012-12-12 11:32 - 2009-07-13 21:08 - 00000006 ___AH C:WindowsTasksSA.DAT 2012-12-12 11:20 - 2012-12-12 11:20 - 00001994 ____A C:UsersOwnerDesktopFSS.txt 2012-12-12 11:20 - 2011-02-20 21:12 - 01934849 ____A C:WindowsWindowsUpdate.log 2012-12-12 11:12 - 2012-12-12 11:12 - 00046663 ____A C:UsersOwnerDesktopFRST.txt 2012-12-12 11:11 - 2012-11-27 09:18 - 00000000 ____D C:FRST 2012-12-12 11:05 - 2012-12-05 09:00 - 00697869 ____A (Farbar) C:UsersOwnerDesktopFSS.exe 2012-12-12 10:56 - 2012-07-30 16:28 - 00000830 ____A C:WindowsTasksAdobe Flash Player Updater.job 2012-12-12 09:57 - 2012-07-30 16:28 - 00697272 ____A (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerApp.exe 2012-12-12 09:57 - 2012-07-30 16:28 - 00073656 ____A (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerCPLApp.cpl 2012-12-12 09:52 - 2009-07-13 20:45 - 00014144 ___AH C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-12-12 09:52 - 2009-07-13 20:45 - 00014144 ___AH C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-12-12 09:44 - 2012-12-12 09:44 - 00000000 ____D C:Program Files (x86)CheckPoint 2012-12-12 09:44 - 2012-11-20 13:46 - 00000000 ____D C:UsersAll UsersCheckPoint 2012-12-12 09:44 - 2012-11-20 13:00 - 00054332 ____A C:WindowsPFRO.log 2012-12-12 09:42 - 2012-07-30 09:16 - 00000000 ____D C:UsersOwner.umplayer 2012-12-12 09:42 - 2012-07-30 07:28 - 00000000 ____D C:UsersOwnerDownloadsVideo 2012-12-12 09:40 - 2012-07-30 09:17 - 00000000 ____D C:UsersOwnerAppDataLocalMPlayer 2012-12-12 08:22 - 2009-07-13 21:13 - 00726316 ____A C:WindowsSystem32PerfStringBackup.INI 2012-12-11 18:37 - 2012-07-19 01:29 - 00076528 ____A C:UsersOwnerAppDataLocalGDIPFONTCACHEV1.DAT 2012-12-11 18:36 - 2009-07-13 20:45 - 00305008 ____A C:WindowsSystem32FNTCACHE.DAT 2012-12-11 18:33 - 2012-10-13 17:02 - 00000000 ____D C:UsersAll UsersKESI 2012-12-11 18:33 - 2009-07-13 19:20 - 00000000 ____D C:WindowsSysWOW64Speech 2012-12-11 18:32 - 2012-10-13 17:02 - 00000000 ____D C:Program Files (x86)Kurzweil Educational Systems 2012-12-11 18:31 - 2009-07-13 18:34 - 00000457 ____A C:Windowswin.ini 2012-12-11 18:21 - 2012-12-11 18:21 - 00006130 ____A C:WirelessDiagLog.csv 2012-12-11 18:18 - 2012-08-02 19:08 - 00000582 ____A C:UsersOwnerDesktopphone.txt 2012-12-11 18:15 - 2009-07-13 19:20 - 00000000 ____D C:WindowsSystem32NDF 2012-12-11 08:16 - 2012-07-30 09:43 - 00000000 ____D C:UsersOwnerAppDataLocalCrashDumps 2012-12-11 06:17 - 2012-12-11 07:47 - 01461029 ____A (Farbar) C:UsersOwnerDesktopFRST64.exe 2012-12-10 18:41 - 2012-12-10 18:40 - 00030347 ____A C:UsersOwnerDesktopResult.txt 2012-12-10 18:31 - 2012-12-10 18:31 - 00031862 ____A C:UsersOwnerDesktop12-10-12test.txt 2012-12-10 18:26 - 2012-12-10 16:11 - 00000000 ____D C:ComboFix 2012-12-10 18:26 - 2012-12-03 08:24 - 00000000 ____D C:Qoobox 2012-12-10 16:42 - 2012-12-10 16:42 - 00031862 ____A C:ComboFix.txt 2012-12-10 16:16 - 2009-07-13 18:34 - 00000215 ____A C:Windowssystem.ini 2012-12-10 16:12 - 2012-12-10 16:12 - 00001302 ____A C:CF-Submit.htm 2012-12-10 07:12 - 2012-12-10 07:12 - 00000000 ____D C:FRACTURE EXTRAS 2012-12-09 19:55 - 2012-08-03 14:43 - 00000000 ____D C:Program Files (x86)Google 2012-12-09 06:52 - 2012-12-09 06:52 - 00000000 ____D C:UsersOwnerDesktopNew Folder 2012-12-09 06:26 - 2012-12-09 06:25 - 00000000 ____D C:UsersOwnerDesktopcf 2012-12-08 12:46 - 2012-12-10 18:38 - 00752213 ____A (Farbar) C:UsersOwnerDesktopMiniToolBox.exe 2012-12-07 15:51 - 2012-12-07 15:51 - 00089974 ____A C:UsersOwnerDesktopIce Age_ Continental Drift.pds 2012-12-07 14:17 - 2012-09-23 15:34 - 00000000 ____D C:UsersOwnerDesktoptgwi 2012-12-07 14:15 - 2012-12-07 14:15 - 00089950 ____A C:UsersOwnerDocumentsicemp4.pds 2012-12-07 14:13 - 2012-12-07 13:56 - 465468200 ____A C:UsersOwnerDocumentsProduce.mp4 2012-12-07 13:56 - 2012-12-07 13:56 - 00003539 ____A C:UsersOwnerDocumentsProduce.THM 2012-12-06 10:30 - 2012-12-06 10:30 - 00000000 ____D C:UsersOwnerDesktopSTEPPENWOLF 2012-12-06 09:49 - 2012-09-01 12:04 - 00000000 ____D C:UsersOwnerAppDataRoamingIDM 2012-12-06 09:28 - 2012-07-29 03:52 - 00000000 ____D C:Program Files (x86)Mozilla Maintenance Service 2012-12-05 17:56 - 2012-07-30 07:28 - 00000000 ____D C:UsersOwnerAppDataRoamingDMCache 2012-12-05 17:06 - 2012-11-30 06:15 - 00000000 ____D C:JRT 2012-12-05 15:42 - 2012-12-05 15:46 - 01995672 ____A (Driver Whiz) C:UsersOwnerDesktopDriverwhiz_2.exe 2012-12-05 09:06 - 2012-12-05 09:06 - 00001147 ____A C:UsersPublicDesktopMozilla Firefox.lnk 2012-12-05 09:06 - 2012-07-29 03:52 - 00000000 ____D C:Program Files (x86)Mozilla Firefox 2012-12-04 11:50 - 2012-07-19 01:29 - 00000000 ____D C:UsersOwnerAppDataLocalApps2.0 2012-12-04 09:49 - 2012-12-04 09:49 - 00000324 ____A C:UsersOwnerDesktopmessup.txt 2012-12-04 05:48 - 2012-12-04 05:48 - 00001724 ____A C:AdwCleaner[s6].txt 2012-12-04 04:28 - 2009-07-13 21:08 - 00032544 ____A C:WindowsTasksSCHEDLGU.TXT 2012-12-03 09:38 - 2012-12-03 09:38 - 00032483 ____A C:UsersOwnerDesktopx.txt 2012-12-03 09:11 - 2009-07-13 19:20 - 00000000 __RHD C:usersDefault 2012-12-03 09:06 - 2012-12-03 08:23 - 00000000 ____D C:Windowserdnt 2012-12-03 08:36 - 2009-07-13 18:34 - 67108864 ____A C:WindowsSystem32configSOFTWARE.bak 2012-12-03 08:36 - 2009-07-13 18:34 - 19922944 ____A C:WindowsSystem32configSYSTEM.bak 2012-12-03 08:36 - 2009-07-13 18:34 - 00311296 ____A C:WindowsSystem32configDEFAULT.bak 2012-12-03 08:36 - 2009-07-13 18:34 - 00061440 ____A C:WindowsSystem32configSAM.bak 2012-12-03 08:36 - 2009-07-13 18:34 - 00028672 ____A C:WindowsSystem32configSECURITY.bak 2012-12-03 05:41 - 2012-12-03 05:40 - 05009299 ____R (Swearware) C:UsersOwnerDesktopComboFix.exe 2012-12-02 18:40 - 2012-12-02 18:40 - 00000490 ____A C:UsersOwnerDesktopcomp websites.txt 2012-12-02 14:45 - 2012-12-02 18:48 - 00856731 ____A C:UsersOwnerDesktopSecurityCheck.exe 2012-12-01 12:03 - 2012-11-21 11:11 - 00025658 ____A C:UsersOwnerDesktopdds.txt 2012-12-01 12:03 - 2012-11-21 11:11 - 00010123 ____A C:UsersOwnerDesktopattach.txt 2012-12-01 11:47 - 2012-12-01 11:47 - 00011384 ____A C:UsersOwnerDesktopJRT.txt 2012-12-01 11:43 - 2012-11-30 06:15 - 00000347 ____A C:UsersOwnerDownloadsaskregvalue_x64.dat 2012-11-30 20:10 - 2012-09-22 05:42 - 00001101 ____A C:UsersPublicDesktopAnyDVD.lnk 2012-11-30 13:47 - 2012-11-30 07:39 - 00001109 ____A C:UsersPublicDesktopMalwarebytes Anti-Malware.lnk 2012-11-30 13:47 - 2012-11-30 07:39 - 00000000 ____D C:Program Files (x86)Malwarebytes' Anti-Malware 2012-11-30 09:06 - 2012-11-12 13:06 - 00000000 ____D C:UsersOwnerAppDataLocalMindDabble_4p 2012-11-30 06:16 - 2012-11-30 06:16 - 00000000 ____D C:WindowsERUNT 2012-11-30 05:53 - 2012-11-30 05:50 - 00000000 ____D C:UsersOwnerDesktopmark new comp stuff 2012-11-30 04:16 - 2012-11-30 05:50 - 10669952 ____A (Malwarebytes Corporation ) C:UsersOwnerDesktopmbam-setup-1.65.1.1000.exe 2012-11-30 04:15 - 2012-11-30 05:50 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.com 2012-11-30 04:12 - 2012-11-30 05:50 - 00912454 ____A C:UsersOwnerDesktopJRT.exe 2012-11-30 04:10 - 2012-11-30 05:50 - 00448512 ___RA (OldTimer Tools) C:UsersOwnerDesktopTFC.exe 2012-11-28 08:04 - 2012-11-25 11:14 - 00000000 ____D C:UsersOwnerDesktopfor marks computer 2012-11-28 07:51 - 2012-07-29 04:08 - 00000000 ____D C:UsersOwnerAppDataRoaminguTorrent 2012-11-28 04:31 - 2012-08-03 14:42 - 00000000 ____D C:UsersAll UsersAVAST Software 2012-11-25 11:08 - 2012-11-25 11:08 - 00000732 ____A C:UsersOwnerDesktopfor marks computer - Shortcut.lnk 2012-11-25 08:06 - 2012-11-25 11:14 - 00011464 ____A C:UsersOwnerDesktophelp1.txt 2012-11-25 07:36 - 2012-11-25 11:14 - 00027239 ____A C:UsersOwnerDesktopcomp help 2012-11-25 07:22 - 2012-11-25 12:29 - 04732416 ____A (AVAST Software) C:UsersOwnerDesktopaswMBR.exe 2012-11-25 07:18 - 2012-11-25 11:14 - 00602112 ____A C:UsersOwnerDesktopOTL.exe 2012-11-24 18:05 - 2012-11-24 14:52 - 00001181 ____A C:UsersOwnerDesktopDesinstaller_HOSTS_Anti-PUPs.lnk 2012-11-24 14:56 - 2012-11-24 14:56 - 00001236 ____A C:AdwCleaner[s5].txt 2012-11-24 14:40 - 2012-11-24 14:40 - 00001157 ____A C:AdwCleaner[s4].txt 2012-11-24 07:08 - 2012-11-24 07:07 - 00001096 ____A C:AdwCleaner[s3].txt 2012-11-24 06:58 - 2012-11-23 17:49 - 00000000 ____D C:Program Files (x86)Xvid 2012-11-24 06:57 - 2012-11-24 06:57 - 00000000 ____D C:UsersOwner.bitrock 2012-11-24 06:57 - 2012-07-19 01:23 - 00000000 ____D C:usersOwner 2012-11-24 06:54 - 2012-11-24 06:54 - 00001550 ____A C:AdwCleaner[s2].txt 2012-11-23 14:53 - 2012-11-23 14:53 - 00051166 ____A C:UsersOwnerDocumentsAdwCleaner[s1]1.txt 2012-11-23 14:32 - 2012-11-23 14:31 - 00051166 ____A C:AdwCleaner[s1].txt 2012-11-23 14:27 - 2012-11-23 14:27 - 00543531 ____A C:UsersOwnerDesktopAdwCleaner.exe 2012-11-23 13:31 - 2012-08-02 19:08 - 00001779 ____A C:UsersOwnerDesktoppremier.txt 2012-11-23 06:52 - 2012-11-23 06:52 - 00009544 ____A C:UsersOwnerDesktopbridesmaids unrated.pds 2012-11-22 16:34 - 2012-07-30 07:28 - 00000000 ____D C:UsersOwnerDownloadsCompressed 2012-11-21 08:14 - 2012-09-15 05:28 - 00000000 ____D C:New folder (2) 2012-11-21 07:59 - 2012-10-15 13:09 - 00000000 ____D C:Program Files (x86)TextAloud 2012-11-21 07:57 - 2012-11-20 08:25 - 00000000 ____D C:Program Files (x86)PCPitstop 2012-11-21 07:54 - 2012-10-14 18:14 - 00000000 ____D C:Program Files (x86)IVONA 2012-11-21 07:50 - 2012-08-09 14:42 - 00000000 ____D C:UsersOwnerAppDataRoamingAnvisoft 2012-11-21 07:50 - 2012-08-09 14:42 - 00000000 ____D C:Program Files (x86)Anvisoft 2012-11-21 07:49 - 2012-08-11 10:53 - 00000000 ____D C:UsersOwnerAppDataRoamingApple Computer 2012-11-21 07:29 - 2012-11-21 07:29 - 02213976 ____A (Kaspersky Lab ZAO) C:UsersOwnerDesktoptdsskiller.exe 2012-11-21 07:26 - 2012-11-21 07:26 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.EXE 2012-11-21 06:19 - 2012-11-21 06:17 - 00000000 ____D C:Program Files (x86)MeadCo Neptune 2012-11-21 06:18 - 2012-11-21 06:18 - 00169816 ____A (Microsoft Corporation) C:UsersOwnerDownloadsMeadCo_Neptune.exe 2012-11-21 06:16 - 2012-09-02 06:28 - 00000000 ____D C:Program Files (x86)Internet Download Manager 2012-11-20 14:15 - 2012-11-20 14:15 - 00000000 ____D C:UsersOwnerAppDataRoamingCheckPoint 2012-11-20 10:34 - 2012-08-03 15:02 - 00000000 ____D C:UsersOwnerAppDataLocalSpotify 2012-11-20 10:34 - 2012-08-03 14:53 - 00000000 ____D C:UsersOwnerAppDataRoamingSpotify 2012-11-20 10:23 - 2012-11-20 10:23 - 00000000 ____D C:UsersOwnerAppDataRoamingMalwarebytes 2012-11-20 10:22 - 2012-11-20 10:22 - 00000000 ____D C:UsersAll UsersMalwarebytes 2012-11-20 08:27 - 2012-11-20 08:27 - 00000000 ____D C:UsersAll UsersPCPitstop 2012-11-20 03:53 - 2012-11-20 03:53 - 00000000 ____D C:UsersOwnerAppDataRoamingConverterLite 2012-11-20 03:53 - 2012-10-21 17:31 - 00001947 ____A C:UsersPublicDesktopConverterLite.lnk 2012-11-20 03:36 - 2012-11-20 03:36 - 00000000 ____D C:UsersOwnerDocumentsMy Video 2012-11-19 19:27 - 2012-11-19 19:27 - 00010486 ____A C:UsersOwnerDesktopkill bill.pds 2012-11-19 17:03 - 2012-11-19 17:03 - 00000000 ____D C:UsersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012) 2012-11-19 16:15 - 2012-07-30 10:38 - 00014336 __ASH C:UsersOwnerThumbs.db 2012-11-19 12:16 - 2012-11-19 12:16 - 00181636 ____A C:UsersOwnerDesktopdisk music.pds 2012-11-19 11:25 - 2012-11-19 11:25 - 00001019 ____A C:UsersUpdatusUserDesktopARWizard3.lnk 2012-11-19 08:58 - 2012-08-02 19:07 - 00002902 ____A C:UsersOwnerDesktopkt work 608-264-9826 Your IP 71.90.87.244.odt 2012-11-18 14:50 - 2011-02-20 21:42 - 00000000 ____D C:UsersAll UsersAdobe 2012-11-18 09:55 - 2009-07-13 19:20 - 00000000 ____D C:Windowsrescache 2012-11-17 18:29 - 2012-11-17 18:29 - 00157793 ____A C:UsersOwnerDesktopbeer.pds 2012-11-17 13:38 - 2012-11-17 13:20 - 00000000 ____D C:UsersOwner.gimp-2.8 2012-11-17 13:28 - 2012-08-07 13:33 - 00000000 ____D C:UsersOwnerAppDataRoamingCyberLink 2012-11-17 13:25 - 2012-11-17 13:25 - 00001374 ____A C:UsersOwnerAppDataLocalrecently-used.xbel 2012-11-17 13:22 - 2012-11-17 13:22 - 00000000 ____D C:UsersOwner.thumbnails 2012-11-17 13:20 - 2012-11-17 13:20 - 00000000 ____D C:UsersOwnerAppDataLocalgegl-0.2 2012-11-17 13:19 - 2012-11-17 13:18 - 00000000 ____D C:Program FilesGIMP 2 2012-11-17 12:01 - 2012-11-17 12:01 - 01555254 ____A C:UsersOwnerDocumentsSnapshot.bmp 2012-11-17 11:41 - 2012-11-17 11:20 - 3152334848 ____A C:UsersOwnerDesktopBottoms Up.mpg 2012-11-17 10:47 - 2012-11-17 10:47 - 00054406 ____A C:UsersOwnerDesktopbottom.pds 2012-11-16 16:52 - 2012-11-16 15:54 - 1609062400 ____A C:UsersOwnerDocumentsbottoms up.mpg 2012-11-16 15:50 - 2012-08-07 13:35 - 00000000 ____D C:UsersOwnerDocumentsYoucam 2012-11-16 03:37 - 2012-11-16 03:37 - 00000000 ____A C:Windowssetuperr.log 2012-11-15 18:38 - 2009-07-13 19:20 - 00000000 ____D C:WindowsPolicyDefinitions 2012-11-15 18:15 - 2012-11-15 18:15 - 00001845 ____A C:UsersPublicDesktopQuickTime Player.lnk 2012-11-15 18:15 - 2012-11-15 18:15 - 00000000 ____D C:Program Files (x86)QuickTime 2012-11-15 18:15 - 2012-08-07 15:26 - 00000000 ____D C:UsersAll UsersApple Computer 2012-11-15 06:14 - 2012-11-15 06:14 - 44687360 ____A C:WindowsSystem32configCOMPONENTS.iobit 2012-11-15 04:25 - 2012-07-25 04:45 - 66395536 ____A (Microsoft Corporation) C:WindowsSystem32MRT.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 05773824 ____A (Microsoft Corporation) C:WindowsSystem32mstscax.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 04916224 ____A (Microsoft Corporation) C:WindowsSysWOW64mstscax.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 03174912 ____A (Microsoft Corporation) C:WindowsSystem32rdpcorets.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 01123840 ____A (Microsoft Corporation) C:WindowsSystem32mstsc.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 01048064 ____A (Microsoft Corporation) C:WindowsSysWOW64mstsc.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 00384000 ____A (Microsoft Corporation) C:WindowsSystem32wksprt.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 00322560 ____A (Microsoft Corporation) C:WindowsSystem32aaclient.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00269312 ____A (Microsoft Corporation) C:WindowsSysWOW64aaclient.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00243200 ____A (Microsoft Corporation) C:WindowsSystem32rdpudd.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00228864 ____A (Microsoft Corporation) C:WindowsSystem32rdpendp_winip.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00192000 ____A (Microsoft Corporation) C:WindowsSysWOW64rdpendp_winip.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00062976 ____A (Microsoft Corporation) C:WindowsSystem32TSWbPrxy.exe 2012-11-14 17:51 - 2012-11-14 17:51 - 00057856 ____A (Microsoft Corporation) C:WindowsSystem32DriversTsUsbFlt.sys 2012-11-14 17:51 - 2012-11-14 17:51 - 00054272 ____A (Microsoft Corporation) C:WindowsSystem32MsRdpWebAccess.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00046592 ____A (Microsoft Corporation) C:WindowsSysWOW64MsRdpWebAccess.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00044032 ____A (Microsoft Corporation) C:WindowsSystem32tsgqec.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00043520 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbGDCoInstaller.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00037376 ____A (Microsoft Corporation) C:WindowsSysWOW64tsgqec.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00019456 ____A (Microsoft Corporation) C:WindowsSystem32Driversrdpvideominiport.sys 2012-11-14 17:51 - 2012-11-14 17:51 - 00018432 ____A (Microsoft Corporation) C:WindowsSystem32wksprtPS.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00016896 ____A (Microsoft Corporation) C:WindowsSysWOW64wksprtPS.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00015360 ____A (Microsoft Corporation) C:WindowsSystem32RdpGroupPolicyExtension.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyExtension.dll 2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyControl.exe 2012-11-14 17:50 - 2012-11-14 17:50 - 01448448 ____A (Microsoft Corporation) C:WindowsSystem32lsasrv.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00458712 ____A (Microsoft Corporation) C:WindowsSystem32Driverscng.sys 2012-11-14 17:50 - 2012-11-14 17:50 - 00340992 ____A (Microsoft Corporation) C:WindowsSystem32schannel.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00307200 ____A (Microsoft Corporation) C:WindowsSystem32ncrypt.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00247808 ____A (Microsoft Corporation) C:WindowsSysWOW64schannel.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00220160 ____A (Microsoft Corporation) C:WindowsSysWOW64ncrypt.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00154480 ____A (Microsoft Corporation) C:WindowsSystem32Driversksecpkg.sys 2012-11-14 17:50 - 2012-11-14 17:50 - 00096768 ____A (Microsoft Corporation) C:WindowsSysWOW64sspicli.dll 2012-11-14 17:50 - 2012-11-14 17:50 - 00022016 ____A (Microsoft Corporation) C:WindowsSysWOW64secur32.dll 2012-11-14 17:49 - 2012-11-14 17:49 - 00514560 ____A (Microsoft Corporation) C:WindowsSysWOW64qdvd.dll 2012-11-14 17:49 - 2012-11-14 17:49 - 00366592 ____A (Microsoft Corporation) C:WindowsSystem32qdvd.dll 2012-11-14 17:45 - 2012-11-14 17:45 - 65363968 ____A C:WindowsSystem32configSOFTWARE.iobit 2012-11-14 17:45 - 2012-11-14 17:45 - 19095552 ____A C:WindowsSystem32configSYSTEM.iobit 2012-11-14 17:45 - 2012-11-14 17:45 - 00311296 ____A C:WindowsSystem32configDEFAULT.iobit 2012-11-14 17:45 - 2012-11-14 17:45 - 00061440 ____A C:WindowsSystem32configSAM.iobit 2012-11-14 17:45 - 2012-11-14 17:45 - 00028672 ____A C:WindowsSystem32configSECURITY.iobit 2012-11-14 12:32 - 2012-11-14 12:32 - 00030568 ____A (AVG Technologies) C:WindowsSystem32Driversavgtpx64.sys 2012-11-14 12:30 - 2012-11-14 12:30 - 00000000 ____D C:UsersOwnerAppDataLocalSlimWare Utilities Inc 2012-11-14 12:29 - 2012-11-14 12:29 - 00002467 ____A C:UsersPublicDesktopSlimDrivers.lnk 2012-11-14 12:29 - 2012-11-14 12:29 - 00000000 ____D C:UsersPublicDocumentsDownloaded Installers 2012-11-14 08:27 - 2012-11-14 08:21 - 00000359 ____A C:UsersOwnerDesktopwisconbeer.txt 2012-11-12 13:06 - 2012-11-12 13:06 - 00000000 ____D C:Program Files (x86)MindDabble_4p 2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:UsersOwnerAppDataLocalAPlusGamer_63 2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:Program Files (x86)APlusGamer_63 2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersUpdatusUserDesktopBrain Train Age.lnk 2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersOwnerDesktopBrain Train Age.lnk 2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersUpdatusUserDesktopUpdate.lnk 2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersOwnerDesktopUpdate.lnk 2012-11-12 11:05 - 2012-11-12 11:05 - 00000000 ____D C:Program Files (x86)BrainTrainAge 2012-11-12 10:34 - 2012-11-12 10:33 - 74027949 ____A (The Code::Blocks Team) C:UsersOwnerDesktopcodeblocks-10.05mingw-setup.exe ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:WindowsSystem32winlogon.exe => MD5 is legit C:WindowsSystem32wininit.exe => MD5 is legit C:WindowsSysWOW64wininit.exe => MD5 is legit C:Windowsexplorer.exe => MD5 is legit C:WindowsSysWOW64explorer.exe => MD5 is legit C:WindowsSystem32svchost.exe => MD5 is legit C:WindowsSysWOW64svchost.exe => MD5 is legit C:WindowsSystem32services.exe => MD5 is legit C:WindowsSystem32User32.dll => MD5 is legit C:WindowsSysWOW64User32.dll => MD5 is legit C:WindowsSystem32userinit.exe => MD5 is legit C:WindowsSysWOW64userinit.exe => MD5 is legit C:WindowsSystem32Driversvolsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM....exe: exefile => OK HKLM...exefileDefaultIcon: %1 => OK HKLM...exefileopencommand: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2012-11-30 06:57:43 Restore point made on: 2012-12-02 17:44:40 Restore point made on: 2012-12-10 06:33:52 Restore point made on: 2012-12-11 18:26:21 Restore point made on: 2012-12-11 18:26:42 ==================== Memory info =========================== Percentage of memory in use: 11% Total physical RAM: 6055.2 MB Available physical RAM: 5337.86 MB Total Pagefile: 6053.34 MB Available Pagefile: 5324.4 MB Total Virtual: 8192 MB Available Virtual: 8191.91 MB ==================== Partitions ============================= 1 Drive c: () (Fixed) (Total:586.07 GB) (Free:70.35 GB) NTFS 3 Drive f: (USB20FD) (Removable) (Total:7.59 GB) (Free:7.5 GB) FAT32 4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS 5 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 596 GB 0 B Disk 1 Online 7788 MB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 100 MB 1024 KB Partition 2 Primary 586 GB 101 MB Partition 3 OEM 9 GB 586 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C NTFS Partition 586 GB Healthy ========================================================= Disk: 0 Partition 3 Type : 12 Hidden: Yes Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 RECOVERY NTFS Partition 9 GB Healthy Hidden ========================================================= Partitions of Disk 1: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 7782 MB 5820 KB ================================================================================== Disk: 1 Partition 1 Type : 0C Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 F USB20FD FAT32 Removable 7782 MB Healthy ========================================================= Last Boot: 2012-12-05 03:49 ==================== End Of Log ============================= Link to comment Share on other sites More sharing options...
JonTom Posted December 13, 2012 Share Posted December 13, 2012 Hello goofy1139 After uninstalling ZoneAlarm I was able to get online! Thank You so much! Thats good news (A big thank you is also due to farbar and Jacee for their assistance - you guys rock). Lets continue with the following: CKScanner Download CKScanner by askey127 from here and save it to your Desktop. Right click CKScanner.exe and select "Run as Administrator", then click on Search For Files. When the cursor hourglass disappears, click Save List To File. A message box will verify the file saved. Double click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply. Link to comment Share on other sites More sharing options...
goofy1139 Posted December 14, 2012 Author Share Posted December 14, 2012 Hello JonTom Here is the next log, CKScanner 2.1 - Additional Security Risks - These are not necessarily bad c:new folder (2)desktopaudio record wizard 3.99 inc crack - mast3r-.rar c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe c:new folder (2)desktop itemsdesktopaudio record wizard 3.99 inc crack - mast3r-.rar c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgavsaudioeditor.exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgf4cg.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgread me.txt c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgsetup.exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]chattchitto rg.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]chattchitto rg.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]copyto v5.1.0.2 + crack [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]chattchitto rg.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]chattchitto rg.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]digitalrescue.exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]chattchitto rg.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]chattchitto rg.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]dvdfab platinum v8.1.6.8 + crack [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]chattchitto rg.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]chattchitto rg.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]dvdfab platinum v8.1.7.3 + crack [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackinstall how to.txt c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackreadme.txt c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackulead videostudio plus 11.5 + keygen & dolby digital powerpack.uif c:new folder (2)geek squad backup 07.09.2012backup continuedadobeadobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-arw3 setup.exe c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-crack instructions.txt c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-lucid.nfo c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-crackarwizard3.exe c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ].rar c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]avsinstallpack.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]instructions.txt c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsaudioeditoravsaudioeditor.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsaudiorecorderavsaudiorecorder.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsdisccreatoravsdisccreator.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsdocumentconverteravsdocumentconverter.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsdvdcopyavsdvdcopy.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsimageconverteravsexplorerextension.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsimageconverteravsimageconverter.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsphotoeditoravsphotoeditor.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsregistrycleaneravsregistrycleaner.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsringtonemakeravsringtonemaker.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsscreencaptureavsscreencapture.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsvideoconverteravsvideoconverter.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsvideoeditoravsvideoeditor.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsvideorecorderavsvideorecorder.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsvideoremakeravsvideoremaker.exe c:new folder (2)geek squad backup 07.09.2012downloadsclonedvd 4crackconfigure.dll c:new folder (2)geek squad backup 07.09.2012downloadsclonedvd 4crackoptionalmainapp.dll c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvpowerdvd 10 ultra 3d build 1516.51 - cracked.exe c:new folder (2)geek squad backup 07.09.2012downloadsinternet.download.manager.v6.07.final.build.12.incl.keygen.and.patch-sndsndidman607.exe c:new folder (2)geek squad backup 07.09.2012downloadslanguagesrosetta stone v3.3.5 for windowsrosetta stone v3.3.5 for windowscrackrosettastoneversion3.exe c:new folder (2)geek squad backup 07.09.2012downloadsprogramsaudio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]description and installation instructions.txt c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]globalerrors.log c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]idman.exe c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]idman611.exe c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]crackidman.exe c:program filesgimp 2sharegimp2.0patternscracked.pat c:program files (x86)kurzweil educational systemskurzweil 3000crack.exe c:usersowneraudio record wizard 3.99 inc crack - mast3r-.rar c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-theta!!mreader.exe c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaangrybirdsrioinstaller_1.4.0.exe c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaread me.txt c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetatheta.nfo c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetapatchpatch.exe c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetapatchreadme.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-theta!!mreader.exe c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaangrybirdsseasonsinstaller_2.4.1.exe c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatheta.nfo c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from 1337x.org.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from ahashare.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from btarena.org.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from demonoid.me.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from extratorrent.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from h33t.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from isohunt.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from kat.ph.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from rarbg.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from thepiratebay.se.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetapatchpatch.exe c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetapatchreadme.txt c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaangrybirdsspaceinstaller_1.3.0.exe c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetatheta.nfo c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetatorrent downloaded from extratorrent.com.txt c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetapatchpatch.exe c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetapatchreadme.txt c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordaudio record wizard 3.99 inc crack - mast3r-arw3 setup.exe c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordaudio record wizard 3.99 inc crack - mast3r-crack instructions.txt c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordaudio record wizard 3.99 inc crack - mast3r-lucid.nfo c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordaudio record wizard 3.99 inc crack - mast3r-crackarwizard3.exe c:usersownerbad.piggies.v1.0.0.cracked-thetabadpiggiesinstaller_1.0.0.exe c:usersownerbad.piggies.v1.0.0.cracked-thetatheta.nfo c:usersownerbad.piggies.v1.0.0.cracked-thetatorrent downloaded from extratorrent.com.txt c:usersownerbad.piggies.v1.0.0.cracked-thetapatchpatch.exe c:usersownerdownloadsprogramsadobe master collection cs6 - crack only (fast & easy)_secure.exe c:usersownerdownloadsprogramsanydvd & anydvd hd v7.0.5.0 final + crack [chattchitto rg].exe c:usersownerdownloadsvideoyahoo! video detail for harry caray on crackerjacks.flv c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]chattchitto rg.nfo c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]chattchitto rg.url c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]dvdfab platinum v8.2.1.3 + crack [chattchitto rg].exe c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]chattchitto rg.nfo c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]chattchitto rg.url c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]dvdfab platinum v8.2.1.5 + crack [chattchitto rg].exe scanner sequence 3.ZZ.11.BEAPXR ----- EOF ----- Link to comment Share on other sites More sharing options...
JonTom Posted December 15, 2012 Share Posted December 15, 2012 Hello goofy1139 I don't think ive ever seen so many cracked and keygened files on a machine before. Not only are cracked files loaded with malware, they are also completely illegal. This forum does not condone or support the use of cracked/keygened material. If you wish to receive continued support at this forum you must remove this material immediately. Please work through the following steps Hold down the Windows key (has the Windows symbol on it) and press the "R" key. A Run box will open. Type in Notepad and press Enter then click on "OK"). NOTE: Do not Use Wordpad or any other text editor except Notepad or the script will fail. Copy and Paste the text in the quotebox below into the open Notepad window: File:: c:\new folder (2)\desktop\audio record wizard 3.99 inc crack - mast3r-.rar c:\new folder (2)\desktop items\desktop\audio record wizard 3.99 inc crack - mast3r-.rar c:\new folder (2)\geek squad backup 07.09.2012\backup continued\adobe\adobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html c:\new folder (2)\geek squad backup 07.09.2012\downloads\programs\audio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe c:\program files (x86)\kurzweil educational systems\kurzweil 3000\crack.exe c:\users\owner\audio record wizard 3.99 inc crack - mast3r-.rar c:\users\owner\downloads\programs\adobe master collection cs6 - crack only (fast & easy)_secure.exe c:\users\owner\downloads\programs\anydvd & anydvd hd v7.0.5.0 final + crack [chattchitto rg].exe Folder:: c:\new folder (2)\desktop\copy to dvd\anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg] c:\new folder (2)\desktop\copy to dvd\clonedvd v2.9.2.8 + keygen [chattchitto rg] c:\new folder (2)\desktop items\desktop\copy to dvd\anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg] c:\new folder (2)\desktop items\desktop\copy to dvd\clonedvd v2.9.2.8 + keygen [chattchitto rg] c:\new folder (2)\geek squad backup 07.09.2012\backup continued\2\mov2\anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg] c:\new folder (2)\geek squad backup 07.09.2012\backup continued\2\mov2\avs.audio.editor.v7.1.3.444.cracked-f4cg c:\new folder (2)\geek squad backup 07.09.2012\backup continued\2\mov2\clonedvd v2.9.2.8 + keygen [chattchitto rg] c:\new folder (2)\geek squad backup 07.09.2012\backup continued\2\mov2\copyto v5.1.0.2 + crack [chattchitto rg] c:\new folder (2)\geek squad backup 07.09.2012\backup continued\2\mov2\digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg] c:\new folder (2)\geek squad backup 07.09.2012\backup continued\2\mov2\dvdfab platinum v8.1.6.8 + crack [chattchitto rg] c:\new folder (2)\geek squad backup 07.09.2012\backup continued\2\mov2\dvdfab platinum v8.1.7.3 + crack [chattchitto rg] c:\new folder (2)\geek squad backup 07.09.2012\backup continued\2\mov2\ulead videostudio plus 11.5 + keygen & dolby digital powerpack c:\new folder (2)\geek squad backup 07.09.2012\backup continued\audio record wizard 3.99 inc crack - mast3r- c:\new folder (2)\geek squad backup 07.09.2012\backup continued\desktop\copy to dvd\anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg] c:\new folder (2)\geek squad backup 07.09.2012\backup continued\desktop\copy to dvd\clonedvd v2.9.2.8 + keygen [chattchitto rg] c:\new folder (2)\geek squad backup 07.09.2012\downloads\avs all-in-one install package v1.3.1+crack [ kk ] c:\new folder (2)\geek squad backup 07.09.2012\downloads\clonedvd 4\crack c:\new folder (2)\geek squad backup 07.09.2012\downloads\cyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsv c:\new folder (2)\geek squad backup 07.09.2012\downloads\internet.download.manager.v6.07.final.build.12.incl.keygen.and.patch-snd c:\new folder (2)\geek squad backup 07.09.2012\downloads\languages\rosetta stone v3.3.5 for windows\rosetta stone v3.3.5 for windows\crack c:\new folder (2)\internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76] c:\users\owner\angry.birds.rio.v1.4.0.cracked.read.nfo-theta c:\users\owner\angry.birds.seasons.v2.4.1.cracked.read.nfo-theta c:\users\owner\angry.birds.space.v1.3.0.cracked.read.nfo-theta c:\users\owner\audio record wizard 3.99 inc crack - mast3r- c:\users\owner\bad.piggies.v1.0.0.cracked-theta c:\users\owner\downloads\video\tts\dvdfab platinum v8.2.1.3 + crack [chattchitto rg] c:\users\owner\downloads\video\tts\dvdfab platinum v8.2.1.5 + crack [chattchitto rg] Save this as "CFScript.txt" (including the quotation marks), change the "Save as type" to "All Files" and save it to your desktop. Close any open browsers. Disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Refering to the picture below, drag CFScript.txt into ComboFix.exe When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply. Once the log is produced, re-engage your resident anti virus. Post the Combofix log and a new CKScanner log in your next reply. Link to comment Share on other sites More sharing options...
goofy1139 Posted December 17, 2012 Author Share Posted December 17, 2012 Hello JonTom I will do this today or tonight. Link to comment Share on other sites More sharing options...
JonTom Posted December 17, 2012 Share Posted December 17, 2012 Link to comment Share on other sites More sharing options...
goofy1139 Posted December 18, 2012 Author Share Posted December 18, 2012 Hello JonTom, I ran the combofix and CKScanner and now nothing works. I get this message 'illegal operation attempted on a registry key that been marked for deletion' i couldn't even open notepad i had to tranfer to a flashdrive and open it on another computer to post here are the logs ComboFix 12-12-02.01 - Owner 12/18/2012 12:31:05.3.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6055.4279 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe Command switches used :: c:usersOwnerDesktopCFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:new folder (2)desktop itemsdesktopaudio record wizard 3.99 inc crack - mast3r-.rar" "c:new folder (2)desktopaudio record wizard 3.99 inc crack - mast3r-.rar" "c:new folder (2)geek squad backup 07.09.2012backup continuedadobeadobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html" "c:new folder (2)geek squad backup 07.09.2012downloadsprogramsaudio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe" "c:program files (x86)kurzweil educational systemskurzweil 3000crack.exe" "c:usersowneraudio record wizard 3.99 inc crack - mast3r-.rar" "c:usersownerdownloadsprogramsadobe master collection cs6 - crack only (fast & easy)_secure.exe" "c:usersownerdownloadsprogramsanydvd & anydvd hd v7.0.5.0 final + crack [chattchitto rg].exe" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg] c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]AnyDVD & AnyDVD HD v6.9.1.0 FINAL + Crack [ChattChitto RG].exe c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.nfo c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.url c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg] c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.nfo c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.url c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]CloneDVD v2.9.2.8 + KeyGen [ChattChitto RG].exe c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg] c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]AnyDVD & AnyDVD HD v6.9.1.0 FINAL + Crack [ChattChitto RG].exe c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.nfo c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.url c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg] c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.nfo c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.url c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]CloneDVD v2.9.2.8 + KeyGen [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg] c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]AnyDVD & AnyDVD HD v6.9.1.0 FINAL + Crack [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cg c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgAVSAudioEditor.exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgf4cg.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgRead Me.txt c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgsetup.exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg] c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]CloneDVD v2.9.2.8 + KeyGen [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg] c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]ChattChitto RG.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]ChattChitto RG.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]CopyTo v5.1.0.2 + Crack [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg] c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]ChattChitto RG.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]ChattChitto RG.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]Digital Rescue 4 Premium v4.0.0.2E + Crack [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]DigitalRescue.exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg] c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]ChattChitto RG.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]ChattChitto RG.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]DVDFab Platinum v8.1.6.8 + Crack [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg] c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]ChattChitto RG.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]ChattChitto RG.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]DVDFab Platinum v8.1.7.3 + Crack [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpack c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackInstall How to.txt c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackReadme.txt c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackUlead VideoStudio Plus 11.5 + Keygen & Dolby Digital PowerPack.UIF c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r- c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-arw3 Setup.exe c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-Crack Instructions.txt c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-CrackARWizard3.exe c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-lucid.nfo c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg] c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]AnyDVD & AnyDVD HD v6.9.1.0 FINAL + Crack [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.nfo c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.url c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg] c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.nfo c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.url c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]CloneDVD v2.9.2.8 + KeyGen [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ] c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ].rar c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]AVSInstallPack.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSAudioEditorAVSAudioEditor.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSAudioRecorderAVSAudioRecorder.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSDiscCreatorAVSDiscCreator.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSDocumentConverterAVSDocumentConverter.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSDVDCopyAVSDVDCopy.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSImageConverterAVSExplorerExtension.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSImageConverterAVSImageConverter.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSPhotoEditorAVSPhotoEditor.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSRegistryCleanerAVSRegistryCleaner.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSRingtoneMakerAVSRingtoneMaker.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSScreenCaptureAVSScreenCapture.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSVideoConverterAVSVideoConverter.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSVideoEditorAVSVideoEditor.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSVideoRecorderAVSVideoRecorder.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSVideoReMakerAVSVideoReMaker.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]Instructions.txt c:new folder (2)geek squad backup 07.09.2012downloadsclonedvd 4crack c:new folder (2)geek squad backup 07.09.2012downloadsclonedvd 4crackConfigure.dll c:new folder (2)geek squad backup 07.09.2012downloadsclonedvd 4crackOptionalMainApp.dll c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsv c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvPowerDVD 10 Ultra 3D Build 1516.51 - Cracked.exe c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVHow to install.txt c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVRead Me - TSV.txt c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareAdvanced SystemCare Pro - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareDVDFab Platinum v8.0.7.3 - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareMicrosoft Office 2010 Professional Plus - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareRead Me - TSV.txt c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareSony Vegas Movie Studio HD Platinum - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareWindows 7 Ultimate - 32 Bit (Auto Activation) - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTorrent downloaded from Demonoid.me.txt c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Productions - Read Me..docx c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Software TorrentsAdvanced SystemCare Pro - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Software TorrentsMicrosoft Office 2010 Professional Plus - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Software TorrentsRead Me - TSV.txt c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Software TorrentsSony Vegas Movie Studio HD Platinum - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Software TorrentsWindows 7 Ultimate - 32 Bit (Auto Activation) - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadsinternet.download.manager.v6.07.final.build.12.incl.keygen.and.patch-snd c:new folder (2)geek squad backup 07.09.2012downloadsinternet.download.manager.v6.07.final.build.12.incl.keygen.and.patch-sndSNDidman607.exe c:new folder (2)geek squad backup 07.09.2012downloadslanguagesrosetta stone v3.3.5 for windowsrosetta stone v3.3.5 for windowscrack c:new folder (2)geek squad backup 07.09.2012downloadslanguagesrosetta stone v3.3.5 for windowsrosetta stone v3.3.5 for windowscrackRosettaStoneVersion3.exe c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76] c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]CrackIDMan.exe c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]Description and Installation Instructions.txt c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]GlobalErrors.log c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]IDMan.exe c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]idman611.exe c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-theta c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-theta!!Mreader.exe c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaAngryBirdsRioInstaller_1.4.0.exe c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaPatchPatch.exe c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaPatchReadme.txt c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaRead Me.txt c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaTHETA.nfo c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-theta c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-theta!!Mreader.exe c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaAngryBirdsSeasonsInstaller_2.4.1.exe c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaPatchPatch.exe c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaPatchReadme.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTHETA.nfo c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from 1337x.org.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from Ahashare.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from Btarena.org.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from Demonoid.me.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from ExtraTorrent.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from H33t.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from IsoHunt.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from Kat.ph.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from Rarbg.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from ThePirateBay.se.txt c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-theta c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaAngryBirdsSpaceInstaller_1.3.0.exe c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaPatchPatch.exe c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaPatchReadme.txt c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaTHETA.nfo c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaTorrent Downloaded From ExtraTorrent.com.txt c:usersowneraudio record wizard 3.99 inc crack - mast3r- c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordAudio Record Wizard 3.99 Inc Crack - Mast3r-arw3 Setup.exe c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordAudio Record Wizard 3.99 Inc Crack - Mast3r-Crack Instructions.txt c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordAudio Record Wizard 3.99 Inc Crack - Mast3r-CrackARWizard3.exe c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordAudio Record Wizard 3.99 Inc Crack - Mast3r-lucid.nfo c:usersownerbad.piggies.v1.0.0.cracked-theta c:usersownerbad.piggies.v1.0.0.cracked-thetaBadPiggiesInstaller_1.0.0.exe c:usersownerbad.piggies.v1.0.0.cracked-thetaPatchPatch.exe c:usersownerbad.piggies.v1.0.0.cracked-thetaTHETA.nfo c:usersownerbad.piggies.v1.0.0.cracked-thetaTorrent Downloaded From ExtraTorrent.com.txt c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg] c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]ChattChitto RG.nfo c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]ChattChitto RG.url c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]DVDFab Platinum v8.2.1.3 + Crack [ChattChitto RG].exe c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg] c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]ChattChitto RG.nfo c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]ChattChitto RG.url c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]DVDFab Platinum v8.2.1.5 + Crack [ChattChitto RG].exe c:windowsSysWow64Packet.dll c:windowsSysWow64wpcap.dll . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------Legacy_NPF -------Service_NPF . . ((((((((((((((((((((((((( Files Created from 2012-11-18 to 2012-12-18 ))))))))))))))))))))))))))))))) . . 2012-12-18 18:43 . 2012-12-18 18:43 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp 2012-12-18 18:43 . 2012-12-18 18:43 -------- d-----w- c:usersDefaultAppDataLocaltemp 2012-12-18 13:42 . 2012-11-08 17:24 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{E0C11D25-2DC5-4B71-8976-A4767590840B}mpengine.dll 2012-12-16 22:46 . 2012-10-30 23:51 370288 ----a-w- c:windowssystem32driversaswSP.sys 2012-12-16 22:46 . 2012-10-30 23:51 25232 ----a-w- c:windowssystem32driversaswFsBlk.sys 2012-12-16 22:46 . 2012-10-15 16:59 54072 ----a-w- c:windowssystem32driversaswRdr2.sys 2012-12-16 22:46 . 2012-10-30 23:51 59728 ----a-w- c:windowssystem32driversaswTdi.sys 2012-12-16 22:46 . 2012-10-30 23:51 984144 ----a-w- c:windowssystem32driversaswSnx.sys 2012-12-16 22:46 . 2012-10-30 23:51 71600 ----a-w- c:windowssystem32driversaswMonFlt.sys 2012-12-16 22:46 . 2012-10-30 23:51 41224 ----a-w- c:windowsavastSS.scr 2012-12-16 22:45 . 2012-10-30 23:50 227648 ----a-w- c:windowsSysWow64aswBoot.exe 2012-12-16 22:06 . 2012-12-16 22:07 -------- d-----w- c:usersOwnerAppDataLocalNETGEARGenie 2012-12-16 22:06 . 2012-12-16 22:06 369168 ----a-w- c:windowssystem32wpcap.dll 2012-12-16 22:06 . 2012-12-16 22:06 35344 ----a-w- c:windowssystem32driversnpf.sys 2012-12-16 22:06 . 2012-12-16 22:06 106000 ----a-w- c:windowssystem32packet.dll 2012-12-16 22:06 . 2012-12-16 22:06 -------- d-----w- c:program files (x86)NETGEAR Genie 2012-12-14 20:48 . 2012-12-14 20:48 -------- d-----w- c:program files (x86)uTorrent 2012-12-14 13:06 . 2012-11-14 07:06 17811968 ----a-w- c:windowssystem32mshtml.dll 2012-12-14 13:06 . 2012-11-14 06:32 10925568 ----a-w- c:windowssystem32ieframe.dll 2012-12-13 11:57 . 2012-11-02 05:59 478208 ----a-w- c:windowssystem32dpnet.dll 2012-12-13 11:57 . 2012-11-02 05:11 376832 ----a-w- c:windowsSysWow64dpnet.dll 2012-12-12 21:34 . 2012-12-13 00:47 -------- d-----w- c:usersOwnerAppDataRoamingatunes 2012-12-12 21:33 . 2012-12-12 21:33 -------- d-----w- c:program files (x86)aTunes 2012-12-12 17:44 . 2012-12-12 17:44 -------- d-----w- c:program files (x86)CheckPoint 2012-12-10 15:12 . 2012-12-10 15:12 -------- d-----w- C:FRACTURE EXTRAS 2012-12-05 17:06 . 2012-11-29 08:27 96224 ----a-w- c:program files (x86)Mozilla Firefoxwebapprt-stub.exe 2012-12-05 17:06 . 2012-11-29 08:27 270816 ----a-w- c:program files (x86)Mozilla Firefoxupdater.exe 2012-12-05 17:06 . 2012-11-29 08:27 157272 ----a-w- c:program files (x86)Mozilla Firefoxwebapp-uninstaller.exe 2012-12-05 17:06 . 2012-11-29 08:27 73696 ----a-w- c:program files (x86)Mozilla Firefoxbreakpadinjector.dll 2012-11-30 15:39 . 2012-11-30 21:47 -------- d-----w- c:program files (x86)Malwarebytes' Anti-Malware 2012-11-30 15:39 . 2012-09-30 01:54 25928 ----a-w- c:windowssystem32driversmbam.sys 2012-11-30 14:16 . 2012-11-30 14:16 -------- d-----w- c:windowsERUNT 2012-11-30 14:15 . 2012-12-06 01:06 -------- d-----w- C:JRT 2012-11-27 17:18 . 2012-12-12 19:11 -------- d-----w- C:FRST 2012-11-25 02:04 . 2012-12-05 19:46 -------- d-----w- c:usersOwnerAppDataLocalElevatedDiagnostics 2012-11-24 14:58 . 2011-05-30 13:42 240640 ----a-w- c:windowsSysWow64xvidvfw.dll 2012-11-24 14:58 . 2011-05-30 13:42 255488 ----a-w- c:windowssystem32xvidvfw.dll 2012-11-24 14:58 . 2011-05-23 09:52 153088 ----a-w- c:windowsSysWow64xvid.ax 2012-11-24 14:58 . 2011-05-23 07:49 173568 ----a-w- c:windowssystem32xvid.ax 2012-11-24 14:58 . 2011-05-23 07:46 645632 ----a-w- c:windowsSysWow64xvidcore.dll 2012-11-24 14:58 . 2011-05-23 07:45 696832 ----a-w- c:windowssystem32xvidcore.dll 2012-11-24 14:57 . 2012-11-24 14:57 -------- d-----w- c:usersOwner.bitrock 2012-11-24 01:49 . 2012-11-24 14:58 -------- d-----w- c:program files (x86)Xvid 2012-11-21 18:48 . 2010-11-26 23:02 17720 ----a-w- c:windowssystem32driversSmartDefragDriver.sys 2012-11-21 14:17 . 2012-11-21 14:19 -------- d-----w- c:program files (x86)MeadCo Neptune 2012-11-20 22:16 . 2012-12-12 16:25 -------- dc----w- c:windowssystem32DRVSTORE 2012-11-20 22:15 . 2012-11-20 22:15 -------- d-----w- c:usersOwnerAppDataRoamingCheckPoint 2012-11-20 21:46 . 2012-12-12 17:44 -------- d-----w- c:programdataCheckPoint 2012-11-20 18:23 . 2012-11-20 18:23 -------- d-----w- c:usersOwnerAppDataRoamingMalwarebytes 2012-11-20 18:22 . 2012-11-20 18:22 -------- d-----w- c:programdataMalwarebytes 2012-11-20 16:27 . 2012-11-20 16:27 -------- d-----w- c:programdataPCPitstop 2012-11-20 16:25 . 2012-11-21 15:57 -------- d-----w- c:program files (x86)PCPitstop 2012-11-20 11:53 . 2012-11-20 11:53 -------- d-----w- c:usersOwnerAppDataRoamingConverterLite 2012-11-20 01:03 . 2012-11-20 01:03 -------- d-----w- c:usersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012) . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-18 18:45 . 2012-11-14 20:30 15712 ----a-w- c:windowssystem32driversSWDUMon.sys 2012-12-14 13:10 . 2012-07-25 12:45 67413224 ----a-w- c:windowssystem32MRT.exe 2012-12-12 17:57 . 2012-07-31 00:28 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe 2012-12-12 17:57 . 2012-07-31 00:28 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl 2012-11-24 01:35 . 2012-10-06 20:26 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll 2012-11-15 01:51 . 2012-11-15 01:51 62976 ----a-w- c:windowssystem32TSWbPrxy.exe 2012-11-15 01:51 . 2012-11-15 01:51 57856 ----a-w- c:windowssystem32driversTsUsbFlt.sys 2012-11-15 01:51 . 2012-11-15 01:51 5773824 ----a-w- c:windowssystem32mstscax.dll 2012-11-15 01:51 . 2012-11-15 01:51 54272 ----a-w- c:windowssystem32MsRdpWebAccess.dll 2012-11-15 01:51 . 2012-11-15 01:51 4916224 ----a-w- c:windowsSysWow64mstscax.dll 2012-11-15 01:51 . 2012-11-15 01:51 46592 ----a-w- c:windowsSysWow64MsRdpWebAccess.dll 2012-11-15 01:51 . 2012-11-15 01:51 44032 ----a-w- c:windowssystem32tsgqec.dll 2012-11-15 01:51 . 2012-11-15 01:51 43520 ----a-w- c:windowssystem32TsUsbGDCoInstaller.dll 2012-11-15 01:51 . 2012-11-15 01:51 384000 ----a-w- c:windowssystem32wksprt.exe 2012-11-15 01:51 . 2012-11-15 01:51 37376 ----a-w- c:windowsSysWow64tsgqec.dll 2012-11-15 01:51 . 2012-11-15 01:51 322560 ----a-w- c:windowssystem32aaclient.dll 2012-11-15 01:51 . 2012-11-15 01:51 3174912 ----a-w- c:windowssystem32rdpcorets.dll 2012-11-15 01:51 . 2012-11-15 01:51 269312 ----a-w- c:windowsSysWow64aaclient.dll 2012-11-15 01:51 . 2012-11-15 01:51 243200 ----a-w- c:windowssystem32rdpudd.dll 2012-11-15 01:51 . 2012-11-15 01:51 228864 ----a-w- c:windowssystem32rdpendp_winip.dll 2012-11-15 01:51 . 2012-11-15 01:51 19456 ----a-w- c:windowssystem32driversrdpvideominiport.sys 2012-11-15 01:51 . 2012-11-15 01:51 192000 ----a-w- c:windowsSysWow64rdpendp_winip.dll 2012-11-15 01:51 . 2012-11-15 01:51 18432 ----a-w- c:windowssystem32wksprtPS.dll 2012-11-15 01:51 . 2012-11-15 01:51 16896 ----a-w- c:windowsSysWow64wksprtPS.dll 2012-11-15 01:51 . 2012-11-15 01:51 15360 ----a-w- c:windowssystem32RdpGroupPolicyExtension.dll 2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyExtension.dll 2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyControl.exe 2012-11-15 01:51 . 2012-11-15 01:51 1123840 ----a-w- c:windowssystem32mstsc.exe 2012-11-15 01:51 . 2012-11-15 01:51 1048064 ----a-w- c:windowsSysWow64mstsc.exe 2012-11-15 01:50 . 2012-11-15 01:50 96768 ----a-w- c:windowsSysWow64sspicli.dll 2012-11-15 01:50 . 2012-11-15 01:50 458712 ----a-w- c:windowssystem32driverscng.sys 2012-11-15 01:50 . 2012-11-15 01:50 340992 ----a-w- c:windowssystem32schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 307200 ----a-w- c:windowssystem32ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 247808 ----a-w- c:windowsSysWow64schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 220160 ----a-w- c:windowsSysWow64ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 22016 ----a-w- c:windowsSysWow64secur32.dll 2012-11-15 01:50 . 2012-11-15 01:50 154480 ----a-w- c:windowssystem32driversksecpkg.sys 2012-11-15 01:50 . 2012-11-15 01:50 1448448 ----a-w- c:windowssystem32lsasrv.dll 2012-11-15 01:49 . 2012-11-15 01:49 514560 ----a-w- c:windowsSysWow64qdvd.dll 2012-11-15 01:49 . 2012-11-15 01:49 366592 ----a-w- c:windowssystem32qdvd.dll 2012-11-14 20:32 . 2012-11-14 20:32 30568 ----a-w- c:windowssystem32driversavgtpx64.sys 2012-11-01 18:31 . 2012-11-01 18:31 40712 ----a-w- c:windowssystem32driverstaphss6.sys 2012-11-01 18:25 . 2012-11-01 18:25 42248 ----a-w- c:windowssystem32drivershssdrv6.sys 2012-10-30 23:50 . 2012-08-03 22:43 285328 ----a-w- c:windowssystem32aswBoot.exe 2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:windowsSysWow64QuickTimeVR.qtx 2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:windowsSysWow64QuickTime.qts 2012-10-22 22:34 . 2012-10-22 22:34 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll 2012-10-22 22:34 . 2012-10-22 22:35 821736 ----a-w- c:windowsSysWow64npDeployJava1.dll 2012-10-22 22:34 . 2012-10-22 22:35 746984 ----a-w- c:windowsSysWow64deployJava1.dll 2012-10-17 13:39 . 2012-10-17 13:39 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCore-2Microsoft.MediaCenter.Sports.UI.dll 2012-10-17 13:39 . 2012-10-17 13:39 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkup-2markup.dll 2012-10-17 13:37 . 2012-10-17 13:37 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSM-2StartResources.dll 2012-10-16 08:38 . 2012-12-13 11:57 135168 ----a-w- c:windowsapppatchAppPatch64AcXtrnal.dll 2012-10-16 08:38 . 2012-12-13 11:57 350208 ----a-w- c:windowsapppatchAppPatch64AcLayers.dll 2012-10-16 07:39 . 2012-12-13 11:57 561664 ----a-w- c:windowsapppatchAcLayers.dll 2012-10-09 18:17 . 2012-11-15 12:36 55296 ----a-w- c:windowssystem32dhcpcsvc6.dll 2012-10-09 18:17 . 2012-11-15 12:36 226816 ----a-w- c:windowssystem32dhcpcore6.dll 2012-10-09 17:40 . 2012-11-15 12:36 44032 ----a-w- c:windowsSysWow64dhcpcsvc6.dll 2012-10-09 17:40 . 2012-11-15 12:36 193536 ----a-w- c:windowsSysWow64dhcpcore6.dll 2012-10-06 20:26 . 2012-10-06 20:26 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkupmarkup.dll 2012-10-06 20:26 . 2012-10-06 20:26 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSMStartResources.dll 2012-10-06 20:26 . 2012-10-06 20:26 539984 ----a-w- c:programdataMicrosofteHomePackagesMCESpotlightMCESpotlightSpotlightResources.dll 2012-10-04 16:40 . 2012-12-13 11:58 44032 ----a-w- c:windowsapppatchacwow64.dll 2012-10-03 17:56 . 2012-11-17 17:59 1914248 ----a-w- c:windowssystem32driverstcpip.sys 2012-10-03 17:44 . 2012-11-17 17:59 70656 ----a-w- c:windowssystem32nlaapi.dll 2012-10-03 17:44 . 2012-11-17 17:59 303104 ----a-w- c:windowssystem32nlasvc.dll 2012-10-03 17:44 . 2012-11-17 17:59 246272 ----a-w- c:windowssystem32netcorehc.dll 2012-10-03 17:44 . 2012-11-17 17:59 18944 ----a-w- c:windowssystem32netevent.dll 2012-10-03 17:44 . 2012-11-17 17:59 216576 ----a-w- c:windowssystem32ncsi.dll 2012-10-03 17:42 . 2012-11-17 17:59 569344 ----a-w- c:windowssystem32iphlpsvc.dll 2012-10-03 16:42 . 2012-11-17 17:59 18944 ----a-w- c:windowsSysWow64netevent.dll 2012-10-03 16:42 . 2012-11-17 17:59 175104 ----a-w- c:windowsSysWow64netcorehc.dll 2012-10-03 16:42 . 2012-11-17 17:59 156672 ----a-w- c:windowsSysWow64ncsi.dll 2012-10-03 16:07 . 2012-11-17 17:59 45568 ----a-w- c:windowssystem32driverstcpipreg.sys 2012-09-25 22:47 . 2012-11-15 12:31 78336 ----a-w- c:windowsSysWow64synceng.dll 2012-09-25 22:46 . 2012-11-15 12:31 95744 ----a-w- c:windowssystem32synceng.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{30C456C5-0E73-2343-38F0-D9F9CF8B0F52}] 2012-10-28 14:44 129024 ----a-w- c:programdataVaudix508d44c452574.ocx . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE}] 2012-10-28 14:36 129024 ----a-w- c:programdataVaudix508d42f54b62d.ocx . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar] "{8945176c-2823-4272-9735-873e75bfe1b4}"= "c:program files (x86)APlusGamer_63bar1.bin63bar.dll" [bU] . [HKEY_CLASSES_ROOTclsid{8945176c-2823-4272-9735-873e75bfe1b4}] . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "IDMan"="c:program files (x86)Internet Download ManagerIDMan.exe" [2012-09-01 3528128] "Xvid"="c:program files (x86)XvidCheckUpdate.exe" [2011-01-17 8192] "AnyDVD"="c:program files (x86)SlySoftAnyDVDAnyDVDtray.exe" [2012-11-23 6663840] "Spotify Web Helper"="c:usersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe" [2012-10-28 1199576] "NETGEARGenie"="c:program files (x86)NETGEAR GeniebinNETGEARGenie.exe" [2012-10-16 1041736] . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun] "CLMLServer"="c:program files (x86)CyberLinkPower2GoCLMLSvc.exe" [2009-11-02 103720] "Samsung PanelMgr"="c:windowsSamsungPanelMgrSSMMgr.exe" [2010-06-08 618496] "UVS10 Preload"="c:program files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe" [2006-03-07 36864] "UpdatePPShortCut"="c:program files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" [2009-05-20 222504] "Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848] "APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-10-12 59280] "PowerDVD12DMREngine"="c:program files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [2012-09-19 505872] "PowerDVD12Agent"="c:program files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [2012-09-19 374560] "QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-10-25 421888] "avast"="c:program filesAVAST SoftwareAvastavastUI.exe" [2012-10-30 4297136] . c:usersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup MagicDisc.lnk - c:program files (x86)MagicDiscMagicDisc.exe [2012-9-15 576000] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:windowsSysWOW64nvinit.dll . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32] "wave6"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944] R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:windowssystem32DRIVERSAVerPola.sys [2011-01-04 534144] R3 BBUpdate;BBUpdate;c:program files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe [2012-02-10 240408] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:program filesIntelWiFibinPanDhcpDns.exe [2011-01-05 340240] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2012-11-15 19456] R3 Samsung UPD Service;Samsung UPD Service;c:windowsSystem32SUPDSvc.exe [2010-08-09 166704] R3 StkCMini;Syntek AVStream USB2.0 ATV;c:windowssystem32DriversStkCMini.sys [2010-04-16 1816968] R3 SWDUMon;SWDUMon;c:windowssystem32DRIVERSSWDUMon.sys [2012-12-18 15712] R3 taphss6;Anchorfree HSS VPN Adapter;c:windowssystem32DRIVERStaphss6.sys [2012-11-01 40712] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2012-11-15 57856] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2012-07-25 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32DRIVERSwdcsam64.sys [2008-05-06 14464] R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:windowssystem32DRIVERSnvpciflt.sys [2010-12-14 25576] S0 SmartDefragDriver;SmartDefragDriver;c:windowsSystem32DriversSmartDefragDriver.sys [2010-11-26 17720] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-14 30568] S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:windowssystem32DriversSABI.sys [2009-05-28 13824] S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34];c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-09-19 22:12 147704] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2012-10-30 71600] S2 BBSvc;BingBar Service;c:program files (x86)MicrosoftBingBar7.1.361.0BBSvc.exe [2012-02-10 193816] S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-09-19 90640] S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-09-19 78352] S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-09-19 295440] S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:program filesIntelWiMAXBinDMAgent.exe [2011-06-06 498688] S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.sys [2012-08-02 158944] S2 MBAMScheduler;MBAMScheduler;c:program files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [2012-09-30 399432] S2 MBAMService;MBAMService;c:program files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2012-09-30 676936] S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:program files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe [2012-09-25 231752] S2 nlsX86cc;Nalpeiron Licensing Service;c:windowsSysWOW64nlssrv32.exe [2010-11-22 66560] S2 ntk_PowerDVD12;ntk_PowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-06-20 83704] S2 UNS;Intel® Management and Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-10-06 2655768] S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:program filesIntelWiMAXBinAppSrv.exe [2011-06-06 986112] S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:windowssystem32DRIVERSbpenum.sys [2011-05-19 84480] S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:windowssystem32DRIVERSbpmp.sys [2011-05-19 182272] S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:windowssystem32Driversbpusb.sys [2011-05-19 83968] S3 clwvd;CyberLink WebCam Virtual Driver;c:windowssystem32DRIVERSclwvd.sys [2010-11-10 31088] S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys [2010-11-12 138024] S3 IntcDAud;Intel® Display Audio;c:windowssystem32DRIVERSIntcDAud.sys [2010-10-15 317440] S3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [2012-09-30 25928] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:windowssystem32DRIVERSnusb3hub.sys [2010-10-11 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:windowssystem32DRIVERSnusb3xhc.sys [2010-10-11 180736] S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2011-06-10 539240] S3 wdkmd;Intel WiDi KMD;c:windowssystem32DRIVERSWDKMD.sys [2010-11-30 42392] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - NPF . Contents of the 'Scheduled Tasks' folder . 2012-12-18 c:windowsTasksAdobe Flash Player Updater.job - c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-31 17:57] . 2012-12-18 c:windowsTasksSlimDrivers Startup.job - c:program files (x86)SlimDriversSlimDrivers.exe [2012-10-14 21:29] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 23:50 133400 ----a-w- c:program filesAVAST SoftwareAvastashShA64.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersIDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOTCLSID{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 23432 ----a-w- c:program files (x86)Internet Download ManagerIDMShellExt64.dll . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "IgfxTray"="c:windowssystem32igfxtray.exe" [2011-01-04 167960] "HotKeysCmds"="c:windowssystem32hkcmd.exe" [2011-01-04 391704] "Persistence"="c:windowssystem32igfxpers.exe" [2011-01-04 417304] "RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2010-11-30 11660904] "IntelWireless"="c:program filesCommon FilesIntelWirelessCommoniFrmewrk.exe" [2011-01-05 1933584] "ETDCtrl"="c:program files (x86)ElantechETDCtrl.exe" [bU] "IntelWirelessWiMAX"="c:program filesIntelWiMAXBinWiMAXCU.exe" [2011-06-02 1622016] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows] "AppInit_DLLs"=c:windowsSystem32nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:windowssystem32blank.htm mStart Page = hxxp://samsung.msn.com mLocal Page = c:windowsSysWOW64blank.htm IE: Download all links with IDM - c:program files (x86)Internet Download ManagerIEGetAll.htm IE: Download with IDM - c:program files (x86)Internet Download ManagerIEExt.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default FF - ExtSQL: 2012-11-04 18:39; 50970cb9d50ba@50970cb9d50f3.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions50970cb9d50ba@50970cb9d50f3.com.xpi FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com FF - ExtSQL: 2012-12-16 16:53; wrc@avast.com; c:program filesAVAST SoftwareAvastWebRepFF FF - ExtSQL: !HIDDEN! 2012-11-12 13:26; 63ffxtbr@APlusGamer_63.com; c:program files (x86)APlusGamer_63bar1.bin FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:program files (x86)MindDabble_4pbar1.bin . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) . . . [HKEY_LOCAL_MACHINESYSTEMControlSet001services{73526619-C24F-470B-9BED-53D455FBB5C6}] "ImagePath"="??c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):c5,88,12,3d,a1,66,02,aa,b6,69,27,77,2a,36,ce,6b,62,5d,c5,5b,dd, 32,c3,0e,3c,fd,35,14,a9,f8,c3,8a,76,15,a2,42,fb,fb,4e,66,00,00,00,00,00,00, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):92,20,a6,2c,ac,da,97,ad,d1,24,a3,f8,5b,7f,d7,fc,ab,59,6e,1b,bf, 51,95,0a,ae,4d,7b,37,63,5b,fa,ad,73,d0,1a,32,83,42,de,9e,00,00,00,00,00,00, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{b5572adb-f71b-41a1-ad6e-0832b120e9ea}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:000000f0 "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,85,b1,12,f9,90,dd,23,a1,46,8f,3c,f2,5c,68,ee,21,c4,91,5d,38,fc,54, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{c9fa1039-b2b9-4ecb-85ad-32f7d18bc0ed}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000012c "Therad"=dword:00000001 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68, . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus] @="0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:program filesAVAST SoftwareAvastAvastSvc.exe c:program files (x86)Common FilesAdobeARM1.0armsvc.exe c:program files (x86)Malwarebytes' Anti-Malwarembamgui.exe c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe c:program files (x86)CyberLinkShared filesRichVideo.exe c:program files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe c:program files (x86)SamsungEasy Display ManagerWifiManager.exe c:program files (x86)CyberLinkYouCamYCMMirage.exe c:program files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe c:program files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe c:program files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe c:program files (x86)SamsungSamsung Support CenterSSCKbdHk.exe c:program files (x86)SamsungSamsung Update PlusSUPBackground.exe . ************************************************************************** . Completion time: 2012-12-18 12:54:06 - machine was rebooted ComboFix-quarantined-files.txt 2012-12-18 18:54 ComboFix2.txt 2012-12-11 00:42 ComboFix3.txt 2012-12-03 17:11 . Pre-Run: 70,461,120,512 bytes free Post-Run: 69,844,963,328 bytes free . - - End Of File - - 5AA7B7A2BCB6992362D1694C17AC39A4 CKScanner 2.1 - Additional Security Risks - These are not necessarily bad c:new folder (2)desktopaudio record wizard 3.99 inc crack - mast3r-.rar c:new folder (2)desktop itemsdesktopaudio record wizard 3.99 inc crack - mast3r-.rar c:new folder (2)geek squad backup 07.09.2012backup continuedadobeadobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html c:new folder (2)geek squad backup 07.09.2012downloadsprogramsaudio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe c:program filesgimp 2sharegimp2.0patternscracked.pat c:program files (x86)kurzweil educational systemskurzweil 3000crack.exe c:qooboxquarantinecnew folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe.vir c:qooboxquarantinecnew folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo.vir c:qooboxquarantinecnew folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url.vir c:qooboxquarantinecnew folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo.vir c:qooboxquarantinecnew folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url.vir c:qooboxquarantinecnew folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe.vir c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe.vir c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo.vir c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url.vir c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo.vir c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url.vir c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgavsaudioeditor.exe.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgf4cg.nfo.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgread me.txt.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgsetup.exe.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]chattchitto rg.nfo.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]chattchitto rg.url.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]copyto v5.1.0.2 + crack [ch Link to comment Share on other sites More sharing options...
JonTom Posted December 19, 2012 Share Posted December 19, 2012 Hello goofy1139 I get this message 'illegal operation attempted on a registry key that been marked for deletion' Reboot your machine and the message will go away. This is a known (harmless) issue with Combofix and a reboot solves the problem. It looks like we missed some of those cracked and keygened entries: Please work through the following steps Hold down the Windows key (has the Windows symbol on it) and press the "R" key. A Run box will open. Type in Notepad and press Enter then click on "OK"). NOTE: Do not Use Wordpad or any other text editor except Notepad or the script will fail. Copy and Paste the text in the quotebox below into the open Notepad window: File:: c:\new folder (2)\desktop\audio record wizard 3.99 inc crack - mast3r-.rar c:\new folder (2)\desktop items\desktop\audio record wizard 3.99 inc crack - mast3r-.rar c:\new folder (2)\geek squad backup 07.09.2012\backup continued\adobe\adobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html c:\new folder (2)\geek squad backup 07.09.2012\downloads\programs\audio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe c:\program files (x86)\kurzweil educational systems\kurzweil 3000\crack.exe Save this as "CFScript.txt" (including the quotation marks), change the "Save as type" to "All Files" and save it to your desktop. Close any open browsers. Disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Refering to the picture below, drag CFScript.txt into ComboFix.exe When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply. Once the log is produced, re-engage your resident anti virus. Post the Combofix log in your next reply. Link to comment Share on other sites More sharing options...
goofy1139 Posted December 19, 2012 Author Share Posted December 19, 2012 Hello JonTom, Here is the log ComboFix 12-12-19.02 - Owner 12/19/2012 12:37:13.4.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6056.4369 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe Command switches used :: c:usersOwnerDesktopCFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:new folder (2)desktop itemsdesktopaudio record wizard 3.99 inc crack - mast3r-.rar" "c:new folder (2)desktopaudio record wizard 3.99 inc crack - mast3r-.rar" "c:new folder (2)geek squad backup 07.09.2012backup continuedadobeadobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html" "c:new folder (2)geek squad backup 07.09.2012downloadsprogramsaudio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe" "c:program files (x86)kurzweil educational systemskurzweil 3000crack.exe" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:new folder (2)desktop itemsdesktopaudio record wizard 3.99 inc crack - mast3r-.rar c:new folder (2)desktopaudio record wizard 3.99 inc crack - mast3r-.rar c:new folder (2)geek squad backup 07.09.2012backup continuedadobeadobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html c:new folder (2)geek squad backup 07.09.2012downloadsprogramsaudio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe c:program files (x86)kurzweil educational systemskurzweil 3000crack.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------Legacy_NPF -------Service_NPF . . ((((((((((((((((((((((((( Files Created from 2012-11-19 to 2012-12-19 ))))))))))))))))))))))))))))))) . . 2012-12-19 19:14 . 2012-12-19 19:14 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp 2012-12-19 19:14 . 2012-12-19 19:14 -------- d-----w- c:usersDefaultAppDataLocaltemp 2012-12-18 13:42 . 2012-11-08 17:24 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{E0C11D25-2DC5-4B71-8976-A4767590840B}mpengine.dll 2012-12-16 22:46 . 2012-10-30 23:51 370288 ----a-w- c:windowssystem32driversaswSP.sys 2012-12-16 22:46 . 2012-10-30 23:51 25232 ----a-w- c:windowssystem32driversaswFsBlk.sys 2012-12-16 22:46 . 2012-10-15 16:59 54072 ----a-w- c:windowssystem32driversaswRdr2.sys 2012-12-16 22:46 . 2012-10-30 23:51 59728 ----a-w- c:windowssystem32driversaswTdi.sys 2012-12-16 22:46 . 2012-10-30 23:51 984144 ----a-w- c:windowssystem32driversaswSnx.sys 2012-12-16 22:46 . 2012-10-30 23:51 71600 ----a-w- c:windowssystem32driversaswMonFlt.sys 2012-12-16 22:46 . 2012-10-30 23:51 41224 ----a-w- c:windowsavastSS.scr 2012-12-16 22:45 . 2012-10-30 23:50 227648 ----a-w- c:windowsSysWow64aswBoot.exe 2012-12-16 22:06 . 2012-12-16 22:07 -------- d-----w- c:usersOwnerAppDataLocalNETGEARGenie 2012-12-16 22:06 . 2012-12-16 22:06 369168 ----a-w- c:windowssystem32wpcap.dll 2012-12-16 22:06 . 2012-12-16 22:06 35344 ----a-w- c:windowssystem32driversnpf.sys 2012-12-16 22:06 . 2012-12-16 22:06 106000 ----a-w- c:windowssystem32packet.dll 2012-12-16 22:06 . 2012-12-16 22:06 -------- d-----w- c:program files (x86)NETGEAR Genie 2012-12-14 20:48 . 2012-12-14 20:48 -------- d-----w- c:program files (x86)uTorrent 2012-12-14 13:06 . 2012-11-14 07:06 17811968 ----a-w- c:windowssystem32mshtml.dll 2012-12-14 13:06 . 2012-11-14 06:32 10925568 ----a-w- c:windowssystem32ieframe.dll 2012-12-13 11:57 . 2012-11-02 05:59 478208 ----a-w- c:windowssystem32dpnet.dll 2012-12-13 11:57 . 2012-11-02 05:11 376832 ----a-w- c:windowsSysWow64dpnet.dll 2012-12-12 21:34 . 2012-12-13 00:47 -------- d-----w- c:usersOwnerAppDataRoamingatunes 2012-12-12 21:33 . 2012-12-12 21:33 -------- d-----w- c:program files (x86)aTunes 2012-12-12 17:44 . 2012-12-12 17:44 -------- d-----w- c:program files (x86)CheckPoint 2012-12-10 15:12 . 2012-12-10 15:12 -------- d-----w- C:FRACTURE EXTRAS 2012-12-05 17:06 . 2012-11-29 08:27 96224 ----a-w- c:program files (x86)Mozilla Firefoxwebapprt-stub.exe 2012-12-05 17:06 . 2012-11-29 08:27 270816 ----a-w- c:program files (x86)Mozilla Firefoxupdater.exe 2012-12-05 17:06 . 2012-11-29 08:27 157272 ----a-w- c:program files (x86)Mozilla Firefoxwebapp-uninstaller.exe 2012-12-05 17:06 . 2012-11-29 08:27 73696 ----a-w- c:program files (x86)Mozilla Firefoxbreakpadinjector.dll 2012-11-30 15:39 . 2012-11-30 21:47 -------- d-----w- c:program files (x86)Malwarebytes' Anti-Malware 2012-11-30 15:39 . 2012-09-30 01:54 25928 ----a-w- c:windowssystem32driversmbam.sys 2012-11-30 14:16 . 2012-11-30 14:16 -------- d-----w- c:windowsERUNT 2012-11-30 14:15 . 2012-12-06 01:06 -------- d-----w- C:JRT 2012-11-27 17:18 . 2012-12-12 19:11 -------- d-----w- C:FRST 2012-11-25 02:04 . 2012-12-05 19:46 -------- d-----w- c:usersOwnerAppDataLocalElevatedDiagnostics 2012-11-24 14:58 . 2011-05-30 13:42 240640 ----a-w- c:windowsSysWow64xvidvfw.dll 2012-11-24 14:58 . 2011-05-30 13:42 255488 ----a-w- c:windowssystem32xvidvfw.dll 2012-11-24 14:58 . 2011-05-23 09:52 153088 ----a-w- c:windowsSysWow64xvid.ax 2012-11-24 14:58 . 2011-05-23 07:49 173568 ----a-w- c:windowssystem32xvid.ax 2012-11-24 14:58 . 2011-05-23 07:46 645632 ----a-w- c:windowsSysWow64xvidcore.dll 2012-11-24 14:58 . 2011-05-23 07:45 696832 ----a-w- c:windowssystem32xvidcore.dll 2012-11-24 14:57 . 2012-11-24 14:57 -------- d-----w- c:usersOwner.bitrock 2012-11-24 01:49 . 2012-11-24 14:58 -------- d-----w- c:program files (x86)Xvid 2012-11-21 18:48 . 2010-11-26 23:02 17720 ----a-w- c:windowssystem32driversSmartDefragDriver.sys 2012-11-21 14:17 . 2012-11-21 14:19 -------- d-----w- c:program files (x86)MeadCo Neptune 2012-11-20 22:16 . 2012-12-12 16:25 -------- dc----w- c:windowssystem32DRVSTORE 2012-11-20 22:15 . 2012-11-20 22:15 -------- d-----w- c:usersOwnerAppDataRoamingCheckPoint 2012-11-20 21:46 . 2012-12-12 17:44 -------- d-----w- c:programdataCheckPoint 2012-11-20 18:23 . 2012-11-20 18:23 -------- d-----w- c:usersOwnerAppDataRoamingMalwarebytes 2012-11-20 18:22 . 2012-11-20 18:22 -------- d-----w- c:programdataMalwarebytes 2012-11-20 16:27 . 2012-11-20 16:27 -------- d-----w- c:programdataPCPitstop 2012-11-20 16:25 . 2012-11-21 15:57 -------- d-----w- c:program files (x86)PCPitstop 2012-11-20 11:53 . 2012-11-20 11:53 -------- d-----w- c:usersOwnerAppDataRoamingConverterLite 2012-11-20 01:03 . 2012-11-20 01:03 -------- d-----w- c:usersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012) . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-14 13:10 . 2012-07-25 12:45 67413224 ----a-w- c:windowssystem32MRT.exe 2012-12-12 17:57 . 2012-07-31 00:28 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe 2012-12-12 17:57 . 2012-07-31 00:28 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl 2012-11-24 01:35 . 2012-10-06 20:26 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll 2012-11-15 01:51 . 2012-11-15 01:51 62976 ----a-w- c:windowssystem32TSWbPrxy.exe 2012-11-15 01:51 . 2012-11-15 01:51 57856 ----a-w- c:windowssystem32driversTsUsbFlt.sys 2012-11-15 01:51 . 2012-11-15 01:51 5773824 ----a-w- c:windowssystem32mstscax.dll 2012-11-15 01:51 . 2012-11-15 01:51 54272 ----a-w- c:windowssystem32MsRdpWebAccess.dll 2012-11-15 01:51 . 2012-11-15 01:51 4916224 ----a-w- c:windowsSysWow64mstscax.dll 2012-11-15 01:51 . 2012-11-15 01:51 46592 ----a-w- c:windowsSysWow64MsRdpWebAccess.dll 2012-11-15 01:51 . 2012-11-15 01:51 44032 ----a-w- c:windowssystem32tsgqec.dll 2012-11-15 01:51 . 2012-11-15 01:51 43520 ----a-w- c:windowssystem32TsUsbGDCoInstaller.dll 2012-11-15 01:51 . 2012-11-15 01:51 384000 ----a-w- c:windowssystem32wksprt.exe 2012-11-15 01:51 . 2012-11-15 01:51 37376 ----a-w- c:windowsSysWow64tsgqec.dll 2012-11-15 01:51 . 2012-11-15 01:51 322560 ----a-w- c:windowssystem32aaclient.dll 2012-11-15 01:51 . 2012-11-15 01:51 3174912 ----a-w- c:windowssystem32rdpcorets.dll 2012-11-15 01:51 . 2012-11-15 01:51 269312 ----a-w- c:windowsSysWow64aaclient.dll 2012-11-15 01:51 . 2012-11-15 01:51 243200 ----a-w- c:windowssystem32rdpudd.dll 2012-11-15 01:51 . 2012-11-15 01:51 228864 ----a-w- c:windowssystem32rdpendp_winip.dll 2012-11-15 01:51 . 2012-11-15 01:51 19456 ----a-w- c:windowssystem32driversrdpvideominiport.sys 2012-11-15 01:51 . 2012-11-15 01:51 192000 ----a-w- c:windowsSysWow64rdpendp_winip.dll 2012-11-15 01:51 . 2012-11-15 01:51 18432 ----a-w- c:windowssystem32wksprtPS.dll 2012-11-15 01:51 . 2012-11-15 01:51 16896 ----a-w- c:windowsSysWow64wksprtPS.dll 2012-11-15 01:51 . 2012-11-15 01:51 15360 ----a-w- c:windowssystem32RdpGroupPolicyExtension.dll 2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyExtension.dll 2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyControl.exe 2012-11-15 01:51 . 2012-11-15 01:51 1123840 ----a-w- c:windowssystem32mstsc.exe 2012-11-15 01:51 . 2012-11-15 01:51 1048064 ----a-w- c:windowsSysWow64mstsc.exe 2012-11-15 01:50 . 2012-11-15 01:50 96768 ----a-w- c:windowsSysWow64sspicli.dll 2012-11-15 01:50 . 2012-11-15 01:50 458712 ----a-w- c:windowssystem32driverscng.sys 2012-11-15 01:50 . 2012-11-15 01:50 340992 ----a-w- c:windowssystem32schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 307200 ----a-w- c:windowssystem32ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 247808 ----a-w- c:windowsSysWow64schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 220160 ----a-w- c:windowsSysWow64ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 22016 ----a-w- c:windowsSysWow64secur32.dll 2012-11-15 01:50 . 2012-11-15 01:50 154480 ----a-w- c:windowssystem32driversksecpkg.sys 2012-11-15 01:50 . 2012-11-15 01:50 1448448 ----a-w- c:windowssystem32lsasrv.dll 2012-11-15 01:49 . 2012-11-15 01:49 514560 ----a-w- c:windowsSysWow64qdvd.dll 2012-11-15 01:49 . 2012-11-15 01:49 366592 ----a-w- c:windowssystem32qdvd.dll 2012-11-14 20:32 . 2012-11-14 20:32 30568 ----a-w- c:windowssystem32driversavgtpx64.sys 2012-11-01 18:31 . 2012-11-01 18:31 40712 ----a-w- c:windowssystem32driverstaphss6.sys 2012-11-01 18:25 . 2012-11-01 18:25 42248 ----a-w- c:windowssystem32drivershssdrv6.sys 2012-10-30 23:50 . 2012-08-03 22:43 285328 ----a-w- c:windowssystem32aswBoot.exe 2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:windowsSysWow64QuickTimeVR.qtx 2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:windowsSysWow64QuickTime.qts 2012-10-22 22:34 . 2012-10-22 22:34 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll 2012-10-22 22:34 . 2012-10-22 22:35 821736 ----a-w- c:windowsSysWow64npDeployJava1.dll 2012-10-22 22:34 . 2012-10-22 22:35 746984 ----a-w- c:windowsSysWow64deployJava1.dll 2012-10-17 13:39 . 2012-10-17 13:39 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCore-2Microsoft.MediaCenter.Sports.UI.dll 2012-10-17 13:39 . 2012-10-17 13:39 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkup-2markup.dll 2012-10-17 13:37 . 2012-10-17 13:37 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSM-2StartResources.dll 2012-10-16 08:38 . 2012-12-13 11:57 135168 ----a-w- c:windowsapppatchAppPatch64AcXtrnal.dll 2012-10-16 08:38 . 2012-12-13 11:57 350208 ----a-w- c:windowsapppatchAppPatch64AcLayers.dll 2012-10-16 07:39 . 2012-12-13 11:57 561664 ----a-w- c:windowsapppatchAcLayers.dll 2012-10-09 18:17 . 2012-11-15 12:36 55296 ----a-w- c:windowssystem32dhcpcsvc6.dll 2012-10-09 18:17 . 2012-11-15 12:36 226816 ----a-w- c:windowssystem32dhcpcore6.dll 2012-10-09 17:40 . 2012-11-15 12:36 44032 ----a-w- c:windowsSysWow64dhcpcsvc6.dll 2012-10-09 17:40 . 2012-11-15 12:36 193536 ----a-w- c:windowsSysWow64dhcpcore6.dll 2012-10-06 20:26 . 2012-10-06 20:26 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkupmarkup.dll 2012-10-06 20:26 . 2012-10-06 20:26 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSMStartResources.dll 2012-10-06 20:26 . 2012-10-06 20:26 539984 ----a-w- c:programdataMicrosofteHomePackagesMCESpotlightMCESpotlightSpotlightResources.dll 2012-10-04 16:40 . 2012-12-13 11:58 44032 ----a-w- c:windowsapppatchacwow64.dll 2012-10-03 17:56 . 2012-11-17 17:59 1914248 ----a-w- c:windowssystem32driverstcpip.sys 2012-10-03 17:44 . 2012-11-17 17:59 70656 ----a-w- c:windowssystem32nlaapi.dll 2012-10-03 17:44 . 2012-11-17 17:59 303104 ----a-w- c:windowssystem32nlasvc.dll 2012-10-03 17:44 . 2012-11-17 17:59 246272 ----a-w- c:windowssystem32netcorehc.dll 2012-10-03 17:44 . 2012-11-17 17:59 18944 ----a-w- c:windowssystem32netevent.dll 2012-10-03 17:44 . 2012-11-17 17:59 216576 ----a-w- c:windowssystem32ncsi.dll 2012-10-03 17:42 . 2012-11-17 17:59 569344 ----a-w- c:windowssystem32iphlpsvc.dll 2012-10-03 16:42 . 2012-11-17 17:59 18944 ----a-w- c:windowsSysWow64netevent.dll 2012-10-03 16:42 . 2012-11-17 17:59 175104 ----a-w- c:windowsSysWow64netcorehc.dll 2012-10-03 16:42 . 2012-11-17 17:59 156672 ----a-w- c:windowsSysWow64ncsi.dll 2012-10-03 16:07 . 2012-11-17 17:59 45568 ----a-w- c:windowssystem32driverstcpipreg.sys 2012-09-25 22:47 . 2012-11-15 12:31 78336 ----a-w- c:windowsSysWow64synceng.dll 2012-09-25 22:46 . 2012-11-15 12:31 95744 ----a-w- c:windowssystem32synceng.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{30C456C5-0E73-2343-38F0-D9F9CF8B0F52}] 2012-10-28 14:44 129024 ----a-w- c:programdataVaudix508d44c452574.ocx . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE}] 2012-10-28 14:36 129024 ----a-w- c:programdataVaudix508d42f54b62d.ocx . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar] "{8945176c-2823-4272-9735-873e75bfe1b4}"= "c:program files (x86)APlusGamer_63bar1.bin63bar.dll" [bU] . [HKEY_CLASSES_ROOTclsid{8945176c-2823-4272-9735-873e75bfe1b4}] . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "IDMan"="c:program files (x86)Internet Download ManagerIDMan.exe" [2012-09-01 3528128] "Xvid"="c:program files (x86)XvidCheckUpdate.exe" [2011-01-17 8192] "Spotify Web Helper"="c:usersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe" [2012-10-28 1199576] "NETGEARGenie"="c:program files (x86)NETGEAR GeniebinNETGEARGenie.exe" [2012-10-16 1041736] . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun] "CLMLServer"="c:program files (x86)CyberLinkPower2GoCLMLSvc.exe" [2009-11-02 103720] "Samsung PanelMgr"="c:windowsSamsungPanelMgrSSMMgr.exe" [2010-06-08 618496] "UVS10 Preload"="c:program files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe" [2006-03-07 36864] "UpdatePPShortCut"="c:program files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" [2009-05-20 222504] "Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848] "APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-10-12 59280] "PowerDVD12DMREngine"="c:program files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [2012-09-19 505872] "PowerDVD12Agent"="c:program files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [2012-09-19 374560] "QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-10-25 421888] "avast"="c:program filesAVAST SoftwareAvastavastUI.exe" [2012-10-30 4297136] . c:usersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup MagicDisc.lnk - c:program files (x86)MagicDiscMagicDisc.exe [2012-9-15 576000] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:windowsSysWOW64nvinit.dll . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32] "wave6"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944] R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:windowssystem32DRIVERSAVerPola.sys [2011-01-04 534144] R3 BBUpdate;BBUpdate;c:program files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe [2012-02-10 240408] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:program filesIntelWiFibinPanDhcpDns.exe [2011-01-05 340240] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2012-11-15 19456] R3 Samsung UPD Service;Samsung UPD Service;c:windowsSystem32SUPDSvc.exe [2010-08-09 166704] R3 StkCMini;Syntek AVStream USB2.0 ATV;c:windowssystem32DriversStkCMini.sys [2010-04-16 1816968] R3 taphss6;Anchorfree HSS VPN Adapter;c:windowssystem32DRIVERStaphss6.sys [2012-11-01 40712] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2012-11-15 57856] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2012-07-25 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32DRIVERSwdcsam64.sys [2008-05-06 14464] R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:windowssystem32DRIVERSnvpciflt.sys [2010-12-14 25576] S0 SmartDefragDriver;SmartDefragDriver;c:windowsSystem32DriversSmartDefragDriver.sys [2010-11-26 17720] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-14 30568] S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:windowssystem32DriversSABI.sys [2009-05-28 13824] S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34];c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-09-19 22:12 147704] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2012-10-30 71600] S2 BBSvc;BingBar Service;c:program files (x86)MicrosoftBingBar7.1.361.0BBSvc.exe [2012-02-10 193816] S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-09-19 90640] S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-09-19 78352] S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-09-19 295440] S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:program filesIntelWiMAXBinDMAgent.exe [2011-06-06 498688] S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.sys [2012-08-02 158944] S2 MBAMScheduler;MBAMScheduler;c:program files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [2012-09-30 399432] S2 MBAMService;MBAMService;c:program files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2012-09-30 676936] S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:program files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe [2012-09-25 231752] S2 nlsX86cc;Nalpeiron Licensing Service;c:windowsSysWOW64nlssrv32.exe [2010-11-22 66560] S2 ntk_PowerDVD12;ntk_PowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-06-20 83704] S2 UNS;Intel® Management and Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-10-06 2655768] S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:program filesIntelWiMAXBinAppSrv.exe [2011-06-06 986112] S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:windowssystem32DRIVERSbpenum.sys [2011-05-19 84480] S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:windowssystem32DRIVERSbpmp.sys [2011-05-19 182272] S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:windowssystem32Driversbpusb.sys [2011-05-19 83968] S3 clwvd;CyberLink WebCam Virtual Driver;c:windowssystem32DRIVERSclwvd.sys [2010-11-10 31088] S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys [2010-11-12 138024] S3 IntcDAud;Intel® Display Audio;c:windowssystem32DRIVERSIntcDAud.sys [2010-10-15 317440] S3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [2012-09-30 25928] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:windowssystem32DRIVERSnusb3hub.sys [2010-10-11 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:windowssystem32DRIVERSnusb3xhc.sys [2010-10-11 180736] S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2011-06-10 539240] S3 wdkmd;Intel WiDi KMD;c:windowssystem32DRIVERSWDKMD.sys [2010-11-30 42392] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - NPF . Contents of the 'Scheduled Tasks' folder . 2012-12-19 c:windowsTasksAdobe Flash Player Updater.job - c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-31 17:57] . 2012-12-19 c:windowsTasksSlimDrivers Startup.job - c:program files (x86)SlimDriversSlimDrivers.exe [2012-10-14 21:29] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 23:50 133400 ----a-w- c:program filesAVAST SoftwareAvastashShA64.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersIDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOTCLSID{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 23432 ----a-w- c:program files (x86)Internet Download ManagerIDMShellExt64.dll . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "IgfxTray"="c:windowssystem32igfxtray.exe" [2011-01-04 167960] "HotKeysCmds"="c:windowssystem32hkcmd.exe" [2011-01-04 391704] "Persistence"="c:windowssystem32igfxpers.exe" [2011-01-04 417304] "RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2010-11-30 11660904] "IntelWireless"="c:program filesCommon FilesIntelWirelessCommoniFrmewrk.exe" [2011-01-05 1933584] "ETDCtrl"="c:program files (x86)ElantechETDCtrl.exe" [bU] "IntelWirelessWiMAX"="c:program filesIntelWiMAXBinWiMAXCU.exe" [2011-06-02 1622016] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows] "AppInit_DLLs"=c:windowsSystem32nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:windowssystem32blank.htm mStart Page = hxxp://samsung.msn.com mLocal Page = c:windowsSysWOW64blank.htm IE: Download all links with IDM - c:program files (x86)Internet Download ManagerIEGetAll.htm IE: Download with IDM - c:program files (x86)Internet Download ManagerIEExt.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default FF - ExtSQL: 2012-11-04 18:39; 50970cb9d50ba@50970cb9d50f3.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions50970cb9d50ba@50970cb9d50f3.com.xpi FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com FF - ExtSQL: 2012-12-16 16:53; wrc@avast.com; c:program filesAVAST SoftwareAvastWebRepFF FF - ExtSQL: !HIDDEN! 2012-11-12 13:26; 63ffxtbr@APlusGamer_63.com; c:program files (x86)APlusGamer_63bar1.bin FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:program files (x86)MindDabble_4pbar1.bin . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) . . . [HKEY_LOCAL_MACHINESYSTEMControlSet001services{73526619-C24F-470B-9BED-53D455FBB5C6}] "ImagePath"="??c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):c5,88,12,3d,a1,66,02,aa,b6,69,27,77,2a,36,ce,6b,62,5d,c5,5b,dd, 32,c3,0e,3c,fd,35,14,a9,f8,c3,8a,76,15,a2,42,fb,fb,4e,66,00,00,00,00,00,00, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):92,20,a6,2c,ac,da,97,ad,d1,24,a3,f8,5b,7f,d7,fc,ab,59,6e,1b,bf, 51,95,0a,ae,4d,7b,37,63,5b,fa,ad,73,d0,1a,32,83,42,de,9e,00,00,00,00,00,00, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{b5572adb-f71b-41a1-ad6e-0832b120e9ea}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:000000f0 "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,85,b1,12,f9,90,dd,23,a1,46,8f,3c,f2,5c,68,ee,21,c4,91,5d,38,fc,54, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{c9fa1039-b2b9-4ecb-85ad-32f7d18bc0ed}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000012c "Therad"=dword:00000001 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68, . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus] @="0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:program filesAVAST SoftwareAvastAvastSvc.exe c:program files (x86)Common FilesAdobeARM1.0armsvc.exe c:program files (x86)IObitSmart Defrag 2SmartDefrag.exe c:program files (x86)Malwarebytes' Anti-Malwarembamgui.exe c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe c:program files (x86)CyberLinkShared filesRichVideo.exe c:program files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe c:program files (x86)SamsungEasy Display ManagerWifiManager.exe c:program files (x86)CyberLinkYouCamYCMMirage.exe c:program files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe c:program files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe c:program files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe c:program files (x86)SamsungSamsung Support CenterSSCKbdHk.exe c:program files (x86)SamsungSamsung Update PlusSUPBackground.exe . ************************************************************************** . Completion time: 2012-12-19 13:30:59 - machine was rebooted ComboFix-quarantined-files.txt 2012-12-19 19:30 ComboFix2.txt 2012-12-18 18:54 ComboFix3.txt 2012-12-11 00:42 ComboFix4.txt 2012-12-03 17:11 . Pre-Run: 69,682,040,832 bytes free Post-Run: 68,463,153,152 bytes free . - - End Of File - - 0481626A4B6A61C9577CD2CEFC3C58FB Link to comment Share on other sites More sharing options...
JonTom Posted December 19, 2012 Share Posted December 19, 2012 Hello goofy1139 Thank you for the log. Please work through the following steps Hold down the Windows key (has the Windows symbol on it) and press the "R" key. A Run box will open. Type in Notepad and press Enter then click on "OK"). NOTE: Do not Use Wordpad or any other text editor except Notepad or the script will fail. Copy and Paste the text in the quotebox below into the open Notepad window: File:: c:\programdata\Vaudix\508d44c452574.ocx c:\programdata\Vaudix\508d42f54b62d.ocx c:\program files (x86)\APlusGamer_63\bar\1.bin\63bar.dll Folder:: c:\programdata\Vaudix c:\program files (x86)\APlusGamer_63 Registry:: [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30C456C5-0E73-2343-38F0-D9F9CF8B0F52}] [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE}] [-HKEY_CLASSES_ROOT\clsid\{8945176c-2823-4272-9735-873e75bfe1b4}] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{8945176c-2823-4272-9735-873e75bfe1b4}"=- Firefox:: FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\nww68hdh.default\ FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\nww68hdh.default\extensions\63ffxtbr@APlusGamer_63.com FF - ExtSQL: !HIDDEN! 2012-11-12 13:26; 63ffxtbr@APlusGamer_63.com; c:\program files (x86)\APlusGamer_63\bar\1.bin Save this as "CFScript.txt" (including the quotation marks), change the "Save as type" to "All Files" and save it to your desktop. Close any open browsers. Disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Refering to the picture below, drag CFScript.txt into ComboFix.exe When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply. Once the log is produced, re-engage your resident anti virus. Temporary File Cleaner Download TFC to your desktop. Close any open windows. Right click the TFC icon and select "Run as Administrator" to run the program. TFC will close all open programs itself in order to run. Click the Start button to begin the process. Allow TFC to run uninterrupted. The program should not take long to finish. Once complete it should automatically reboot your machine. If your machine does not reboot automatically, manually reboot to ensure a complete clean. Note: After running TFC your machine may take slightly longer to boot the first time. This is normal. MalwareBytes AntiMalware: I can see that you have MBAM installed. Double click on your MalwareBytes AntiMalware icon to launch the program. Click on the "Update" tab and then on "Check for Updates". The program will now install the latest Malware definition files. Once complete, click on the "Scanner" tab, select "Perform Quick Scan"and then click on "Scan". Once the program has scanned your computer, a log file will be created in Notepad. Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log. If the scan detects any Malware-related objects, make sure that everything is checked, and click "Remove Selected" <– Very Important. When disinfection is completed, a log will open in Notepad and you may be prompted to restart your computer. The log is automatically saved by MBAM and can be viewed by clicking the "Logs" tab. Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart your computer, please do so immediately. Come back here to this thread and Paste the log in your next reply. Please post the Combofix log and the MBAM log in your next reply and let me know how the machine is running. Link to comment Share on other sites More sharing options...
goofy1139 Posted December 20, 2012 Author Share Posted December 20, 2012 Hello JonTom Here are some more logs ComboFix 12-12-19.02 - Owner 12/19/2012 18:01:35.5.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6056.4263 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe Command switches used :: c:usersOwnerDesktopCFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . FILE :: "c:program files (x86)APlusGamer_63bar1.bin63bar.dll" "c:programdataVaudix508d42f54b62d.ocx" "c:programdataVaudix508d44c452574.ocx" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:program files (x86)APlusGamer_63 c:program files (x86)APlusGamer_63bar1.bin63sknlcr.dll c:program files (x86)APlusGamer_63bar1.binBOOTSTRAP.JS c:program files (x86)APlusGamer_63bar1.binCHROME.MANIFEST c:program files (x86)APlusGamer_63bar1.binchrome63ffxtbr.jar c:program files (x86)APlusGamer_63bar1.binCREXT.DLL c:program files (x86)APlusGamer_63bar1.binCrExtP63.exe c:program files (x86)APlusGamer_63bar1.binINSTALL.RDF c:program files (x86)APlusGamer_63bar1.bininstallKeys.js c:program files (x86)APlusGamer_63bar1.binLOGO.BMP c:program files (x86)APlusGamer_63bar1.binT8EXTEX.DLL c:program files (x86)APlusGamer_63bar1.binT8EXTPEX.DLL c:program files (x86)APlusGamer_63bar1.binT8RES.DLL c:program files (x86)APlusGamer_63bar1.binT8TICKER.DLL c:program files (x86)APlusGamer_63bargen1COMMON.T8S c:program files (x86)APlusGamer_63barIE9MesgCOMMON.T8S c:program files (x86)APlusGamer_63barMessageCOMMON.T8S c:program files (x86)APlusGamer_63barSettingss_pid.dat c:programdataVaudix c:programdataVaudix508d42f54b62d.ocx c:programdataVaudix508d42f54b665.html c:programdataVaudix508d42f54b69e.js c:programdataVaudix508d44c452574.ocx c:programdataVaudix508d44c452586.html c:programdataVaudix508d44c4525bf.js c:programdataVaudixdata508d44c4525bf.js c:programdataVaudixdatajsondb.js c:programdataVaudixhgbabfgaggnigfjbbpofjcilobgblhfe.crx c:programdataVaudixmhbmcdlkpglhfnacbbdomfcikpkkhgkb.crx c:programdataVaudixsettings.ini c:programdataVaudixuninstall.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------Legacy_NPF -------Service_NPF . . ((((((((((((((((((((((((( Files Created from 2012-11-20 to 2012-12-20 ))))))))))))))))))))))))))))))) . . 2012-12-20 00:37 . 2012-12-20 00:37 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp 2012-12-20 00:37 . 2012-12-20 00:37 -------- d-----w- c:usersDefaultAppDataLocaltemp 2012-12-18 13:42 . 2012-11-08 17:24 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{E0C11D25-2DC5-4B71-8976-A4767590840B}mpengine.dll 2012-12-16 22:46 . 2012-10-30 23:51 370288 ----a-w- c:windowssystem32driversaswSP.sys 2012-12-16 22:46 . 2012-10-30 23:51 25232 ----a-w- c:windowssystem32driversaswFsBlk.sys 2012-12-16 22:46 . 2012-10-15 16:59 54072 ----a-w- c:windowssystem32driversaswRdr2.sys 2012-12-16 22:46 . 2012-10-30 23:51 59728 ----a-w- c:windowssystem32driversaswTdi.sys 2012-12-16 22:46 . 2012-10-30 23:51 984144 ----a-w- c:windowssystem32driversaswSnx.sys 2012-12-16 22:46 . 2012-10-30 23:51 71600 ----a-w- c:windowssystem32driversaswMonFlt.sys 2012-12-16 22:46 . 2012-10-30 23:51 41224 ----a-w- c:windowsavastSS.scr 2012-12-16 22:45 . 2012-10-30 23:50 227648 ----a-w- c:windowsSysWow64aswBoot.exe 2012-12-16 22:06 . 2012-12-16 22:07 -------- d-----w- c:usersOwnerAppDataLocalNETGEARGenie 2012-12-16 22:06 . 2012-12-16 22:06 369168 ----a-w- c:windowssystem32wpcap.dll 2012-12-16 22:06 . 2012-12-16 22:06 35344 ----a-w- c:windowssystem32driversnpf.sys 2012-12-16 22:06 . 2012-12-16 22:06 106000 ----a-w- c:windowssystem32packet.dll 2012-12-16 22:06 . 2012-12-16 22:06 -------- d-----w- c:program files (x86)NETGEAR Genie 2012-12-14 20:48 . 2012-12-14 20:48 -------- d-----w- c:program files (x86)uTorrent 2012-12-14 13:06 . 2012-11-14 07:06 17811968 ----a-w- c:windowssystem32mshtml.dll 2012-12-14 13:06 . 2012-11-14 06:32 10925568 ----a-w- c:windowssystem32ieframe.dll 2012-12-13 11:57 . 2012-11-02 05:59 478208 ----a-w- c:windowssystem32dpnet.dll 2012-12-13 11:57 . 2012-11-02 05:11 376832 ----a-w- c:windowsSysWow64dpnet.dll 2012-12-12 21:34 . 2012-12-13 00:47 -------- d-----w- c:usersOwnerAppDataRoamingatunes 2012-12-12 21:33 . 2012-12-12 21:33 -------- d-----w- c:program files (x86)aTunes 2012-12-12 17:44 . 2012-12-12 17:44 -------- d-----w- c:program files (x86)CheckPoint 2012-12-10 15:12 . 2012-12-10 15:12 -------- d-----w- C:FRACTURE EXTRAS 2012-12-05 17:06 . 2012-11-29 08:27 96224 ----a-w- c:program files (x86)Mozilla Firefoxwebapprt-stub.exe 2012-12-05 17:06 . 2012-11-29 08:27 270816 ----a-w- c:program files (x86)Mozilla Firefoxupdater.exe 2012-12-05 17:06 . 2012-11-29 08:27 157272 ----a-w- c:program files (x86)Mozilla Firefoxwebapp-uninstaller.exe 2012-12-05 17:06 . 2012-11-29 08:27 73696 ----a-w- c:program files (x86)Mozilla Firefoxbreakpadinjector.dll 2012-11-30 15:39 . 2012-11-30 21:47 -------- d-----w- c:program files (x86)Malwarebytes' Anti-Malware 2012-11-30 15:39 . 2012-09-30 01:54 25928 ----a-w- c:windowssystem32driversmbam.sys 2012-11-30 14:16 . 2012-11-30 14:16 -------- d-----w- c:windowsERUNT 2012-11-30 14:15 . 2012-12-06 01:06 -------- d-----w- C:JRT 2012-11-27 17:18 . 2012-12-12 19:11 -------- d-----w- C:FRST 2012-11-25 02:04 . 2012-12-05 19:46 -------- d-----w- c:usersOwnerAppDataLocalElevatedDiagnostics 2012-11-24 14:58 . 2011-05-30 13:42 240640 ----a-w- c:windowsSysWow64xvidvfw.dll 2012-11-24 14:58 . 2011-05-30 13:42 255488 ----a-w- c:windowssystem32xvidvfw.dll 2012-11-24 14:58 . 2011-05-23 09:52 153088 ----a-w- c:windowsSysWow64xvid.ax 2012-11-24 14:58 . 2011-05-23 07:49 173568 ----a-w- c:windowssystem32xvid.ax 2012-11-24 14:58 . 2011-05-23 07:46 645632 ----a-w- c:windowsSysWow64xvidcore.dll 2012-11-24 14:58 . 2011-05-23 07:45 696832 ----a-w- c:windowssystem32xvidcore.dll 2012-11-24 14:57 . 2012-11-24 14:57 -------- d-----w- c:usersOwner.bitrock 2012-11-24 01:49 . 2012-11-24 14:58 -------- d-----w- c:program files (x86)Xvid 2012-11-21 18:48 . 2010-11-26 23:02 17720 ----a-w- c:windowssystem32driversSmartDefragDriver.sys 2012-11-21 14:17 . 2012-11-21 14:19 -------- d-----w- c:program files (x86)MeadCo Neptune 2012-11-20 22:16 . 2012-12-12 16:25 -------- dc----w- c:windowssystem32DRVSTORE 2012-11-20 22:15 . 2012-11-20 22:15 -------- d-----w- c:usersOwnerAppDataRoamingCheckPoint 2012-11-20 21:46 . 2012-12-12 17:44 -------- d-----w- c:programdataCheckPoint 2012-11-20 18:23 . 2012-11-20 18:23 -------- d-----w- c:usersOwnerAppDataRoamingMalwarebytes 2012-11-20 18:22 . 2012-11-20 18:22 -------- d-----w- c:programdataMalwarebytes 2012-11-20 16:27 . 2012-11-20 16:27 -------- d-----w- c:programdataPCPitstop 2012-11-20 16:25 . 2012-11-21 15:57 -------- d-----w- c:program files (x86)PCPitstop 2012-11-20 11:53 . 2012-11-20 11:53 -------- d-----w- c:usersOwnerAppDataRoamingConverterLite 2012-11-20 01:03 . 2012-11-20 01:03 -------- d-----w- c:usersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012) . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-14 13:10 . 2012-07-25 12:45 67413224 ----a-w- c:windowssystem32MRT.exe 2012-12-12 17:57 . 2012-07-31 00:28 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe 2012-12-12 17:57 . 2012-07-31 00:28 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl 2012-11-24 01:35 . 2012-10-06 20:26 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll 2012-11-15 01:51 . 2012-11-15 01:51 62976 ----a-w- c:windowssystem32TSWbPrxy.exe 2012-11-15 01:51 . 2012-11-15 01:51 57856 ----a-w- c:windowssystem32driversTsUsbFlt.sys 2012-11-15 01:51 . 2012-11-15 01:51 5773824 ----a-w- c:windowssystem32mstscax.dll 2012-11-15 01:51 . 2012-11-15 01:51 54272 ----a-w- c:windowssystem32MsRdpWebAccess.dll 2012-11-15 01:51 . 2012-11-15 01:51 4916224 ----a-w- c:windowsSysWow64mstscax.dll 2012-11-15 01:51 . 2012-11-15 01:51 46592 ----a-w- c:windowsSysWow64MsRdpWebAccess.dll 2012-11-15 01:51 . 2012-11-15 01:51 44032 ----a-w- c:windowssystem32tsgqec.dll 2012-11-15 01:51 . 2012-11-15 01:51 43520 ----a-w- c:windowssystem32TsUsbGDCoInstaller.dll 2012-11-15 01:51 . 2012-11-15 01:51 384000 ----a-w- c:windowssystem32wksprt.exe 2012-11-15 01:51 . 2012-11-15 01:51 37376 ----a-w- c:windowsSysWow64tsgqec.dll 2012-11-15 01:51 . 2012-11-15 01:51 322560 ----a-w- c:windowssystem32aaclient.dll 2012-11-15 01:51 . 2012-11-15 01:51 3174912 ----a-w- c:windowssystem32rdpcorets.dll 2012-11-15 01:51 . 2012-11-15 01:51 269312 ----a-w- c:windowsSysWow64aaclient.dll 2012-11-15 01:51 . 2012-11-15 01:51 243200 ----a-w- c:windowssystem32rdpudd.dll 2012-11-15 01:51 . 2012-11-15 01:51 228864 ----a-w- c:windowssystem32rdpendp_winip.dll 2012-11-15 01:51 . 2012-11-15 01:51 19456 ----a-w- c:windowssystem32driversrdpvideominiport.sys 2012-11-15 01:51 . 2012-11-15 01:51 192000 ----a-w- c:windowsSysWow64rdpendp_winip.dll 2012-11-15 01:51 . 2012-11-15 01:51 18432 ----a-w- c:windowssystem32wksprtPS.dll 2012-11-15 01:51 . 2012-11-15 01:51 16896 ----a-w- c:windowsSysWow64wksprtPS.dll 2012-11-15 01:51 . 2012-11-15 01:51 15360 ----a-w- c:windowssystem32RdpGroupPolicyExtension.dll 2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyExtension.dll 2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyControl.exe 2012-11-15 01:51 . 2012-11-15 01:51 1123840 ----a-w- c:windowssystem32mstsc.exe 2012-11-15 01:51 . 2012-11-15 01:51 1048064 ----a-w- c:windowsSysWow64mstsc.exe 2012-11-15 01:50 . 2012-11-15 01:50 96768 ----a-w- c:windowsSysWow64sspicli.dll 2012-11-15 01:50 . 2012-11-15 01:50 458712 ----a-w- c:windowssystem32driverscng.sys 2012-11-15 01:50 . 2012-11-15 01:50 340992 ----a-w- c:windowssystem32schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 307200 ----a-w- c:windowssystem32ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 247808 ----a-w- c:windowsSysWow64schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 220160 ----a-w- c:windowsSysWow64ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 22016 ----a-w- c:windowsSysWow64secur32.dll 2012-11-15 01:50 . 2012-11-15 01:50 154480 ----a-w- c:windowssystem32driversksecpkg.sys 2012-11-15 01:50 . 2012-11-15 01:50 1448448 ----a-w- c:windowssystem32lsasrv.dll 2012-11-15 01:49 . 2012-11-15 01:49 514560 ----a-w- c:windowsSysWow64qdvd.dll 2012-11-15 01:49 . 2012-11-15 01:49 366592 ----a-w- c:windowssystem32qdvd.dll 2012-11-14 20:32 . 2012-11-14 20:32 30568 ----a-w- c:windowssystem32driversavgtpx64.sys 2012-11-01 18:31 . 2012-11-01 18:31 40712 ----a-w- c:windowssystem32driverstaphss6.sys 2012-11-01 18:25 . 2012-11-01 18:25 42248 ----a-w- c:windowssystem32drivershssdrv6.sys 2012-10-30 23:50 . 2012-08-03 22:43 285328 ----a-w- c:windowssystem32aswBoot.exe 2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:windowsSysWow64QuickTimeVR.qtx 2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:windowsSysWow64QuickTime.qts 2012-10-22 22:34 . 2012-10-22 22:34 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll 2012-10-22 22:34 . 2012-10-22 22:35 821736 ----a-w- c:windowsSysWow64npDeployJava1.dll 2012-10-22 22:34 . 2012-10-22 22:35 746984 ----a-w- c:windowsSysWow64deployJava1.dll 2012-10-17 13:39 . 2012-10-17 13:39 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCore-2Microsoft.MediaCenter.Sports.UI.dll 2012-10-17 13:39 . 2012-10-17 13:39 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkup-2markup.dll 2012-10-17 13:37 . 2012-10-17 13:37 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSM-2StartResources.dll 2012-10-16 08:38 . 2012-12-13 11:57 135168 ----a-w- c:windowsapppatchAppPatch64AcXtrnal.dll 2012-10-16 08:38 . 2012-12-13 11:57 350208 ----a-w- c:windowsapppatchAppPatch64AcLayers.dll 2012-10-16 07:39 . 2012-12-13 11:57 561664 ----a-w- c:windowsapppatchAcLayers.dll 2012-10-09 18:17 . 2012-11-15 12:36 55296 ----a-w- c:windowssystem32dhcpcsvc6.dll 2012-10-09 18:17 . 2012-11-15 12:36 226816 ----a-w- c:windowssystem32dhcpcore6.dll 2012-10-09 17:40 . 2012-11-15 12:36 44032 ----a-w- c:windowsSysWow64dhcpcsvc6.dll 2012-10-09 17:40 . 2012-11-15 12:36 193536 ----a-w- c:windowsSysWow64dhcpcore6.dll 2012-10-06 20:26 . 2012-10-06 20:26 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkupmarkup.dll 2012-10-06 20:26 . 2012-10-06 20:26 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSMStartResources.dll 2012-10-06 20:26 . 2012-10-06 20:26 539984 ----a-w- c:programdataMicrosofteHomePackagesMCESpotlightMCESpotlightSpotlightResources.dll 2012-10-04 16:40 . 2012-12-13 11:58 44032 ----a-w- c:windowsapppatchacwow64.dll 2012-10-03 17:56 . 2012-11-17 17:59 1914248 ----a-w- c:windowssystem32driverstcpip.sys 2012-10-03 17:44 . 2012-11-17 17:59 70656 ----a-w- c:windowssystem32nlaapi.dll 2012-10-03 17:44 . 2012-11-17 17:59 303104 ----a-w- c:windowssystem32nlasvc.dll 2012-10-03 17:44 . 2012-11-17 17:59 246272 ----a-w- c:windowssystem32netcorehc.dll 2012-10-03 17:44 . 2012-11-17 17:59 18944 ----a-w- c:windowssystem32netevent.dll 2012-10-03 17:44 . 2012-11-17 17:59 216576 ----a-w- c:windowssystem32ncsi.dll 2012-10-03 17:42 . 2012-11-17 17:59 569344 ----a-w- c:windowssystem32iphlpsvc.dll 2012-10-03 16:42 . 2012-11-17 17:59 18944 ----a-w- c:windowsSysWow64netevent.dll 2012-10-03 16:42 . 2012-11-17 17:59 175104 ----a-w- c:windowsSysWow64netcorehc.dll 2012-10-03 16:42 . 2012-11-17 17:59 156672 ----a-w- c:windowsSysWow64ncsi.dll 2012-10-03 16:07 . 2012-11-17 17:59 45568 ----a-w- c:windowssystem32driverstcpipreg.sys 2012-09-25 22:47 . 2012-11-15 12:31 78336 ----a-w- c:windowsSysWow64synceng.dll 2012-09-25 22:46 . 2012-11-15 12:31 95744 ----a-w- c:windowssystem32synceng.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "IDMan"="c:program files (x86)Internet Download ManagerIDMan.exe" [2012-09-01 3528128] "Xvid"="c:program files (x86)XvidCheckUpdate.exe" [2011-01-17 8192] "Spotify Web Helper"="c:usersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe" [2012-10-28 1199576] "NETGEARGenie"="c:program files (x86)NETGEAR GeniebinNETGEARGenie.exe" [2012-10-16 1041736] . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun] "CLMLServer"="c:program files (x86)CyberLinkPower2GoCLMLSvc.exe" [2009-11-02 103720] "Samsung PanelMgr"="c:windowsSamsungPanelMgrSSMMgr.exe" [2010-06-08 618496] "UVS10 Preload"="c:program files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe" [2006-03-07 36864] "UpdatePPShortCut"="c:program files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" [2009-05-20 222504] "Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848] "APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-10-12 59280] "PowerDVD12DMREngine"="c:program files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [2012-09-19 505872] "PowerDVD12Agent"="c:program files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [2012-09-19 374560] "QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-10-25 421888] "avast"="c:program filesAVAST SoftwareAvastavastUI.exe" [2012-10-30 4297136] . c:usersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup MagicDisc.lnk - c:program files (x86)MagicDiscMagicDisc.exe [2012-9-15 576000] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:windowsSysWOW64nvinit.dll . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32] "wave6"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944] R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:windowssystem32DRIVERSAVerPola.sys [2011-01-04 534144] R3 BBUpdate;BBUpdate;c:program files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe [2012-02-10 240408] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:program filesIntelWiFibinPanDhcpDns.exe [2011-01-05 340240] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2012-11-15 19456] R3 Samsung UPD Service;Samsung UPD Service;c:windowsSystem32SUPDSvc.exe [2010-08-09 166704] R3 StkCMini;Syntek AVStream USB2.0 ATV;c:windowssystem32DriversStkCMini.sys [2010-04-16 1816968] R3 taphss6;Anchorfree HSS VPN Adapter;c:windowssystem32DRIVERStaphss6.sys [2012-11-01 40712] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2012-11-15 57856] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2012-07-25 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32DRIVERSwdcsam64.sys [2008-05-06 14464] R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:windowssystem32DRIVERSnvpciflt.sys [2010-12-14 25576] S0 SmartDefragDriver;SmartDefragDriver;c:windowsSystem32DriversSmartDefragDriver.sys [2010-11-26 17720] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-14 30568] S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:windowssystem32DriversSABI.sys [2009-05-28 13824] S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34];c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-09-19 22:12 147704] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2012-10-30 71600] S2 BBSvc;BingBar Service;c:program files (x86)MicrosoftBingBar7.1.361.0BBSvc.exe [2012-02-10 193816] S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-09-19 90640] S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-09-19 78352] S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-09-19 295440] S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:program filesIntelWiMAXBinDMAgent.exe [2011-06-06 498688] S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.sys [2012-08-02 158944] S2 MBAMScheduler;MBAMScheduler;c:program files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [2012-09-30 399432] S2 MBAMService;MBAMService;c:program files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2012-09-30 676936] S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:program files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe [2012-09-25 231752] S2 nlsX86cc;Nalpeiron Licensing Service;c:windowsSysWOW64nlssrv32.exe [2010-11-22 66560] S2 ntk_PowerDVD12;ntk_PowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-06-20 83704] S2 UNS;Intel® Management and Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-10-06 2655768] S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:program filesIntelWiMAXBinAppSrv.exe [2011-06-06 986112] S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:windowssystem32DRIVERSbpenum.sys [2011-05-19 84480] S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:windowssystem32DRIVERSbpmp.sys [2011-05-19 182272] S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:windowssystem32Driversbpusb.sys [2011-05-19 83968] S3 clwvd;CyberLink WebCam Virtual Driver;c:windowssystem32DRIVERSclwvd.sys [2010-11-10 31088] S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys [2010-11-12 138024] S3 IntcDAud;Intel® Display Audio;c:windowssystem32DRIVERSIntcDAud.sys [2010-10-15 317440] S3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [2012-09-30 25928] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:windowssystem32DRIVERSnusb3hub.sys [2010-10-11 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:windowssystem32DRIVERSnusb3xhc.sys [2010-10-11 180736] S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2011-06-10 539240] S3 wdkmd;Intel WiDi KMD;c:windowssystem32DRIVERSWDKMD.sys [2010-11-30 42392] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - NPF . Contents of the 'Scheduled Tasks' folder . 2012-12-19 c:windowsTasksAdobe Flash Player Updater.job - c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-31 17:57] . 2012-12-20 c:windowsTasksSlimDrivers Startup.job - c:program files (x86)SlimDriversSlimDrivers.exe [2012-10-14 21:29] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 23:50 133400 ----a-w- c:program filesAVAST SoftwareAvastashShA64.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersIDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOTCLSID{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 23432 ----a-w- c:program files (x86)Internet Download ManagerIDMShellExt64.dll . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "IgfxTray"="c:windowssystem32igfxtray.exe" [2011-01-04 167960] "HotKeysCmds"="c:windowssystem32hkcmd.exe" [2011-01-04 391704] "Persistence"="c:windowssystem32igfxpers.exe" [2011-01-04 417304] "RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2010-11-30 11660904] "IntelWireless"="c:program filesCommon FilesIntelWirelessCommoniFrmewrk.exe" [2011-01-05 1933584] "ETDCtrl"="c:program files (x86)ElantechETDCtrl.exe" [bU] "IntelWirelessWiMAX"="c:program filesIntelWiMAXBinWiMAXCU.exe" [2011-06-02 1622016] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows] "AppInit_DLLs"=c:windowsSystem32nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:windowssystem32blank.htm mStart Page = hxxp://samsung.msn.com mLocal Page = c:windowsSysWOW64blank.htm IE: Download all links with IDM - c:program files (x86)Internet Download ManagerIEGetAll.htm IE: Download with IDM - c:program files (x86)Internet Download ManagerIEExt.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default FF - ExtSQL: 2012-11-04 18:39; 50970cb9d50ba@50970cb9d50f3.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions50970cb9d50ba@50970cb9d50f3.com.xpi FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com FF - ExtSQL: 2012-12-16 16:53; wrc@avast.com; c:program filesAVAST SoftwareAvastWebRepFF FF - ExtSQL: !HIDDEN! 2012-11-12 13:26; 63ffxtbr@APlusGamer_63.com; c:program files (x86)APlusGamer_63bar1.bin FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:program files (x86)MindDabble_4pbar1.bin . - - - - ORPHANS REMOVED - - - - . BHO-{30C456C5-0E73-2343-38F0-D9F9CF8B0F52} - c:programdataVaudix508d44c452574.ocx BHO-{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE} - c:programdataVaudix508d42f54b62d.ocx Toolbar-Locked - (no file) AddRemove-{681002C6-5019-81A2-7871-A43754F71E56} - c:programdataVaudixuninstall.exe . . . [HKEY_LOCAL_MACHINESYSTEMControlSet001services{73526619-C24F-470B-9BED-53D455FBB5C6}] "ImagePath"="??c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):c5,88,12,3d,a1,66,02,aa,b6,69,27,77,2a,36,ce,6b,62,5d,c5,5b,dd, 32,c3,0e,3c,fd,35,14,a9,f8,c3,8a,76,15,a2,42,fb,fb,4e,66,00,00,00,00,00,00, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):92,20,a6,2c,ac,da,97,ad,d1,24,a3,f8,5b,7f,d7,fc,ab,59,6e,1b,bf, 51,95,0a,ae,4d,7b,37,63,5b,fa,ad,73,d0,1a,32,83,42,de,9e,00,00,00,00,00,00, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{b5572adb-f71b-41a1-ad6e-0832b120e9ea}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:000000f0 "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,85,b1,12,f9,90,dd,23,a1,46,8f,3c,f2,5c,68,ee,21,c4,91,5d,38,fc,54, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{c9fa1039-b2b9-4ecb-85ad-32f7d18bc0ed}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000012c "Therad"=dword:00000001 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68, . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus] @="0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:program filesAVAST SoftwareAvastAvastSvc.exe c:program files (x86)Common FilesAdobeARM1.0armsvc.exe c:program files (x86)IObitSmart Defrag 2SmartDefrag.exe c:program files (x86)Malwarebytes' Anti-Malwarembamgui.exe c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe c:program files (x86)CyberLinkShared filesRichVideo.exe c:program files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe c:program files (x86)SamsungEasy Display ManagerWifiManager.exe c:program files (x86)CyberLinkYouCamYCMMirage.exe c:program files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe c:program files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe c:program files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe c:program files (x86)SamsungSamsung Support CenterSSCKbdHk.exe c:program files (x86)SamsungSamsung Update PlusSUPBackground.exe . ************************************************************************** . Completion time: 2012-12-19 18:52:59 - machine was rebooted ComboFix-quarantined-files.txt 2012-12-20 00:52 ComboFix2.txt 2012-12-19 19:31 ComboFix3.txt 2012-12-18 18:54 ComboFix4.txt 2012-12-11 00:42 ComboFix5.txt 2012-12-19 23:59 . Pre-Run: 70,492,712,960 bytes free Post-Run: 70,425,374,720 bytes free . - - End Of File - - 4C1BBF0C55D7FDB11EDE1024F9B8F043 Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.12.20.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Owner :: OWNER-PC [administrator] 12/19/2012 7:57:26 PM mbam-log-2012-12-19 (19-57-26).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 238507 Time elapsed: 4 minute(s), 31 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 2 HKCRCLSID{30C456C5-0E73-2343-38F0-D9F9CF8B0F52} (Adware.KorAd) -> Quarantined and deleted successfully. HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{30C456C5-0E73-2343-38F0-D9F9CF8B0F52} (Adware.KorAd) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Link to comment Share on other sites More sharing options...
JonTom Posted December 20, 2012 Share Posted December 20, 2012 Hello goofy1139 Thank you for the logs. How is the machine running now? Lets run an online scan to check for anything that may have been missed: Please run the following scan Note: You will need to use Internet Explorer for this scan. Note for Vista/Windows 7 Users: ESET is compatible but Internet Explorer must be run as Administrator. To do this, right-click on your Internet Explorer icon and select "Run as Administrator". Please disable your real time security programs before performing the scan. Scan your system with Eset Online Scanner Place a check mark in the box YES, I accept the Terms Of Use. Click the button. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps). Click on to download the ESET Smart Installer. Save it to your desktop. Double click on the icon on your desktop. Check Click the button. Accept any security warnings from your browser. Check Make sure that the option to "Remove Found Threats" is UN checked. Push the "Start" button. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. When the scan completes, push Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply. Push the button. Push Once the ESET scan has completed, please save the log then scan your machine with either DDS or OTL and post the logs in your next reply. Link to comment Share on other sites More sharing options...
JonTom Posted December 27, 2012 Share Posted December 27, 2012 Due to lack of response, this topic is now closed. If you are the topic starter and need this topic reopened, please PM a staff member (include the address of this thread in your request). Everyone else please start a new topic. Link to comment Share on other sites More sharing options...
JonTom Posted December 30, 2012 Share Posted December 30, 2012 Topic re-opened at users request. Link to comment Share on other sites More sharing options...
goofy1139 Posted January 3, 2013 Author Share Posted January 3, 2013 C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDownloadSetup.exe Win32/Adware.1ClickDownload.C application C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDropDownDealsSmartSetup.exe multiple threats C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDropDownDealsSmartSetup_2.exe multiple threats C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsPageRageSetupAff.exe multiple threats C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsxvidsetup.exe a variant of Win32/Obfuscated.NER trojan C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsxvidsetup_2.exe a variant of Win32/Obfuscated.NER trojan C:Program Files (x86)ZuxxezBattle vs. ChessSKIDROW.dll a variant of Win32/Packed.VMProtect.AAA trojan C:QooboxQuarantineCNew folder (2)Geek Squad Backup 07.09.2012BACKUP CONTINUEDAudio Record Wizard 3.99 Inc Crack - Mast3r-CrackARWizard3.exe.vir probably a variant of Win32/TrojanDropper.Agent.NHZIJQ trojan C:QooboxQuarantineCProgramDataVaudix508d42f54b62d.ocx.vir Win32/Adware.MultiPlug.D application C:QooboxQuarantineCProgramDataVaudix508d44c452574.ocx.vir Win32/Adware.MultiPlug.D application C:QooboxQuarantineCUsersOwnerAudio Record Wizard 3.99 Inc Crack - Mast3r-audio recordAudio Record Wizard 3.99 Inc Crack - Mast3r-CrackARWizard3.exe.vir probably a variant of Win32/TrojanDropper.Agent.NHZIJQ trojan C:UsersOwnerAudio Record Wizard 3.99 Inc Crack - Mast3r-.rar probably a variant of Win32/TrojanDropper.Agent.NHZIJQ trojan DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2 Run by Owner at 18:32:59 on 2013-01-02 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6055.3566 [GMT -6:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:Windowssystem32lsm.exe C:Windowssystem32svchost.exe -k DcomLaunch C:Windowssystem32nvvsvc.exe C:Windowssystem32svchost.exe -k RPCSS C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:Windowssystem32svchost.exe -k netsvcs C:Windowssystem32svchost.exe -k GPSvcGroup C:Windowssystem32svchost.exe -k LocalService C:Windowssystem32svchost.exe -k NetworkService C:Program FilesNVIDIA CorporationDisplayNvXDSync.exe C:Windowssystem32WLANExt.exe C:Program FilesAVAST SoftwareAvastAvastSvc.exe C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:WindowsSystem32spoolsv.exe C:Windowssystem32svchost.exe -k LocalServiceNoNetwork C:Windowssystem32taskhost.exe C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe C:Windowssystem32taskeng.exe C:WindowsSystem32hkcmd.exe C:WindowsSystem32igfxpers.exe C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe C:Program FilesIntelWiFibinEvtEng.exe C:PROGRA~2MINDDA~2bar2.bin4pbarsvc.exe C:Program Files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe C:Program FilesRealtekAudioHDARAVCpl64.exe C:WindowsSysWOW64nlssrv32.exe C:Program Files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe C:Program Files (x86)CyberLinkShared filesRichVideo.exe C:Windowssystem32svchost.exe -k imgsvc C:Program Files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe C:Program FilesIntelWiMAXBinAppSrv.exe C:WindowsSystem32svchost.exe -k secsvcs C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE C:Program FilesIntelWiMAXBinDMAgent.exe C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe C:Windowssystem32wbemunsecapp.exe C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted C:Windowssystem32wbemwmiprvse.exe C:Windowssystem32taskeng.exe C:Program Files (x86)SamsungEasy Display ManagerWifiManager.exe C:Program Files (x86)CyberLinkYouCamYCMMirage.exe C:Program FilesSRS LabsSRS Premium Sound Control Panelsrspremiumpanel_64.exe C:Program Files (x86)SamsungEasy Display Managerdmhkcore.exe C:Windowssystem32SearchIndexer.exe C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe C:Program FilesElantechETDCtrl.exe C:Program FilesIntelWiMAXBinWiMAXCU.exe C:Program FilesWindows Media Playerwmpnetwk.exe C:Windowssystem32wbemunsecapp.exe C:Program Files (x86)SAMSUNGEasySpeedUpManagerEasySpeedUpManager.exe C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation C:UsersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe C:Program Files (x86)NETGEAR GeniebinNETGEARGenie.exe C:Program FilesElantechETDCtrlHelper.exe C:Program Files (x86)Internet Download ManagerIEMonitor.exe C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe C:Program Files (x86)MagicDiscMagicDisc.exe C:Windowssystem32igfxext.exe C:Windowssystem32igfxsrvc.exe C:Program Files (x86)Common FilesJavaJava Updatejusched.exe C:Program Files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe C:Program Files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe C:Program Files (x86)QuickTimeQTTask.exe C:Program FilesAVAST SoftwareAvastAvastUI.exe C:Program Files (x86)Search Results ToolbarDatamngrdatamngrUI.exe C:Program Files (x86)NETGEAR Geniebingenie2_tray.exe C:WindowsSystem32svchost.exe -k LocalServicePeerNet C:Windowssplwow64.exe C:Program Files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe C:Program FilesSamsungSamsungFastStartSmartRestarter.exe C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe C:Program Files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe C:Program Files (x86)SamsungSamsung Support CenterSSCKbdHk.exe C:Program Files (x86)SamsungSamsung Update PlusSUPBackground.exe C:Program Files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe C:WindowsSysWOW64ctfmon.exe C:Program Files (x86)Mozilla Firefoxfirefox.exe C:Program Files (x86)Mozilla Firefoxplugin-container.exe C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_5_502_135.exe C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_5_502_135.exe C:Windowssystem32wbemwmiprvse.exe C:WindowsSystem32cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.searchnu.com/406 mStart Page = hxxp://samsung.msn.com BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:Program Files (x86)Windows LiveCompanioncompanioncore.dll BHO: W2PBrowser Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:Program FilesSamsung AnyWeb PrintW2PBrowser.dll BHO: DataMngr: {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:Program Files (x86)Search Results ToolbarDatamngrBrowserConnection.dll BHO: Vaudix Class: {D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE} - BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:Program Files (x86)MicrosoftBingBar7.1.361.0BingExt.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll BHO: Search-Results Toolbar: {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:Program Files (x86)Search Results ToolbarDatamngrSRTOOL~1searchresultsDx.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll TB: Search-Results Toolbar: {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:Program Files (x86)Search Results ToolbarDatamngrSRTOOL~1searchresultsDx.dll uRun: [iDMan] C:Program Files (x86)Internet Download ManagerIDMan.exe /onboot uRun: [Xvid] C:Program Files (x86)XvidCheckUpdate.exe uRun: [spotify Web Helper] "C:UsersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe" uRun: [NETGEARGenie] "C:Program Files (x86)NETGEAR GeniebinNETGEARGenie.exe" -mini -redirect uRun: [AnyDVD] C:Program Files (x86)SlySoftAnyDVDAnyDVDtray.exe mRun: [CLMLServer] "C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe" mRun: [samsung PanelMgr] C:WindowsSamsungPanelMgrSSMMgr.exe /autorun mRun: [uVS10 Preload] C:Program Files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe mRun: [updatePPShortCut] "C:Program Files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" "C:Program Files (x86)CyberLinkPowerProducer" UpdateWithCreateOnce "SoftwareCyberLinkPowerProducer5.0" mRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe" mRun: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" mRun: [PowerDVD12DMREngine] "C:Program Files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" mRun: [PowerDVD12Agent] "C:Program Files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" mRun: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime mRun: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /nogui mRun: [DATAMNGR] C:PROGRA~2SEARCH~1DatamngrDATAMN~1.EXE mRun: [MindDabble Search Scope Monitor] "C:PROGRA~2MINDDA~2bar2.bin4psrchmn.exe" /m=2 /w /h StartupFolder: C:UsersOwnerAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupMAGICD~1.LNK - C:Program Files (x86)MagicDiscMagicDisc.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Download all links with IDM - C:Program Files (x86)Internet Download ManagerIEGetAll.htm IE: Download with IDM - C:Program Files (x86)Internet Download ManagerIEExt.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:Program Files (x86)Windows LiveCompanioncompanioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:Program FilesSamsung AnyWeb PrintW2PBrowser.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} - hxxp://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces{EF589019-EF09-4585-8068-B38719BE845F} : DHCPNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll AppInit_DLLs= C:PROGRA~3WincertWIN32C~1.DLL C:PROGRA~2SEARCH~1Datamngrdatamngr.dll C:PROGRA~2SEARCH~1DatamngrIEBHO.dll C:WindowsSysWOW64nvinit.dll SSODL: WebCheck - <orphaned> x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program Files (x86)Internet Download ManagerIDMIECC64.dll x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll x64-BHO: DataMngr: {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:Program Files (x86)Search Results ToolbarDatamngrx64BrowserConnection.dll x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll x64-Run: [igfxTray] C:WindowsSystem32igfxtray.exe x64-Run: [HotKeysCmds] C:WindowsSystem32hkcmd.exe x64-Run: [Persistence] C:WindowsSystem32igfxpers.exe x64-Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s x64-Run: [intelWireless] "C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe" /tf Intel Wireless Tray x64-Run: [ETDCtrl] C:Program Files (x86)ElantechETDCtrl.exe x64-Run: [intelWirelessWiMAX] "C:Program FilesIntelWiMAXBinWiMAXCU.exe" /tasktray /nosplash x64-DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default FF - prefs.js: browser.startup.homepage - hxxp://www.searchnu.com/406 FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=287&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=5893014922044063&o=APN10645&q= FF - plugin: C:PROGRA~2MEADCO~1npmeadax.dll FF - plugin: C:Program Files (x86)AdobeReader 10.0ReaderAIRnppdf32.dll FF - plugin: C:Program Files (x86)Javajre7binplugin2npjp2.dll FF - plugin: c:Program Files (x86)Microsoft Silverlight5.1.10411.0npctrlui.dll FF - plugin: C:Program Files (x86)MindDabble_4pbar2.binNP4pStub.dll FF - plugin: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll FF - plugin: C:WindowsSysWOW64MacromedFlashNPSWF32_11_5_502_135.dll FF - plugin: C:WindowsSysWOW64npDeployJava1.dll FF - plugin: C:WindowsSysWOW64npmproxy.dll FF - ExtSQL: 2012-11-04 18:39; 50970cb9d50ba@50970cb9d50f3.com; C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions50970cb9d50ba@50970cb9d50f3.com.xpi FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com FF - ExtSQL: 2012-12-16 16:53; wrc@avast.com; C:Program FilesAVAST SoftwareAvastWebRepFF FF - ExtSQL: 2012-12-25 11:28; {f34c9277-6577-4dff-b2d7-7d58092f272f}; C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions{f34c9277-6577-4dff-b2d7-7d58092f272f} FF - ExtSQL: 2012-12-25 11:28; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; C:Program Files (x86)Search Results ToolbarDatamngrFirefoxExtension FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; C:Program Files (x86)MindDabble_4pbar2.bin FF - ExtSQL: !HIDDEN! 2012-12-25 11:28; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; C:Program Files (x86)Search Results ToolbarDatamngrFirefoxExtension . ============= SERVICES / DRIVERS =============== . R0 nvpciflt;nvpciflt;C:WindowsSystem32driversnvpciflt.sys [2011-2-20 25576] R0 SmartDefragDriver;SmartDefragDriver;C:WindowsSystem32driversSmartDefragDriver.sys [2012-11-21 17720] R1 aswSnx;aswSnx;C:WindowsSystem32driversaswSnx.sys [2012-12-16 984144] R1 aswSP;aswSP;C:WindowsSystem32driversaswSP.sys [2012-12-16 370288] R1 avgtp;avgtp;C:WindowsSystem32driversavgtpx64.sys [2012-11-14 30568] R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:WindowsSystem32driversSABI.sys [2011-2-20 13824] R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34:12];C:Program Files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-9-19 147704] R2 aswFsBlk;aswFsBlk;C:WindowsSystem32driversaswFsBlk.sys [2012-12-16 25232] R2 aswMonFlt;aswMonFlt;C:WindowsSystem32driversaswMonFlt.sys [2012-12-16 71600] R2 avast! Antivirus;avast! Antivirus;C:Program FilesAVAST SoftwareAvastAvastSvc.exe [2012-12-16 44808] R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-11-9 90640] R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-11-9 78352] R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-11-9 295440] R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:Program FilesIntelWiMAXBinDMAgent.exe [2011-6-6 498688] R2 IDMWFP;IDMWFP;C:WindowsSystem32driversidmwfp.sys [2012-8-31 158944] R2 MindDabble_4pService;MindDabbleService;C:PROGRA~2MINDDA~2bar2.bin4pbarsvc.exe [2012-12-26 42504] R2 NETGEARGenieDaemon;NETGEARGenieDaemon;C:Program Files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe [2012-9-25 231752] R2 nlsX86cc;Nalpeiron Licensing Service;C:WindowsSysWOW64nlssrv32.exe [2012-9-11 66560] R2 ntk_PowerDVD12;ntk_PowerDVD12;C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-11-9 83704] R2 UNS;Intel® Management and Security Application User Notification Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2011-2-20 2655768] R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:Program FilesIntelWiMAXBinAppSrv.exe [2011-6-6 986112] R3 BBUpdate;BBUpdate;C:Program Files (x86)MicrosoftBingBar7.1.361.0SeaPort.EXE [2012-2-10 240408] R3 bpenum;Intel® Centrino® WiMAX Enumerator;C:WindowsSystem32driversbpenum.sys [2011-5-19 84480] R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:WindowsSystem32driversbpmp.sys [2011-5-19 182272] R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;C:WindowsSystem32driversbpusb.sys [2011-5-19 83968] R3 clwvd;CyberLink WebCam Virtual Driver;C:WindowsSystem32driversclwvd.sys [2010-11-10 31088] R3 ETD;ELAN PS/2 Port Input Device;C:WindowsSystem32driversETD.sys [2011-2-21 138024] R3 IntcDAud;Intel® Display Audio;C:WindowsSystem32driversIntcDAud.sys [2011-2-21 317440] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:WindowsSystem32driversnusb3hub.sys [2010-10-11 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:WindowsSystem32driversnusb3xhc.sys [2010-10-11 180736] R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2012-8-6 539240] R3 wdkmd;Intel WiDi KMD;C:WindowsSystem32driversWDKMD.sys [2010-11-30 42392] S2 BBSvc;BingBar Service;C:Program Files (x86)MicrosoftBingBar7.1.361.0BBSvc.EXE [2012-2-10 193816] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2012-7-13 160944] S3 AVerPola;AVerMedia USB Polaris Series Capture Service;C:WindowsSystem32driversAVerPola.sys [2012-9-20 534144] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:Program FilesIntelWiFibinPanDhcpDns.exe [2011-1-4 340240] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:WindowsSystem32driversrdpvideominiport.sys [2012-11-14 19456] S3 Samsung UPD Service;Samsung UPD Service;C:WindowsSystem32SUPDSvc.exe [2011-2-20 166704] S3 StkCMini;Syntek AVStream USB2.0 ATV;C:WindowsSystem32driversStkCMini.sys [2012-8-9 1816968] S3 taphss6;Anchorfree HSS VPN Adapter;C:WindowsSystem32driverstaphss6.sys [2012-11-1 40712] S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2012-11-14 57856] S3 WatAdminSvc;Windows Activation Technologies Service;C:WindowsSystem32WatWatAdminSvc.exe [2012-7-25 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:WindowsSystem32driverswdcsam64.sys [2008-5-6 14464] S4 wlcrasvc;Windows Live Mesh remote connections service;C:Program FilesWindows LiveMeshwlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-01-02 19:47:18 -------- d-----w- C:Program Files (x86)ESET 2013-01-02 17:17:07 76232 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{9177B41E-E962-4833-8513-3DF4D9FED774}offreg.dll 2013-01-01 17:37:46 9125352 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{9177B41E-E962-4833-8513-3DF4D9FED774}mpengine.dll 2012-12-28 15:33:46 -------- d-----w- C:Hugo extras 2012-12-28 15:33:23 -------- d-----w- C:Hugo 2012-12-26 14:13:18 -------- d-----w- C:ProgramDataboost_interprocess 2012-12-26 02:31:41 -------- d-----w- C:UsersOwnerAppDataRoamingMedia Player Lite 2012-12-26 02:28:05 -------- d-----w- C:UsersOwnerAppDataRoamingFileAssociationManager 2012-12-26 02:28:01 -------- d-----w- C:Program Files (x86)FileAssociationManager 2012-12-26 02:27:58 -------- d-----w- C:Program Files (x86)MediaPlayerLite 2012-12-26 00:57:17 -------- d-----w- C:toolbarImages 2012-12-26 00:56:31 -------- d-----w- C:UsersOwnerAppDataLocalTorch 2012-12-25 19:54:23 -------- d-----w- C:ProgramDataBrowser Manager 2012-12-25 17:28:45 773968 ----a-w- C:WindowsSystem32msvcr100.dll 2012-12-25 17:28:12 -------- d-----w- C:ProgramDataWincert 2012-12-25 17:27:59 -------- d-----w- C:Program Files (x86)Search Results Toolbar 2012-12-25 17:27:39 -------- d-----w- C:UsersOwnerAppDataLocaliLivid 2012-12-23 17:43:36 -------- d-----w- C:ted dvd files 2012-12-21 09:00:35 46080 ----a-w- C:WindowsSystem32atmlib.dll 2012-12-21 09:00:35 367616 ----a-w- C:WindowsSystem32atmfd.dll 2012-12-21 09:00:35 34304 ----a-w- C:WindowsSysWow64atmlib.dll 2012-12-21 09:00:35 295424 ----a-w- C:WindowsSysWow64atmfd.dll 2012-12-20 00:39:31 -------- d-----w- C:$RECYCLE.BIN 2012-12-16 22:46:33 54072 ----a-w- C:WindowsSystem32driversaswRdr2.sys 2012-12-16 22:46:32 984144 ----a-w- C:WindowsSystem32driversaswSnx.sys 2012-12-16 22:46:29 71600 ----a-w- C:WindowsSystem32driversaswMonFlt.sys 2012-12-16 22:46:00 41224 ----a-w- C:WindowsavastSS.scr 2012-12-16 22:06:49 -------- d-----w- C:UsersOwnerAppDataLocalNETGEARGenie 2012-12-16 22:06:40 369168 ----a-w- C:WindowsSystem32wpcap.dll 2012-12-16 22:06:40 35344 ----a-w- C:WindowsSystem32driversnpf.sys 2012-12-16 22:06:40 106000 ----a-w- C:WindowsSystem32packet.dll 2012-12-16 22:06:32 -------- d-----w- C:Program Files (x86)NETGEAR Genie 2012-12-14 20:48:35 -------- d-----w- C:Program Files (x86)uTorrent 2012-12-13 11:57:59 478208 ----a-w- C:WindowsSystem32dpnet.dll 2012-12-13 11:57:59 376832 ----a-w- C:WindowsSysWow64dpnet.dll 2012-12-12 21:34:58 -------- d-----w- C:UsersOwnerAppDataRoamingatunes 2012-12-12 21:33:11 -------- d-----w- C:Program Files (x86)aTunes 2012-12-12 17:44:07 -------- d-----w- C:Program Files (x86)CheckPoint 2012-12-10 15:12:05 -------- d-----w- C:FRACTURE EXTRAS 2012-12-05 17:06:24 96224 ----a-w- C:Program Files (x86)Mozilla Firefoxwebapprt-stub.exe 2012-12-05 17:06:24 270816 ----a-w- C:Program Files (x86)Mozilla Firefoxupdater.exe 2012-12-05 17:06:24 157272 ----a-w- C:Program Files (x86)Mozilla Firefoxwebapp-uninstaller.exe 2012-12-05 17:06:23 73696 ----a-w- C:Program Files (x86)Mozilla Firefoxbreakpadinjector.dll . ==================== Find3M ==================== . 2012-12-12 17:57:05 697272 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe 2012-12-12 17:57:04 73656 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl 2012-11-22 03:26:40 3149824 ----a-w- C:WindowsSystem32win32k.sys 2012-11-15 01:50:36 96768 ----a-w- C:WindowsSysWow64sspicli.dll 2012-11-15 01:50:36 458712 ----a-w- C:WindowsSystem32driverscng.sys 2012-11-15 01:50:36 340992 ----a-w- C:WindowsSystem32schannel.dll 2012-11-15 01:50:36 307200 ----a-w- C:WindowsSystem32ncrypt.dll 2012-11-15 01:50:36 247808 ----a-w- C:WindowsSysWow64schannel.dll 2012-11-15 01:50:36 220160 ----a-w- C:WindowsSysWow64ncrypt.dll 2012-11-15 01:50:36 22016 ----a-w- C:WindowsSysWow64secur32.dll 2012-11-15 01:50:36 154480 ----a-w- C:WindowsSystem32driversksecpkg.sys 2012-11-15 01:50:36 1448448 ----a-w- C:WindowsSystem32lsasrv.dll 2012-11-15 01:49:36 514560 ----a-w- C:WindowsSysWow64qdvd.dll 2012-11-15 01:49:36 366592 ----a-w- C:WindowsSystem32qdvd.dll 2012-11-14 20:32:45 30568 ----a-w- C:WindowsSystem32driversavgtpx64.sys 2012-11-14 06:11:44 2312704 ----a-w- C:WindowsSystem32jscript9.dll 2012-11-14 06:04:11 1392128 ----a-w- C:WindowsSystem32wininet.dll 2012-11-14 06:02:49 1494528 ----a-w- C:WindowsSystem32inetcpl.cpl 2012-11-14 05:57:46 599040 ----a-w- C:WindowsSystem32vbscript.dll 2012-11-14 05:57:35 173056 ----a-w- C:WindowsSystem32ieUnatt.exe 2012-11-14 05:52:40 2382848 ----a-w- C:WindowsSystem32mshtml.tlb 2012-11-14 02:09:22 1800704 ----a-w- C:WindowsSysWow64jscript9.dll 2012-11-14 01:58:15 1427968 ----a-w- C:WindowsSysWow64inetcpl.cpl 2012-11-14 01:57:37 1129472 ----a-w- C:WindowsSysWow64wininet.dll 2012-11-14 01:49:25 142848 ----a-w- C:WindowsSysWow64ieUnatt.exe 2012-11-14 01:48:27 420864 ----a-w- C:WindowsSysWow64vbscript.dll 2012-11-14 01:44:42 2382848 ----a-w- C:WindowsSysWow64mshtml.tlb 2012-11-09 05:45:09 2048 ----a-w- C:WindowsSystem32tzres.dll 2012-11-09 04:42:49 2048 ----a-w- C:WindowsSysWow64tzres.dll 2012-11-01 18:31:08 40712 ----a-w- C:WindowsSystem32driverstaphss6.sys 2012-11-01 18:25:26 42248 ----a-w- C:WindowsSystem32drivershssdrv6.sys 2012-10-25 09:12:26 94208 ----a-w- C:WindowsSysWow64QuickTimeVR.qtx 2012-10-25 09:12:26 69632 ----a-w- C:WindowsSysWow64QuickTime.qts 2012-10-22 22:34:45 95208 ----a-w- C:WindowsSysWow64WindowsAccessBridge-32.dll 2012-10-22 22:34:35 821736 ----a-w- C:WindowsSysWow64npDeployJava1.dll 2012-10-22 22:34:35 746984 ----a-w- C:WindowsSysWow64deployJava1.dll 2012-10-16 08:38:37 135168 ----a-w- C:WindowsapppatchAppPatch64AcXtrnal.dll 2012-10-16 08:38:34 350208 ----a-w- C:WindowsapppatchAppPatch64AcLayers.dll 2012-10-16 07:39:52 561664 ----a-w- C:WindowsapppatchAcLayers.dll 2012-10-09 18:17:13 55296 ----a-w- C:WindowsSystem32dhcpcsvc6.dll 2012-10-09 18:17:13 226816 ----a-w- C:WindowsSystem32dhcpcore6.dll 2012-10-09 17:40:31 44032 ----a-w- C:WindowsSysWow64dhcpcsvc6.dll 2012-10-09 17:40:31 193536 ----a-w- C:WindowsSysWow64dhcpcore6.dll . ============= FINISH: 18:33:30.25 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: DeviceHarddiskVolume1 Install Date: 7/19/2012 4:23:32 AM System Uptime: 1/2/2013 1:04:52 AM (17 hours ago) . Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | RC512 Processor: Intel® Core i3-2310M CPU @ 2.10GHz | CPU 1 | 2100/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 586 GiB total, 52.694 GiB free. D: is CDROM () E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP146: 12/29/2012 12:00:02 AM - Scheduled Checkpoint RP147: 1/1/2013 11:36:55 AM - Windows Update . ==== Installed Programs ====================== . ???? ??? Windows Live ???? Windows Live ????? Messenger ????? Windows Live ?????? ??????? ?? Windows Live ???????? ?? Messenger ???????? ?????????? Windows Live ????????? Messenger ?????????? Windows Live ??????????? ?? Windows Live µTorrent Adobe AIR Adobe Download Assistant Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) Agatha Christie - Death on the Nile All Sound Recorder 1.78 „Messenger“ pagalbine priemone Angry Birds Space AnyDVD Apple Application Support Apple Software Update ASPCA Reminder by We-Care.com v4.1.17.1 Audacity 2.0 avast! Free Antivirus AVerMedia C039 USB Capture Card 10.2.64.51 AVS Update Manager 1.0 AVS Video Converter 8 AVS4YOU Software Navigator 1.4 „Windows Live Essentials“ „Windows Live Mail“ „Windows Live Messenger“ „Windows Live“ fotogalerija Bad Piggies BatteryLifeExtender Battle vs. Chess Bejeweled 2 Deluxe Best Buy pc app Bing Bar Bing Rewards Client Installer Brain Train Age V3.91 Brutal Chess Build-a-lot ChargeableUSB Chessmaster 9000 Chessmaster Grandmaster Edition Chuzzle Deluxe CloneDVD2 Codec Complemento Messenger Complément Messenger ConverterLite 1.6.1 CyberLink MediaShow CyberLink PhotoNow CyberLink Power2Go CyberLink PowerDirector CyberLink PowerDVD 12 CyberLink PowerProducer CyberLink YouCam D3DX10 Diner Dash 2 Restaurant Rescue Doplnok programu Messenger DVD Shrink 3.2 DVD Shrink version 4.1 DVDFab 8.2.1.5 (10/10/2012) Qt DVDneXtCOPYneXtTech DVDStyler v2.3 Easy Content Share Easy Display Manager Easy Migration Easy Network Manager Easy SpeedUp Manager EasyBatteryManager EasyFileShare ESET Online Scanner v3 ETDWare PS/2-X64 8.0.7.2_WHQL Farm Frenzy Fast Start File Association Manager 0.1 Fotogalerija Windows Live Free Sound Recorder v9.3.1 Galeria de Fotografias do Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live Galerie foto Windows Live Galería fotográfica de Windows Live GIMP 2.8.2 Graboid Video 3.28 iLivid Insaniquarium Deluxe Intel PROSet Wireless Intel WiMAX Tutorial Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® PROSet/Wireless WiFi Software Intel® Rapid Storage Technology Intel® Wireless Display Intel® PROSet/Wireless WiMAX Software Internet Download Manager Java 7 Update 9 Java Auto Updater John Deere Drive Green Junk Mail filter update Magic ISO Maker v5.4 (build 0239) MagicDisc 2.7.106 Malwarebytes Anti-Malware version 1.65.1.1000 MediaPlayerLite 0.4.1 Mesh Runtime Messenger-kumppani Messenger ??? ?? Messenger ???? Messenger ????? Messenger Assistent Messenger Companion Messenger kíséro Messenger Pratilac Messenger Suradnik Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Office 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Text-to-Speech Engine 4.0 (English) Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MindDabble Toolbar Movie Color Enhancer Mozilla Firefox 17.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Multimedia POP NaturalReaderFree NETGEAR Genie NVIDIA Control Panel 266.10 NVIDIA Graphics Driver 266.10 NVIDIA Install Application NVIDIA Optimus 1.0.11 NVIDIA Update Components Peggle Penguins! Pirate101 Plants vs. Zombies Poczta uslugi Windows Live Podstawowe programy Windows Live Polar Golfer Pomocnik Messenger Pošta Windows Live QuickTime Raccolta foto di Windows Live Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Renesas Electronics USB 3.0 Host Controller Driver S?????? f?t???af??? t?? Windows Live Samsung AnyWeb Print Samsung Recovery Solution 5 Samsung Support Center Samsung Universal Print Driver Samsung Universal Scan Driver Samsung Update Plus Search-Results Toolbar Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Skype™ 5.10 SlimDrivers Smart Defrag 2 Smart Driver Updater v3.0 SmartSound Quicktracks Plugin Spotify Spremljevalec Messenger SRS Premium Sound Control Panel The Ringtone Maker v5.2.9 Torch Ulead VideoStudio 10 Ulead VideoStudio SE DVD UMPlayer 0.98 [P4] Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) USB2.0 Grabber User Guide Vaudix VIO Player version 1.2 VLC media player 1.0.1 WildTangent Games WildTangent ORB Game Console Windows Live Windows Live ?? Windows Live ?? ??? Windows Live ??? Windows Live ???? Windows Live Communications Platform Windows Live Essentials Windows Live Fotótár Windows Live Foto-galerija Windows Live fotoattelu galerija Windows Live Fotogalerie Windows Live Fotogalleri Windows Live Fotogaléria Windows Live Fotograf Galerisi Windows Live Galeria de Fotos Windows Live Galerija fotografija Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Pošta Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Parçalar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennustyökalu Windows Liven sähköposti Windows Liven valokuvavalikoima WinPalace WinRAR 4.20 (64-bit) WinZip Driver Updater Xvid Video Codec ZoneAlarm LTD Toolbar Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 12/31/2012 7:02:15 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 12/28/2012 7:41:55 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 12/28/2012 6:27:23 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x000000000000002c, 0x0000000000000002, 0x0000000000000001, 0xfffff88005a8cbfe). A dump was saved in: C:WindowsMEMORY.DMP. Report Id: 122812-16645-01. 12/27/2012 3:24:49 PM, Error: volsnap [35] - The shadow copies of volume C: were aborted because the shadow copy storage failed to grow. 1/1/2013 3:48:08 PM, Error: Service Control Manager [7034] - The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 2 time(s). 1/1/2013 11:45:58 AM, Error: Service Control Manager [7034] - The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 1 time(s). . ==== End Of File =========================== Link to comment Share on other sites More sharing options...
JonTom Posted January 3, 2013 Share Posted January 3, 2013 Hello goofy1139 Thank you for the logs. It looks like there have been a number of infected programs downloaded onto this machine. Please work through the following steps Hold down the Windows key (has the Windows symbol on it) and press the "R" key. A Run box will open. Type in Notepad and press Enter then click on "OK"). NOTE: Do not Use Wordpad or any other text editor except Notepad or the script will fail. Copy and Paste the text in the quotebox below into the open Notepad window: File:: C:\New folder (2)\Geek Squad Backup 07.09.2012\Downloads\Programs\DownloadSetup.exe C:\New folder (2)\Geek Squad Backup 07.09.2012\Downloads\Programs\DropDownDealsSmartSetup.exe C:\New folder (2)\Geek Squad Backup 07.09.2012\Downloads\Programs\DropDownDealsSmartSetup_2.exe C:\New folder (2)\Geek Squad Backup 07.09.2012\Downloads\Programs\PageRageSetupAff.exe C:\New folder (2)\Geek Squad Backup 07.09.2012\Downloads\Programs\xvidsetup.exe C:\New folder (2)\Geek Squad Backup 07.09.2012\Downloads\Programs\xvidsetup_2.exe C:\Program Files (x86)\Zuxxez\Battle vs. Chess\SKIDROW.dll C:\Users\Owner\Audio Record Wizard 3.99 Inc Crack - Mast3r-.rar Save this as "CFScript.txt" (including the quotation marks), change the "Save as type" to "All Files" and save it to your desktop. Close any open browsers. Disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Refering to the picture below, drag CFScript.txt into ComboFix.exe When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply. Once the log is produced, re-engage your resident anti virus. Link to comment Share on other sites More sharing options...
JonTom Posted January 6, 2013 Share Posted January 6, 2013 Are you still with me goofy? Link to comment Share on other sites More sharing options...
.png.9d4b89b15b2cd5e65edd93a0e6823dce.png)
Recommended Posts