Jump to content

goofy1139

Members
  • Content Count

    31
  • Joined

  • Last visited

About goofy1139

  • Rank
    Member

Previous Fields

  • System Specifications:
    windows 7 home premium sp1, 64 bit os, 6 Gb ram I'm new to this so let me know if u need more info
  1. Thank You all that helped. I think everything is clean. My computer is running like it should and the internet problems are fixed also. Thank you for the tips to help keep my computer clean. You can close this thread. Thanks again.
  2. Hello CatByte, here is my OTL log All processes killed ========== OTL ========== Error: No service named avgtp was found to stop! ServiceDriver key avgtp not found. File C:WindowsSysNativedriversavgtpx64.sys not found. HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopesDefaultScope| /E : value set successfully! Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerSearchScopes{DB8B4161-865F-4162-8139-5CE827576E88} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{DB8B4161-865F-4162-8139-5CE827576E88} not found. Registry value HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{FFB96CC1-7EB3-449D-B827-DB661701C6BB} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{FFB96CC1-7EB3-449D-B827-DB661701C6BB} not found. File C:Program FilesCheckPointZAForceFieldWOW64TrustChecker not found. Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{11111111-1111-1111-1111-110211181104} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{11111111-1111-1111-1111-110211181104} not found. Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar10 not found. Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbarLocked not found. Registry value HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} not found. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:UsersOwnerDownloadsProgramscmd.bat deleted successfully. C:UsersOwnerDownloadsProgramscmd.txt deleted successfully. ========== COMMANDS ========== C:WindowsSystem32driversetcHosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Owner ->Temp folder emptied: 20477790 bytes ->Temporary Internet Files folder emptied: 7087585 bytes ->Java cache emptied: 227543 bytes ->FireFox cache emptied: 302774981 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 12250 bytes User: Public ->Temp folder emptied: 0 bytes User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%System32 .tmp files removed: 0 bytes %systemroot%System32 (64bit) .tmp files removed: 0 bytes %systemroot%System32drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 22775230 bytes %systemroot%sysnativeconfigsystemprofileAppDataLocalMicrosoftWindowsTemporary Internet Files folder emptied: 50199 bytes RecycleBin emptied: 70602677 bytes Total Files Cleaned = 404.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 01112013_123953 FilesFolders moved on Reboot... C:UsersOwnerAppDataLocalTempFXSAPIDebugLogFile.txt moved successfully. File move failed. C:Windowstemp_avast_Webshlock.txt scheduled to be moved on reboot. File move failed. C:WindowstempCLDigitalHomeCLMS_AGENT_LOG1.txt scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot... Thank you for the help
  3. Hello CatByte The internet does not redirect any more and my compuer running fine. Here is the OTL log... OTL logfile created on: 1/9/2013 6:07:12 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:UsersOwnerDownloadsPrograms 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 5.91 Gb Total Physical Memory | 4.21 Gb Available Physical Memory | 71.11% Memory free 11.83 Gb Paging File | 9.98 Gb Available in Paging File | 84.42% Paging File free Paging file location(s): ?:pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86) Drive C: | 586.07 Gb Total Space | 78.76 Gb Free Space | 13.44% Space Free | Partition Type: NTFS Drive E: | 4.16 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/01/09 18:03:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:UsersOwnerDownloadsProgramsOTL.exe PRC - [2012/12/20 15:58:21 | 006,750,448 | ---- | M] (SlySoft, Inc.) -- C:Program Files (x86)SlySoftAnyDVDAnyDVDtray.exe PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe PRC - [2012/10/30 17:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:Program FilesAVAST SoftwareAvastAvastUI.exe PRC - [2012/10/30 17:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:Program FilesAVAST SoftwareAvastAvastSvc.exe PRC - [2012/10/28 08:16:34 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:UsersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe PRC - [2012/10/16 07:54:22 | 001,041,736 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinNETGEARGenie.exe PRC - [2012/09/25 00:06:14 | 000,122,696 | ---- | M] () -- C:Program Files (x86)NETGEAR Geniebingenie2_tray.exe PRC - [2012/09/19 01:45:40 | 000,505,872 | ---- | M] (CyberLink) -- C:Program Files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe PRC - [2012/09/19 01:45:35 | 000,374,560 | ---- | M] (CyberLink Corp.) -- C:Program Files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe PRC - [2012/09/19 01:45:35 | 000,295,440 | ---- | M] (CyberLink) -- C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe PRC - [2012/09/19 01:45:30 | 000,078,352 | ---- | M] (CyberLink) -- C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe PRC - [2012/09/19 01:45:12 | 000,090,640 | ---- | M] (CyberLink Corp.) -- C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe PRC - [2012/09/06 10:06:42 | 001,607,552 | ---- | M] (IObit) -- C:Program Files (x86)IObitSmart Defrag 2SmartDefrag.exe PRC - [2012/08/31 21:21:41 | 003,528,128 | ---- | M] (Tonec Inc.) -- C:Program Files (x86)Internet Download ManagerIDMan.exe PRC - [2012/07/27 14:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe PRC - [2012/02/10 12:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:Program Files (x86)MicrosoftBingBar7.1.361.0SeaPort.EXE PRC - [2012/02/10 12:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:Program Files (x86)MicrosoftBingBar7.1.361.0BBSvc.EXE PRC - [2010/12/17 01:28:20 | 000,943,984 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:Program Files (x86)SamsungEasy Display Managerdmhkcore.exe PRC - [2010/12/14 17:01:16 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:Program Files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe PRC - [2010/12/06 05:44:28 | 007,058,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:Program Files (x86)SamsungEasy Display ManagerWifiManager.exe PRC - [2010/11/28 23:42:38 | 000,775,848 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:Program Files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe PRC - [2010/11/23 01:07:20 | 001,755,504 | ---- | M] (SAMSUNG Electronics) -- C:Program Files (x86)SamsungSamsung Support CenterSSCKbdHk.exe PRC - [2010/11/22 16:50:26 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:WindowsSysWOW64nlssrv32.exe PRC - [2010/11/17 02:24:54 | 004,387,632 | ---- | M] (SEC) -- C:Program Files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe PRC - [2010/11/10 02:03:52 | 000,136,488 | ---- | M] (CyberLink) -- C:Program Files (x86)CyberLinkYouCamYCMMirage.exe PRC - [2010/10/05 23:08:46 | 002,655,768 | ---- | M] (Intel Corporation) -- C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe PRC - [2010/10/05 23:08:42 | 000,325,656 | ---- | M] (Intel Corporation) -- C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe PRC - [2010/08/26 19:52:12 | 002,782,064 | ---- | M] (Samsung Electronics) -- C:Program Files (x86)SamsungSamsung Update PlusSUPBackground.exe PRC - [2010/06/07 21:15:42 | 000,618,496 | ---- | M] () -- C:WindowsSamsungPanelMgrSSMMgr.exe PRC - [2010/05/25 06:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:Program Files (x86)Internet Download ManagerIEMonitor.exe PRC - [2010/02/10 08:29:52 | 000,719,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:Program Files (x86)SamsungEasySpeedUpManagerEasySpeedUpManager.exe PRC - [2009/11/01 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe PRC - [2009/02/23 18:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:Program Files (x86)MagicDiscMagicDisc.exe PRC - [2006/09/28 03:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:Program Files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe ========== Modules (No Company Name) ========== MOD - [2012/10/16 19:41:00 | 003,775,488 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinGeniePlugin_Map.dll MOD - [2012/10/16 07:54:22 | 001,041,736 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinNETGEARGenie.exe MOD - [2012/10/11 18:57:28 | 008,295,424 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinGeniePlugin_Resource.dll MOD - [2012/10/11 18:57:28 | 001,553,408 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinSvtNetworkTool.dll MOD - [2012/10/11 18:57:28 | 001,188,352 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinGeniePlugin_RouterConfiguration.dll MOD - [2012/10/11 18:57:28 | 001,132,032 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinGeniePlugin_ParentalControl.dll MOD - [2012/10/11 18:57:28 | 001,062,400 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinGeniePlugin_Internet.dll MOD - [2012/10/11 18:57:28 | 000,920,064 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinGeniePlugin_Ui.dll MOD - [2012/10/11 18:57:28 | 000,702,464 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinInnerPlugin_Update.dll MOD - [2012/10/11 18:57:28 | 000,641,536 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinGeniePlugin_Statistics.dll MOD - [2012/10/11 18:57:28 | 000,504,832 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinInnerPlugin_WirelessExport.dll MOD - [2012/10/11 18:57:28 | 000,500,736 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinGeniePlugin_NetworkProblem.dll MOD - [2012/10/11 18:57:28 | 000,478,720 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinGenie.dll MOD - [2012/10/11 18:57:28 | 000,438,272 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinGeniePlugin_Wireless.dll MOD - [2012/10/11 18:57:28 | 000,229,888 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinGeniePlugin_Airprint.dll MOD - [2012/10/11 18:57:28 | 000,186,368 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinDragonNetTool.dll MOD - [2012/10/11 18:57:28 | 000,150,528 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinDiagnoseDll.dll MOD - [2012/10/11 18:57:28 | 000,138,752 | ---- | M] () -- C:Program Files (x86)NETGEAR Geniebinairprintdll.dll MOD - [2012/10/11 18:57:28 | 000,136,704 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinDiagnosePlugin.dll MOD - [2012/10/11 18:57:28 | 000,116,224 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinWSetupApiPlugin.dll MOD - [2012/10/11 18:57:28 | 000,088,064 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinQRCode.dll MOD - [2012/10/11 18:57:28 | 000,083,968 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinNetcardApi.dll MOD - [2012/10/11 18:57:28 | 000,082,432 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinSVTUtils.dll MOD - [2012/10/11 18:57:28 | 000,076,288 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinWSetupDll.dll MOD - [2012/09/25 00:06:14 | 000,122,696 | ---- | M] () -- C:Program Files (x86)NETGEAR Geniebingenie2_tray.exe MOD - [2012/05/11 00:24:16 | 009,814,016 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinQtGui4.dll MOD - [2012/05/11 00:24:16 | 002,537,472 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinQtCore4.dll MOD - [2012/05/11 00:24:16 | 001,140,224 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinQtNetwork4.dll MOD - [2012/05/11 00:24:16 | 000,399,360 | ---- | M] () -- C:Program Files (x86)NETGEAR GeniebinQtXml4.dll MOD - [2012/05/11 00:24:16 | 000,287,232 | ---- | M] () -- C:Program Files (x86)NETGEAR Geniebinimageformatsqjpeg4.dll MOD - [2012/05/11 00:24:16 | 000,083,456 | ---- | M] () -- C:Program Files (x86)NETGEAR Geniebinimageformatsqico4.dll MOD - [2012/05/11 00:24:16 | 000,083,456 | ---- | M] () -- C:Program Files (x86)NETGEAR Geniebinimageformatsqgif4.dll MOD - [2012/05/09 20:34:06 | 000,043,008 | ---- | M] () -- C:Program Files (x86)NETGEAR Geniebinlibgcc_s_dw2-1.dll MOD - [2012/05/09 20:34:06 | 000,011,362 | ---- | M] () -- C:Program Files (x86)NETGEAR Geniebinmingwm10.dll MOD - [2011/08/23 20:39:11 | 000,655,360 | ---- | M] () -- C:Program Files (x86)CyberLinkPowerDVD12CommonKoan_ssl.pyd MOD - [2011/08/23 20:39:11 | 000,081,920 | ---- | M] () -- C:Program Files (x86)CyberLinkPowerDVD12CommonKoan_ctypes.pyd MOD - [2011/08/23 20:39:11 | 000,053,248 | ---- | M] () -- C:Program Files (x86)CyberLinkPowerDVD12CommonKoan_socket.pyd MOD - [2011/08/19 15:33:28 | 000,047,960 | ---- | M] () -- C:Program Files (x86)IObitSmart Defrag 2NtfsData.dll MOD - [2010/07/05 04:42:58 | 000,203,776 | ---- | M] () -- C:Program Files (x86)SamsungMovie Color EnhancerWinCRT.dll MOD - [2010/06/07 21:15:42 | 000,618,496 | ---- | M] () -- C:WindowsSamsungPanelMgrSSMMgr.exe MOD - [2010/05/07 08:22:18 | 001,636,864 | ---- | M] () -- C:Program Files (x86)SamsungSamsung Recovery Solution 5Resdll.dll MOD - [2009/11/01 23:23:36 | 000,013,096 | ---- | M] () -- C:Program Files (x86)CyberLinkPower2GoCLMLSvcPS.dll MOD - [2009/11/01 23:20:10 | 000,619,816 | ---- | M] () -- C:Program Files (x86)CyberLinkPower2GoCLMediaLibrary.dll MOD - [2006/08/11 21:48:40 | 000,049,152 | ---- | M] () -- C:Program Files (x86)SamsungEasy Display ManagerHookDllPS2.dll ========== Services (SafeList) ========== SRV:64bit: - [2012/10/30 17:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:Program FilesAVAST SoftwareAvastAvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2011/06/06 17:14:14 | 000,498,688 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:Program FilesIntelWiMAXBinDMAgent.exe -- (DMAgent) SRV:64bit: - [2011/06/06 17:09:36 | 000,986,112 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:Program FilesIntelWiMAXBinAppSrv.exe -- (WiMAXAppSrv) SRV:64bit: - [2011/01/04 22:41:38 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:Program FilesIntelWiFibinEvtEng.exe -- (EvtEng) SRV:64bit: - [2011/01/04 22:28:50 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:Program FilesIntelWiFibinPanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2011/01/04 22:26:56 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe -- (RegSrvc) SRV:64bit: - [2010/09/22 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:Program FilesWindows LiveMeshwlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010/08/09 13:04:12 | 000,166,704 | ---- | M] (Samsung Electronics CO., LTD.) [On_Demand | Stopped] -- C:WindowsSysNativeSUPDSvc.exe -- (Samsung UPD Service) SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:Program FilesWindows DefenderMpSvc.dll -- (WinDefend) SRV - [2013/01/09 13:57:36 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe -- (MBAMService) SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe -- (MBAMScheduler) SRV - [2012/11/29 02:27:36 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/09/25 00:06:14 | 000,231,752 | ---- | M] (NETGEAR) [Auto | Running] -- C:Program Files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe -- (NETGEARGenieDaemon) SRV - [2012/09/19 01:45:35 | 000,295,440 | ---- | M] (CyberLink) [Auto | Running] -- C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service) SRV - [2012/09/19 01:45:30 | 000,078,352 | ---- | M] (CyberLink) [Auto | Running] -- C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service) SRV - [2012/09/19 01:45:12 | 000,090,640 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12) SRV - [2012/07/27 14:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe -- (AdobeARMservice) SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:Program Files (x86)SkypeUpdaterUpdater.exe -- (SkypeUpdate) SRV - [2012/02/10 12:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:Program Files (x86)MicrosoftBingBar7.1.361.0SeaPort.EXE -- (BBUpdate) SRV - [2012/02/10 12:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:Program Files (x86)MicrosoftBingBar7.1.361.0BBSvc.EXE -- (BBSvc) SRV - [2010/12/14 17:01:16 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:Program Files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe -- (nvUpdatusService) SRV - [2010/11/22 16:50:26 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:WindowsSysWOW64nlssrv32.exe -- (nlsX86cc) SRV - [2010/10/05 23:08:46 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe -- (UNS) SRV - [2010/10/05 23:08:42 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe -- (LMS) SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:WindowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2006/09/28 03:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:Program Files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe -- (UleadBurningHelper) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/12/16 16:06:40 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversnpf.sys -- (NPF) DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:WindowsSysNativedriversmbam.sys -- (MBAMProtector) DRV:64bit: - [2012/11/14 19:51:27 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversTsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/11/14 19:51:27 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversrdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/11/14 14:32:45 | 000,030,568 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:WindowsSysNativedriversavgtpx64.sys -- (avgtp) DRV:64bit: - [2012/11/01 12:31:08 | 000,040,712 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriverstaphss6.sys -- (taphss6) DRV:64bit: - [2012/10/30 17:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:WindowsSysNativedriversaswTdi.sys -- (aswTdi) DRV:64bit: - [2012/10/30 17:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:WindowsSysNativedriversaswSnx.sys -- (aswSnx) DRV:64bit: - [2012/10/30 17:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:WindowsSysNativedriversaswSP.sys -- (aswSP) DRV:64bit: - [2012/10/30 17:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:WindowsSysNativedriversaswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012/10/30 17:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:WindowsSysNativedriversaswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012/10/15 10:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:WindowsSysNativedriversaswRdr2.sys -- (aswRdr) DRV:64bit: - [2012/08/26 06:56:21 | 000,138,400 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversAnyDVD.sys -- (AnyDVD) DRV:64bit: - [2012/08/01 18:23:14 | 000,158,944 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:WindowsSysNativedriversidmwfp.sys -- (IDMWFP) DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:WindowsSysNativedriversfs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/06/10 15:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversRt64win7.sys -- (RTL8167) DRV:64bit: - [2011/05/19 14:25:10 | 000,182,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversbpmp.sys -- (bpmp) DRV:64bit: - [2011/05/19 14:25:04 | 000,083,968 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversbpusb.sys -- (bpusb) DRV:64bit: - [2011/05/19 14:25:00 | 000,084,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversbpenum.sys -- (bpenum) DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversamdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:WindowsSysNativedriversamdxata.sys -- (amdxata) DRV:64bit: - [2011/01/03 23:47:50 | 000,534,144 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversAVerPola.sys -- (AVerPola) DRV:64bit: - [2011/01/03 20:29:46 | 008,507,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversNETwNs64.sys -- (NETwNs64) DRV:64bit: - [2010/12/16 16:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:WindowsSysNativedriversElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2010/12/14 17:01:14 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:WindowsSysNativedriversnvpciflt.sys -- (nvpciflt) DRV:64bit: - [2010/11/30 14:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversWDKMD.sys -- (wdkmd) DRV:64bit: - [2010/11/28 23:23:16 | 012,252,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversigdkmd64.sys -- (igfx) DRV:64bit: - [2010/11/26 17:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:WindowsSysNativedriversSmartDefragDriver.sys -- (SmartDefragDriver) DRV:64bit: - [2010/11/20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversHpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/12 16:23:38 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversETD.sys -- (ETD) DRV:64bit: - [2010/11/10 02:04:14 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversclwvd.sys -- (clwvd) DRV:64bit: - [2010/10/15 02:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversIntcDAud.sys -- (IntcDAud) DRV:64bit: - [2010/10/11 16:26:20 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversnusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010/10/11 16:26:20 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversnusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010/09/21 11:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversHECIx64.sys -- (MEIx64) DRV:64bit: - [2010/09/13 03:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:WindowsSysNativedriversiaStor.sys -- (iaStor) DRV:64bit: - [2010/04/16 14:59:40 | 001,816,968 | ---- | M] (Syntek) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversStkCMini.sys -- (StkCMini) DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversamdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriverslsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversstexstor.sys -- (stexstor) DRV:64bit: - [2009/07/13 18:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversserscan.sys -- (StillCam) DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversevbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversbxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversb57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedrivershcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/28 00:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:WindowsSysNativedriversSABI.sys -- (SABI) DRV:64bit: - [2009/02/24 17:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversmcdbus.sys -- (mcdbus) DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriverswdcsam64.sys -- (WDC_SAM) DRV - [2012/09/19 16:12:50 | 000,147,704 | ---- | M] (CyberLink Corp.) [2012/11/09 08:34:12] [Kernel | Auto | Running] -- C:Program Files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl -- ({73526619-C24F-470B-9BED-53D455FBB5C6}) DRV - [2012/08/26 06:56:21 | 000,138,400 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysWOW64driversAnyDVD.sys -- (AnyDVD) DRV - [2012/06/20 03:35:49 | 000,083,704 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys -- (ntk_PowerDVD12) DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:WindowsSysWOW64driverswimmount.sys -- (WIMMount) DRV - [2009/02/24 17:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysWOW64driversmcdbus.sys -- (mcdbus) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM..SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE:64bit: - HKLM..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM..SearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=287&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=5893014922044063&q={searchTerms} IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://samsung.msn.com IE - HKLM..SearchScopes,DefaultScope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a} IE - HKLM..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox IE - HKCU..SearchScopes,DefaultScope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a} IE - HKCU..SearchScopes{BDD321B6-193A-4A6B-A236-289EC8CBD792}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=642886&p={searchTerms} IE - HKCU..SearchScopes{DB8B4161-865F-4162-8139-5CE827576E88}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2704262 IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: 2vffxtbr%40DailyBibleGuide.com:2.50.0.59174 FF - prefs.js..extensions.enabledAddons: %7B2a26ebf1-72d8-4964-9995-ec90896e049e%7D:2.1 FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:2.5.1.20121012015120 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - user.js - File not found FF:64bit: - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:Windowssystem32MacromedFlashNPSWF64_11_5_502_146.dll File not found FF:64bit: - HKLMSoftwareMozillaPlugins@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLMSoftwareMozillaPlugins@Microsoft.com/NpCtrl,version=1.0: c:Program FilesMicrosoft Silverlight5.1.10411.0npctrl.dll ( Microsoft Corporation) FF - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:WindowsSysWOW64MacromedFlashNPSWF32_11_5_502_146.dll () FF - HKLMSoftwareMozillaPlugins@APlusGamer_63.com/Plugin: C:Program Files (x86)APlusGamer_63bar1.binNP63Stub.dll File not found FF - HKLMSoftwareMozillaPlugins@checkpoint.com/FFApi: C:Program FilesCheckPointZAForceFieldWOW64TrustCheckerbinnpFFApi.dll File not found FF - HKLMSoftwareMozillaPlugins@java.com/DTPlugin,version=10.9.2: C:WindowsSysWOW64npDeployJava1.dll (Oracle Corporation) FF - HKLMSoftwareMozillaPlugins@java.com/JavaPlugin,version=10.9.2: C:Program Files (x86)Javajre7binplugin2npjp2.dll (Oracle Corporation) FF - HKLMSoftwareMozillaPlugins@meadco.com/neptune plugin,version=2.0.0.29: C:PROGRA~2MEADCO~1npmeadax.dll (MeadCo Corp.) FF - HKLMSoftwareMozillaPlugins@microsoft.com/GENUINE: disabled File not found FF - HKLMSoftwareMozillaPlugins@Microsoft.com/NpCtrl,version=1.0: c:Program Files (x86)Microsoft Silverlight5.1.10411.0npctrl.dll ( Microsoft Corporation) FF - HKLMSoftwareMozillaPlugins@microsoft.com/WLPG,version=15.4.3502.0922: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation) FF - HKLMSoftwareMozillaPlugins@microsoft.com/WLPG,version=15.4.3508.1109: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation) FF - HKLMSoftwareMozillaPlugins@MindDabble_4p.com/Plugin: C:Program Files (x86)MindDabble_4pbar2.binNP4pStub.dll File not found FF - HKLMSoftwareMozillaPluginsAdobe Reader: C:Program Files (x86)AdobeReader 10.0ReaderAIRnppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions63ffxtbr@APlusGamer_63.com: C:Program Files (x86)APlusGamer_63bar1.bin FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions4pffxtbr@MindDabble_4p.com: C:Program Files (x86)MindDabble_4pbar2.bin FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:Program FilesCheckPointZAForceFieldWOW64TrustChecker FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensionswrc@avast.com: C:Program FilesAVAST SoftwareAvastWebRepFF [2012/12/16 16:46:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensionssmartwebprinting@hp.com: C:Program Files (x86)HPDigital ImagingSmart Web PrintingMozillaAddOn3 [2013/01/04 11:34:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 17.0.1extensionsComponents: C:Program Files (x86)Mozilla Firefoxcomponents [2012/12/05 11:06:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 17.0.1extensionsPlugins: C:Program Files (x86)Mozilla Firefoxplugins FF - HKEY_CURRENT_USERsoftwaremozillaFirefoxExtensionsmozilla_cc@internetdownloadmanager.com: C:UsersOwnerAppDataRoamingIDMidmmzcc5 [2012/09/02 08:29:32 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USERsoftwaremozillaFirefoxExtensionssmartwebprinting@hp.com: C:Program Files (x86)HPDigital ImagingSmart Web PrintingMozillaAddOn3 [2013/01/04 11:34:33 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USERsoftwaremozillaSeaMonkeyExtensionsmozilla_cc@internetdownloadmanager.com: C:UsersOwnerAppDataRoamingIDMidmmzcc5 [2012/09/02 08:29:32 | 000,000,000 | ---D | M] [2012/12/25 11:28:08 | 000,000,000 | ---D | M] (No name found) -- C:UsersOwnerAppDataRoamingMozillaExtensions [2013/01/08 11:43:53 | 000,000,000 | ---D | M] (No name found) -- C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions [2012/10/09 06:27:09 | 000,000,000 | ---D | M] (GoodApp) -- C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions{2a26ebf1-72d8-4964-9995-ec90896e049e} [2012/10/22 16:37:01 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012/11/06 15:56:05 | 000,000,000 | ---D | M] (DailyBibleGuide) -- C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions2vffxtbr@DailyBibleGuide.com [2012/12/26 16:27:35 | 000,000,000 | ---D | M] (MindDabble) -- C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com [2012/11/12 13:25:33 | 000,000,000 | ---D | M] (APlusGamer) -- C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com [2012/11/28 14:35:31 | 000,233,909 | ---- | M] () (No name found) -- C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions122c5ff6ff5c11e0948812313d1adcbe@jetpack.xpi [2011/10/04 09:09:42 | 000,000,000 | ---- | M] () (No name found) -- C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions{2a26ebf1-72d8-4964-9995-ec90896e049e}forxpi.dat [2012/12/14 14:56:55 | 000,001,066 | ---- | M] () -- C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultsearchpluginsutorrentcontrolv2-customized-web-search.xml [2013/01/08 13:47:08 | 000,000,000 | ---D | M] (No name found) -- C:Program Files (x86)Mozilla Firefoxextensions [2012/11/29 02:27:51 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:Program Files (x86)mozilla firefoxcomponentsbrowsercomps.dll [2012/11/29 02:27:12 | 000,002,465 | ---- | M] () -- C:Program Files (x86)mozilla firefoxsearchpluginsbing.xml [2012/11/29 02:27:12 | 000,002,058 | ---- | M] () -- C:Program Files (x86)mozilla firefoxsearchpluginstwitter.xml ========== Chrome ========== CHR - Extension: No name found = C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsicdlfehblmklkikfigmjhbmmpmkmpooj1.1_0 CHR - Extension: No name found = C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsicmlaeflemplmjndnaapfdbbnpncnbda7.0.1466_0 CHR - Extension: No name found = C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsmhkaekfpcppmmioggniknbnbdbcigpkk2.2_0 CHR - Extension: No name found = C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsmhkaekfpcppmmioggniknbnbdbcigpkk2.3_0 O1 HOSTS File: ([2013/01/07 20:23:36 | 000,000,027 | ---- | M]) - C:WindowsSysNativedriversetchosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program Files (x86)Internet Download ManagerIDMIECC64.dll (Internet Download Manager, Tonec Inc.) O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll (AVAST Software) O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program Files (x86)Internet Download ManagerIDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (Coupon Companion Plugin) - {11111111-1111-1111-1111-110211181104} - C:Program Files (x86)Coupon Companion PluginCoupon Companion Plugin.dll File not found O2 - BHO: (SelectionLinksBHO Class) - {300BEC06-B743-4D19-86B9-11DC711D7FFB} - C:Program Files (x86)OAppsSelectionLinks.dll File not found O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll (AVAST Software) O2 - BHO: (W2PBrowser Class) - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:Program FilesSamsung AnyWeb PrintW2PBrowser.dll () O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:Program Files (x86)MicrosoftBingBar7.1.361.0BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll (Oracle Corporation) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:Program Files (x86)Yahoo!CompanionInstallscpnYTSingleInstance.dll (Yahoo! Inc) O3:64bit: - HKLM..Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll (AVAST Software) O3 - HKLM..Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:Program Files (x86)MicrosoftBingBar7.1.361.0BingExt.dll (Microsoft Corporation.) O3 - HKLM..Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll (AVAST Software) O3 - HKLM..Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM..Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU..ToolbarWebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4:64bit: - HKLM..Run: [ETDCtrl] C:Program FilesElantechETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..Run: [HotKeysCmds] C:WindowsSysNativehkcmd.exe (Intel Corporation) O4:64bit: - HKLM..Run: [igfxTray] C:WindowsSysNativeigfxtray.exe (Intel Corporation) O4:64bit: - HKLM..Run: [intelWireless] C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe (Intel® Corporation) O4:64bit: - HKLM..Run: [intelWirelessWiMAX] C:Program FilesIntelWiMAXBinWiMAXCU.exe (Intel® Corporation) O4:64bit: - HKLM..Run: [Persistence] C:WindowsSysNativeigfxpers.exe (Intel Corporation) O4:64bit: - HKLM..Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..Run: [APSDaemon] C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe (Apple Inc.) O4 - HKLM..Run: [avast] C:Program FilesAVAST SoftwareAvastavastUI.exe (AVAST Software) O4 - HKLM..Run: [CLMLServer] C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe (CyberLink) O4 - HKLM..Run: [PowerDVD12Agent] C:Program Files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe (CyberLink Corp.) O4 - HKLM..Run: [PowerDVD12DMREngine] C:Program Files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe (CyberLink) O4 - HKLM..Run: [samsung PanelMgr] C:WindowsSamsungPanelMgrSSMMgr.exe () O4 - HKLM..Run: [updatePPShortCut] C:Program Files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..Run: [uVS10 Preload] C:Program Files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe (Ulead Systems, Inc.) O4 - HKCU..Run: [AnyDVD] C:Program Files (x86)SlySoftAnyDVDAnyDVDtray.exe (SlySoft, Inc.) O4 - HKCU..Run: [iDMan] C:Program Files (x86)Internet Download ManagerIDMan.exe (Tonec Inc.) O4 - HKCU..Run: [NETGEARGenie] C:Program Files (x86)NETGEAR GeniebinNETGEARGenie.exe () O4 - HKCU..Run: [spotify Web Helper] C:UsersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe (Spotify Ltd) O4 - HKCU..Run: [Xvid] C:Program Files (x86)XvidCheckUpdate.exe () O4 - Startup: C:UsersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMagicDisc.lnk = C:Program Files (x86)MagicDiscMagicDisc.exe (MagicISO, Inc.) O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0 O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorAdmin = 5 O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorUser = 3 O7 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDesktopCleanupWizard = 1 O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0 O8:64bit: - Extra context menu item: Download all links with IDM - C:Program Files (x86)Internet Download ManagerIEGetAll.htm () O8:64bit: - Extra context menu item: Download with IDM - C:Program Files (x86)Internet Download ManagerIEExt.htm () O8 - Extra context menu item: Download all links with IDM - C:Program Files (x86)Internet Download ManagerIEGetAll.htm () O8 - Extra context menu item: Download with IDM - C:Program Files (x86)Internet Download ManagerIEExt.htm () O9 - Extra Button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:Program FilesSamsung AnyWeb PrintW2PBrowser.dll () O13 - gopher Prefix: missing O16:64bit: - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility) O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll (PCPitstop AntiVirus) O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1 O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{EF589019-EF09-4585-8068-B38719BE845F}: DhcpNameServer = 192.168.1.1 O18:64bit: - ProtocolHandlerlivecall - No CLSID value found O18:64bit: - ProtocolHandlermsnim - No CLSID value found O18:64bit: - ProtocolHandlerskype4com - No CLSID value found O18:64bit: - ProtocolHandlerwlmailhtml - No CLSID value found O18:64bit: - ProtocolHandlerwlpg - No CLSID value found O18 - ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:WindowsSysWOW64nvinit.dll) - C:WindowsSysWOW64nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:Windowsexplorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:Windowssystem32userinit.exe) - C:WindowsSysNativeuserinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:WindowsSysWow64explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:Windowssystem32userinit.exe) - C:WindowsSysWOW64userinit.exe (Microsoft Corporation) O20:64bit: - WinlogonNotifyigfxcui: DllName - (igfxdev.dll) - C:WindowsSysNativeigfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM..comfile [open] -- "%1" %* O35:64bit: - HKLM..exefile [open] -- "%1" %* O35 - HKLM..comfile [open] -- "%1" %* O35 - HKLM..exefile [open] -- "%1" %* O37:64bit: - HKLM...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM...exe [@ = exefile] -- "%1" %* O37 - HKLM...com [@ = ComFile] -- "%1" %* O37 - HKLM...exe [@ = exefile] -- "%1" %* O38 - SubSystemsWindows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystemsWindows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystemsWindows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/01/08 08:56:43 | 000,032,600 | ---- | C] (IObit) -- C:WindowsSysNativeSmartDefragBootTime.exe [2013/01/07 20:23:45 | 000,000,000 | ---D | C] -- C:$RECYCLE.BIN [2013/01/07 19:40:45 | 000,000,000 | ---D | C] -- C:ComboFix [2013/01/07 09:26:42 | 000,000,000 | ---D | C] -- C:UsersOwnerAppDataLocalPrograms [2013/01/05 11:43:03 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsWBFS to ISO [2013/01/05 11:43:02 | 000,000,000 | ---D | C] -- C:Program Files (x86)WBFS to ISO [2013/01/04 11:34:48 | 000,000,000 | ---D | C] -- C:ProgramDataYahoo! Companion [2013/01/04 11:34:48 | 000,000,000 | ---D | C] -- C:UsersOwnerAppDataRoamingYahoo! [2013/01/04 11:34:47 | 000,000,000 | ---D | C] -- C:Program Files (x86)Yahoo! [2013/01/04 11:33:28 | 000,000,000 | ---D | C] -- C:ProgramDataHP Product Assistant [2013/01/04 11:33:16 | 000,000,000 | ---D | C] -- C:WindowsSysWow64spool [2013/01/04 11:32:43 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsHP [2013/01/04 11:32:26 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesHP [2013/01/04 11:32:25 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesHewlett-Packard [2013/01/04 11:32:18 | 000,000,000 | ---D | C] -- C:Windowshpoj4500g510a-f [2013/01/04 11:32:03 | 000,000,000 | ---D | C] -- C:Config.Msi [2013/01/04 11:31:56 | 000,000,000 | ---D | C] -- C:Program Files (x86)HP [2013/01/04 11:29:13 | 000,000,000 | ---D | C] -- C:ProgramDataHP [2013/01/02 13:47:18 | 000,000,000 | ---D | C] -- C:Program Files (x86)ESET [2013/01/01 10:08:57 | 000,000,000 | ---D | C] -- C:UsersOwnerDesktopbnl [2012/12/29 07:40:31 | 000,000,000 | ---D | C] -- C:UsersOwnerDesktopmark viris [2012/12/28 09:33:46 | 000,000,000 | ---D | C] -- C:Hugo extras [2012/12/25 20:31:41 | 000,000,000 | ---D | C] -- C:UsersOwnerAppDataRoamingMedia Player Lite [2012/12/25 20:28:14 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsFile Association Manager [2012/12/25 20:28:05 | 000,000,000 | ---D | C] -- C:UsersOwnerAppDataRoamingFileAssociationManager [2012/12/25 20:28:01 | 000,000,000 | ---D | C] -- C:Program Files (x86)FileAssociationManager [2012/12/25 20:27:58 | 000,000,000 | ---D | C] -- C:UsersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsMediaPlayerLite [2012/12/25 20:27:58 | 000,000,000 | ---D | C] -- C:Program Files (x86)MediaPlayerLite [2012/12/25 18:57:17 | 000,000,000 | ---D | C] -- C:toolbarImages [2012/12/25 13:54:23 | 000,000,000 | ---D | C] -- C:ProgramDataBrowser Manager [2012/12/25 11:28:45 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativemsvcr100.dll [2012/12/25 11:28:12 | 000,000,000 | ---D | C] -- C:ProgramDataWincert [2012/12/23 11:43:36 | 000,000,000 | ---D | C] -- C:ted dvd files [2012/12/21 12:33:07 | 000,000,000 | ---D | C] -- C:UsersOwnerAppDataRoamingdvdcss [2012/12/21 03:00:35 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:WindowsSysNativeatmfd.dll [2012/12/21 03:00:35 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:WindowsSysWow64atmfd.dll [2012/12/21 03:00:35 | 000,046,080 | ---- | C] (Adobe Systems) -- C:WindowsSysNativeatmlib.dll [2012/12/21 03:00:35 | 000,034,304 | ---- | C] (Adobe Systems) -- C:WindowsSysWow64atmlib.dll [2012/12/20 07:39:17 | 000,000,000 | ---D | C] -- C:UsersOwnerDesktopWITLESS_PROTECTION [2012/12/19 19:43:40 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:UsersOwnerDesktopTFC.exe [2012/12/16 16:46:35 | 000,370,288 | ---- | C] (AVAST Software) -- C:WindowsSysNativedriversaswSP.sys [2012/12/16 16:46:35 | 000,025,232 | ---- | C] (AVAST Software) -- C:WindowsSysNativedriversaswFsBlk.sys [2012/12/16 16:46:35 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsavast! Free Antivirus [2012/12/16 16:46:33 | 000,054,072 | ---- | C] (AVAST Software) -- C:WindowsSysNativedriversaswRdr2.sys [2012/12/16 16:46:32 | 000,984,144 | ---- | C] (AVAST Software) -- C:WindowsSysNativedriversaswSnx.sys [2012/12/16 16:46:32 | 000,059,728 | ---- | C] (AVAST Software) -- C:WindowsSysNativedriversaswTdi.sys [2012/12/16 16:46:29 | 000,071,600 | ---- | C] (AVAST Software) -- C:WindowsSysNativedriversaswMonFlt.sys [2012/12/16 16:46:00 | 000,041,224 | ---- | C] (AVAST Software) -- C:WindowsavastSS.scr [2012/12/16 16:45:59 | 000,227,648 | ---- | C] (AVAST Software) -- C:WindowsSysWow64aswBoot.exe [2012/12/16 16:06:49 | 000,000,000 | ---D | C] -- C:UsersOwnerAppDataLocalNETGEARGenie [2012/12/16 16:06:40 | 000,369,168 | ---- | C] (CACE Technologies, Inc.) -- C:WindowsSysNativewpcap.dll [2012/12/16 16:06:40 | 000,106,000 | ---- | C] (CACE Technologies, Inc.) -- C:WindowsSysNativepacket.dll [2012/12/16 16:06:40 | 000,035,344 | ---- | C] (CACE Technologies, Inc.) -- C:WindowsSysNativedriversnpf.sys [2012/12/16 16:06:32 | 000,000,000 | ---D | C] -- C:Program Files (x86)NETGEAR Genie [2012/12/15 12:05:13 | 000,000,000 | ---D | C] -- C:UsersOwnerDesktoptorrents [2012/12/14 14:48:35 | 000,000,000 | ---D | C] -- C:Program Files (x86)uTorrent [2012/12/14 07:07:11 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativemshtmled.dll [2012/12/14 07:07:11 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64mshtmled.dll [2012/12/14 07:07:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64ieui.dll [2012/12/14 07:07:09 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeieui.dll [2012/12/14 07:07:09 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeurl.dll [2012/12/14 07:07:09 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64url.dll [2012/12/14 07:07:09 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeieUnatt.exe [2012/12/14 07:07:09 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64ieUnatt.exe [2012/12/14 07:07:08 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativejscript9.dll [2012/12/14 07:07:08 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeinetcpl.cpl [2012/12/14 07:07:08 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64inetcpl.cpl [2012/12/14 07:07:07 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativemsfeeds.dll [2012/12/14 07:07:05 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64jscript.dll [2012/12/14 07:07:05 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativevbscript.dll [2012/12/14 07:07:04 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativejscript.dll [2012/12/13 05:58:09 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativekernel32.dll [2012/12/13 05:58:09 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeKernelBase.dll [2012/12/13 05:58:09 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeconhost.exe [2012/12/13 05:58:09 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativewinsrv.dll [2012/12/13 05:58:08 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativewow64win.dll [2012/12/13 05:58:08 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativewow64.dll [2012/12/13 05:58:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64setup16.exe [2012/12/13 05:58:08 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativentvdm64.dll [2012/12/13 05:58:08 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64ntvdm64.dll [2012/12/13 05:58:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativewow64cpu.dll [2012/12/13 05:58:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64instnm.exe [2012/12/13 05:58:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-security-base-l1-1-0.dll [2012/12/13 05:58:08 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-file-l1-1-0.dll [2012/12/13 05:58:08 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-file-l1-1-0.dll [2012/12/13 05:58:08 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64wow32.dll [2012/12/13 05:58:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-threadpool-l1-1-0.dll [2012/12/13 05:58:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-processthreads-l1-1-0.dll [2012/12/13 05:58:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-sysinfo-l1-1-0.dll [2012/12/13 05:58:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-sysinfo-l1-1-0.dll [2012/12/13 05:58:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-synch-l1-1-0.dll [2012/12/13 05:58:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-heap-l1-1-0.dll [2012/12/13 05:58:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-xstate-l1-1-0.dll [2012/12/13 05:58:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-util-l1-1-0.dll [2012/12/13 05:58:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-string-l1-1-0.dll [2012/12/13 05:58:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-string-l1-1-0.dll [2012/12/13 05:58:07 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-security-base-l1-1-0.dll [2012/12/13 05:58:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-threadpool-l1-1-0.dll [2012/12/13 05:58:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-processthreads-l1-1-0.dll [2012/12/13 05:58:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-synch-l1-1-0.dll [2012/12/13 05:58:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-misc-l1-1-0.dll [2012/12/13 05:58:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-localregistry-l1-1-0.dll [2012/12/13 05:58:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-localregistry-l1-1-0.dll [2012/12/13 05:58:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-localization-l1-1-0.dll [2012/12/13 05:58:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-localization-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-xstate-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-rtlsupport-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-processenvironment-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-processenvironment-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-namedpipe-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-namedpipe-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-misc-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-memory-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-memory-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-libraryloader-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-libraryloader-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-interlocked-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-heap-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-util-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-rtlsupport-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-profile-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-profile-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-io-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-io-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-interlocked-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-handle-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-handle-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-fibers-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-fibers-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-errorhandling-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-errorhandling-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-delayload-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-delayload-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-debug-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-debug-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-datetime-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-datetime-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysWow64api-ms-win-core-console-l1-1-0.dll [2012/12/13 05:58:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:WindowsSysNativeapi-ms-win-core-console-l1-1-0.dll [2012/12/13 05:58:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64user.exe [2012/12/13 05:57:59 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativedpnet.dll [2012/12/13 05:57:59 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64dpnet.dll [2012/12/12 15:34:58 | 000,000,000 | ---D | C] -- C:UsersOwnerAppDataRoamingatunes [2012/12/12 15:33:40 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsaTunes [2012/12/12 15:33:11 | 000,000,000 | ---D | C] -- C:Program Files (x86)aTunes [2012/12/12 11:44:07 | 000,000,000 | ---D | C] -- C:Program Files (x86)CheckPoint [2012/12/11 09:47:27 | 001,461,029 | ---- | C] (Farbar) -- C:UsersOwnerDesktopFRST64.exe [2012/12/10 20:38:13 | 000,752,213 | ---- | C] (Farbar) -- C:UsersOwnerDesktopMiniToolBox.exe [3 C:UsersOwnerDocuments*.tmp files -> C:UsersOwnerDocuments*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/01/09 17:56:00 | 000,000,830 | ---- | M] () -- C:WindowstasksAdobe Flash Player Updater.job [2013/01/09 17:50:44 | 000,014,144 | -H-- | M] () -- C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/01/09 17:50:44 | 000,014,144 | -H-- | M] () -- C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/01/09 17:44:09 | 000,000,410 | ---- | M] () -- C:WindowstasksSlimDrivers Startup.job [2013/01/09 17:42:46
  4. Hello JonTom My computer is running great. Thank you for all of your help. Here is the DDS log DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2 Run by Owner at 8:04:19 on 2013-01-09 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6055.3785 [GMT -6:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:Windowssystem32lsm.exe C:Windowssystem32svchost.exe -k DcomLaunch C:Windowssystem32nvvsvc.exe C:Windowssystem32svchost.exe -k RPCSS C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:Windowssystem32svchost.exe -k netsvcs C:Windowssystem32svchost.exe -k GPSvcGroup C:Windowssystem32svchost.exe -k LocalService C:Windowssystem32svchost.exe -k NetworkService C:Program FilesNVIDIA CorporationDisplayNvXDSync.exe C:Program FilesAVAST SoftwareAvastAvastSvc.exe C:Windowssystem32WLANExt.exe C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:WindowsSystem32spoolsv.exe C:Windowssystem32svchost.exe -k LocalServiceNoNetwork C:Windowssystem32taskhost.exe C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe C:Program FilesIntelWiFibinEvtEng.exe C:WindowsSysWOW64svchost.exe -k hpdevmgmt C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe C:WindowsSystem32hkcmd.exe C:WindowsSystem32igfxpers.exe C:Windowssystem32taskeng.exe C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe C:WindowsSystem32svchost.exe -k HPZ12 C:Program Files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe C:WindowsSysWOW64nlssrv32.exe C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe C:Program FilesRealtekAudioHDARAVCpl64.exe C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe C:Program FilesElantechETDCtrl.exe C:Program FilesIntelWiMAXBinWiMAXCU.exe C:Program Files (x86)Internet Download ManagerIDMan.exe C:UsersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe C:Program Files (x86)NETGEAR GeniebinNETGEARGenie.exe C:Program Files (x86)SlySoftAnyDVDAnyDVDtray.exe C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe C:WindowsSamsungPanelMgrSSMMgr.exe C:Program Files (x86)HPDigital Imagingbinhpqtra08.exe C:WindowsSamsungPanelMgrcaller64.exe C:Program Files (x86)MagicDiscMagicDisc.exe C:Program Files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe C:WindowsSystem32svchost.exe -k HPZ12 C:Program Files (x86)Common FilesJavaJava Updatejusched.exe C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe C:Program Files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe C:Program Files (x86)CyberLinkShared filesRichVideo.exe C:Windowssystem32taskeng.exe C:Program Files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe C:Windowssystem32svchost.exe -k imgsvc C:Program Files (x86)SamsungEasy Display ManagerWifiManager.exe C:Program FilesSRS LabsSRS Premium Sound Control Panelsrspremiumpanel_64.exe C:Program Files (x86)CyberLinkYouCamYCMMirage.exe C:Program Files (x86)SamsungEasy Display Managerdmhkcore.exe C:Program Files (x86)QuickTimeQTTask.exe C:Program Files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe C:Program FilesAVAST SoftwareAvastAvastUI.exe C:Program Files (x86)Internet Download ManagerIEMonitor.exe C:Program Files (x86)HPHP Software UpdatehpwuSchd2.exe C:Program FilesIntelWiMAXBinAppSrv.exe C:WindowsSystem32svchost.exe -k secsvcs C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE C:Program FilesIntelWiMAXBinDMAgent.exe C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe C:Windowssystem32wbemunsecapp.exe C:Windowssystem32SearchIndexer.exe C:Windowssystem32wbemunsecapp.exe C:Windowssystem32wbemwmiprvse.exe C:Program FilesElantechETDCtrlHelper.exe C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted C:Program Files (x86)NETGEAR Geniebingenie2_tray.exe C:Windowssplwow64.exe C:Windowssystem32igfxext.exe C:Windowssystem32igfxsrvc.exe C:Program FilesWindows Media Playerwmpnetwk.exe C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation C:Program Files (x86)SAMSUNGEasySpeedUpManagerEasySpeedUpManager.exe C:Program Files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe C:Program FilesSamsungSamsungFastStartSmartRestarter.exe C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe C:Program Files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe C:Program Files (x86)SamsungSamsung Support CenterSSCKbdHk.exe C:Program Files (x86)SamsungSamsung Update PlusSUPBackground.exe C:Windowssystem32wuauclt.exe C:Program Files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe C:Program Files (x86)SlySoftAnyDVDADvdDiscHlp64.exe C:Program Files (x86)Mozilla Firefoxfirefox.exe C:Program Files (x86)Mozilla Firefoxplugin-container.exe C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_5_502_135.exe C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_5_502_135.exe C:Windowssystem32SearchProtocolHost.exe C:Windowssystem32SearchFilterHost.exe C:Windowssystem32wbemwmiprvse.exe C:WindowsSystem32cscript.exe . ============== Pseudo HJT Report =============== . mStart Page = hxxp://samsung.msn.com BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program Files (x86)Internet Download ManagerIDMIECC.dll BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_printenhancer.dll BHO: Coupon Companion Plugin: {11111111-1111-1111-1111-110211181104} - BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll BHO: SelectionLinksBHO Class: {300BEC06-B743-4D19-86B9-11DC711D7FFB} - BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:Program Files (x86)Windows LiveCompanioncompanioncore.dll BHO: W2PBrowser Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:Program FilesSamsung AnyWeb PrintW2PBrowser.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:Program Files (x86)MicrosoftBingBar7.1.361.0BingExt.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:Program Files (x86)Yahoo!CompanionInstallscpnYTSingleInstance.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_BHO.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_bho.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_bho.dll uRun: [iDMan] C:Program Files (x86)Internet Download ManagerIDMan.exe /onboot uRun: [Xvid] C:Program Files (x86)XvidCheckUpdate.exe uRun: [spotify Web Helper] "C:UsersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe" uRun: [NETGEARGenie] "C:Program Files (x86)NETGEAR GeniebinNETGEARGenie.exe" -mini -redirect uRun: [AnyDVD] C:Program Files (x86)SlySoftAnyDVDAnyDVDtray.exe mRun: [CLMLServer] "C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe" mRun: [samsung PanelMgr] C:WindowsSamsungPanelMgrSSMMgr.exe /autorun mRun: [uVS10 Preload] C:Program Files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe mRun: [updatePPShortCut] "C:Program Files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" "C:Program Files (x86)CyberLinkPowerProducer" UpdateWithCreateOnce "SoftwareCyberLinkPowerProducer5.0" mRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe" mRun: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" mRun: [PowerDVD12DMREngine] "C:Program Files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" mRun: [PowerDVD12Agent] "C:Program Files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" mRun: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime mRun: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /nogui mRun: [HP Software Update] C:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe StartupFolder: C:UsersOwnerAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupMAGICD~1.LNK - C:Program Files (x86)MagicDiscMagicDisc.exe StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupHPDIGI~1.LNK - C:Program Files (x86)HPDigital Imagingbinhpqtra08.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Download all links with IDM - C:Program Files (x86)Internet Download ManagerIEGetAll.htm IE: Download with IDM - C:Program Files (x86)Internet Download ManagerIEExt.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:Program Files (x86)Windows LiveCompanioncompanioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:Program FilesSamsung AnyWeb PrintW2PBrowser.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_BHO.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} - hxxp://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces{EF589019-EF09-4585-8068-B38719BE845F} : DHCPNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll AppInit_DLLs= C:WindowsSysWOW64nvinit.dll SSODL: WebCheck - <orphaned> x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program Files (x86)Internet Download ManagerIDMIECC64.dll x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll x64-Run: [igfxTray] C:WindowsSystem32igfxtray.exe x64-Run: [HotKeysCmds] C:WindowsSystem32hkcmd.exe x64-Run: [Persistence] C:WindowsSystem32igfxpers.exe x64-Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s x64-Run: [intelWireless] "C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe" /tf Intel Wireless Tray x64-Run: [ETDCtrl] C:Program Files (x86)ElantechETDCtrl.exe x64-Run: [intelWirelessWiMAX] "C:Program FilesIntelWiMAXBinWiMAXCU.exe" /tasktray /nosplash x64-DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default FF - plugin: C:PROGRA~2MEADCO~1npmeadax.dll FF - plugin: C:Program Files (x86)AdobeReader 10.0ReaderAIRnppdf32.dll FF - plugin: C:Program Files (x86)Javajre7binplugin2npjp2.dll FF - plugin: c:Program Files (x86)Microsoft Silverlight5.1.10411.0npctrlui.dll FF - plugin: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll FF - plugin: C:WindowsSysWOW64MacromedFlashNPSWF32_11_5_502_135.dll FF - plugin: C:WindowsSysWOW64npDeployJava1.dll FF - plugin: C:WindowsSysWOW64npmproxy.dll FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com FF - ExtSQL: 2012-12-16 16:53; wrc@avast.com; C:Program FilesAVAST SoftwareAvastWebRepFF FF - ExtSQL: 2013-01-04 11:34; smartwebprinting@hp.com; C:Program Files (x86)HPDigital ImagingSmart Web PrintingMozillaAddOn3 FF - ExtSQL: !HIDDEN! 2013-01-04 11:34; smartwebprinting@hp.com; C:Program Files (x86)HPDigital ImagingSmart Web PrintingMozillaAddOn3 . ============= SERVICES / DRIVERS =============== . R0 nvpciflt;nvpciflt;C:WindowsSystem32driversnvpciflt.sys [2011-2-20 25576] R0 SmartDefragDriver;SmartDefragDriver;C:WindowsSystem32driversSmartDefragDriver.sys [2012-11-21 17720] R1 aswSnx;aswSnx;C:WindowsSystem32driversaswSnx.sys [2012-12-16 984144] R1 aswSP;aswSP;C:WindowsSystem32driversaswSP.sys [2012-12-16 370288] R1 avgtp;avgtp;C:WindowsSystem32driversavgtpx64.sys [2012-11-14 30568] R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:WindowsSystem32driversSABI.sys [2011-2-20 13824] R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34:12];C:Program Files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-9-19 147704] R2 aswFsBlk;aswFsBlk;C:WindowsSystem32driversaswFsBlk.sys [2012-12-16 25232] R2 aswMonFlt;aswMonFlt;C:WindowsSystem32driversaswMonFlt.sys [2012-12-16 71600] R2 avast! Antivirus;avast! Antivirus;C:Program FilesAVAST SoftwareAvastAvastSvc.exe [2012-12-16 44808] R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-11-9 90640] R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-11-9 78352] R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-11-9 295440] R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:Program FilesIntelWiMAXBinDMAgent.exe [2011-6-6 498688] R2 IDMWFP;IDMWFP;C:WindowsSystem32driversidmwfp.sys [2012-8-31 158944] R2 MBAMScheduler;MBAMScheduler;C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [2012-11-30 398184] R2 MBAMService;MBAMService;C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2012-11-30 682344] R2 NETGEARGenieDaemon;NETGEARGenieDaemon;C:Program Files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe [2012-9-25 231752] R2 nlsX86cc;Nalpeiron Licensing Service;C:WindowsSysWOW64nlssrv32.exe [2012-9-11 66560] R2 ntk_PowerDVD12;ntk_PowerDVD12;C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-11-9 83704] R2 UNS;Intel® Management and Security Application User Notification Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2011-2-20 2655768] R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:Program FilesIntelWiMAXBinAppSrv.exe [2011-6-6 986112] R3 BBUpdate;BBUpdate;C:Program Files (x86)MicrosoftBingBar7.1.361.0SeaPort.EXE [2012-2-10 240408] R3 bpenum;Intel® Centrino® WiMAX Enumerator;C:WindowsSystem32driversbpenum.sys [2011-5-19 84480] R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:WindowsSystem32driversbpmp.sys [2011-5-19 182272] R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;C:WindowsSystem32driversbpusb.sys [2011-5-19 83968] R3 clwvd;CyberLink WebCam Virtual Driver;C:WindowsSystem32driversclwvd.sys [2010-11-10 31088] R3 ETD;ELAN PS/2 Port Input Device;C:WindowsSystem32driversETD.sys [2011-2-21 138024] R3 IntcDAud;Intel® Display Audio;C:WindowsSystem32driversIntcDAud.sys [2011-2-21 317440] R3 MBAMProtector;MBAMProtector;C:WindowsSystem32driversmbam.sys [2012-11-30 24176] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:WindowsSystem32driversnusb3hub.sys [2010-10-11 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:WindowsSystem32driversnusb3xhc.sys [2010-10-11 180736] R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2012-8-6 539240] R3 wdkmd;Intel WiDi KMD;C:WindowsSystem32driversWDKMD.sys [2010-11-30 42392] S2 BBSvc;BingBar Service;C:Program Files (x86)MicrosoftBingBar7.1.361.0BBSvc.EXE [2012-2-10 193816] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2012-7-13 160944] S3 AVerPola;AVerMedia USB Polaris Series Capture Service;C:WindowsSystem32driversAVerPola.sys [2012-9-20 534144] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:Program FilesIntelWiFibinPanDhcpDns.exe [2011-1-4 340240] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:WindowsSystem32driversrdpvideominiport.sys [2012-11-14 19456] S3 Samsung UPD Service;Samsung UPD Service;C:WindowsSystem32SUPDSvc.exe [2011-2-20 166704] S3 StkCMini;Syntek AVStream USB2.0 ATV;C:WindowsSystem32driversStkCMini.sys [2012-8-9 1816968] S3 taphss6;Anchorfree HSS VPN Adapter;C:WindowsSystem32driverstaphss6.sys [2012-11-1 40712] S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2012-11-14 57856] S3 WatAdminSvc;Windows Activation Technologies Service;C:WindowsSystem32WatWatAdminSvc.exe [2012-7-25 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:WindowsSystem32driverswdcsam64.sys [2008-5-6 14464] S4 wlcrasvc;Windows Live Mesh remote connections service;C:Program FilesWindows LiveMeshwlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-01-08 14:56:43 32600 ----a-w- C:WindowsSystem32SmartDefragBootTime.exe 2013-01-08 12:32:48 9125352 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{4BDF0E67-A073-4341-81E0-3F75F7F5842F}mpengine.dll 2013-01-08 02:23:45 -------- d-----w- C:$RECYCLE.BIN 2013-01-08 01:40:45 -------- d-----w- C:ComboFix 2013-01-07 15:26:42 -------- d-----w- C:UsersOwnerAppDataLocalPrograms 2013-01-05 17:43:02 -------- d-----w- C:Program Files (x86)WBFS to ISO 2013-01-04 17:34:47 -------- d-----w- C:Program Files (x86)Yahoo! 2013-01-04 17:33:16 -------- d-----w- C:WindowsSysWow64spool 2013-01-04 17:32:26 -------- d-----w- C:Program Files (x86)Common FilesHP 2013-01-04 17:32:25 -------- d-----w- C:Program Files (x86)Common FilesHewlett-Packard 2013-01-04 17:32:18 -------- d-----w- C:Windowshpoj4500g510a-f 2013-01-04 17:31:56 -------- d-----w- C:Program Files (x86)HP 2013-01-02 19:47:18 -------- d-----w- C:Program Files (x86)ESET 2012-12-28 15:33:46 -------- d-----w- C:Hugo extras 2012-12-26 02:31:41 -------- d-----w- C:UsersOwnerAppDataRoamingMedia Player Lite 2012-12-26 02:28:05 -------- d-----w- C:UsersOwnerAppDataRoamingFileAssociationManager 2012-12-26 02:28:01 -------- d-----w- C:Program Files (x86)FileAssociationManager 2012-12-26 02:27:58 -------- d-----w- C:Program Files (x86)MediaPlayerLite 2012-12-26 00:57:17 -------- d-----w- C:toolbarImages 2012-12-25 19:54:23 -------- d-----w- C:ProgramDataBrowser Manager 2012-12-25 17:28:45 773968 ----a-w- C:WindowsSystem32msvcr100.dll 2012-12-25 17:28:12 -------- d-----w- C:ProgramDataWincert 2012-12-23 17:43:36 -------- d-----w- C:ted dvd files 2012-12-21 09:00:35 46080 ----a-w- C:WindowsSystem32atmlib.dll 2012-12-21 09:00:35 367616 ----a-w- C:WindowsSystem32atmfd.dll 2012-12-21 09:00:35 34304 ----a-w- C:WindowsSysWow64atmlib.dll 2012-12-21 09:00:35 295424 ----a-w- C:WindowsSysWow64atmfd.dll 2012-12-16 22:46:33 54072 ----a-w- C:WindowsSystem32driversaswRdr2.sys 2012-12-16 22:46:32 984144 ----a-w- C:WindowsSystem32driversaswSnx.sys 2012-12-16 22:46:29 71600 ----a-w- C:WindowsSystem32driversaswMonFlt.sys 2012-12-16 22:46:00 41224 ----a-w- C:WindowsavastSS.scr 2012-12-16 22:06:49 -------- d-----w- C:UsersOwnerAppDataLocalNETGEARGenie 2012-12-16 22:06:40 369168 ----a-w- C:WindowsSystem32wpcap.dll 2012-12-16 22:06:40 35344 ----a-w- C:WindowsSystem32driversnpf.sys 2012-12-16 22:06:40 106000 ----a-w- C:WindowsSystem32packet.dll 2012-12-16 22:06:32 -------- d-----w- C:Program Files (x86)NETGEAR Genie 2012-12-14 20:48:35 -------- d-----w- C:Program Files (x86)uTorrent 2012-12-13 11:57:59 478208 ----a-w- C:WindowsSystem32dpnet.dll 2012-12-13 11:57:59 376832 ----a-w- C:WindowsSysWow64dpnet.dll 2012-12-12 21:34:58 -------- d-----w- C:UsersOwnerAppDataRoamingatunes 2012-12-12 21:33:11 -------- d-----w- C:Program Files (x86)aTunes 2012-12-12 17:44:07 -------- d-----w- C:Program Files (x86)CheckPoint 2012-12-10 15:12:05 -------- d-----w- C:FRACTURE EXTRAS . ==================== Find3M ==================== . 2012-12-14 22:49:28 24176 ----a-w- C:WindowsSystem32driversmbam.sys 2012-12-12 17:57:05 697272 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe 2012-12-12 17:57:04 73656 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl 2012-11-22 03:26:40 3149824 ----a-w- C:WindowsSystem32win32k.sys 2012-11-15 01:50:36 96768 ----a-w- C:WindowsSysWow64sspicli.dll 2012-11-15 01:50:36 458712 ----a-w- C:WindowsSystem32driverscng.sys 2012-11-15 01:50:36 340992 ----a-w- C:WindowsSystem32schannel.dll 2012-11-15 01:50:36 307200 ----a-w- C:WindowsSystem32ncrypt.dll 2012-11-15 01:50:36 247808 ----a-w- C:WindowsSysWow64schannel.dll 2012-11-15 01:50:36 220160 ----a-w- C:WindowsSysWow64ncrypt.dll 2012-11-15 01:50:36 22016 ----a-w- C:WindowsSysWow64secur32.dll 2012-11-15 01:50:36 154480 ----a-w- C:WindowsSystem32driversksecpkg.sys 2012-11-15 01:50:36 1448448 ----a-w- C:WindowsSystem32lsasrv.dll 2012-11-15 01:49:36 514560 ----a-w- C:WindowsSysWow64qdvd.dll 2012-11-15 01:49:36 366592 ----a-w- C:WindowsSystem32qdvd.dll 2012-11-14 20:32:45 30568 ----a-w- C:WindowsSystem32driversavgtpx64.sys 2012-11-14 06:11:44 2312704 ----a-w- C:WindowsSystem32jscript9.dll 2012-11-14 06:04:11 1392128 ----a-w- C:WindowsSystem32wininet.dll 2012-11-14 06:02:49 1494528 ----a-w- C:WindowsSystem32inetcpl.cpl 2012-11-14 05:57:46 599040 ----a-w- C:WindowsSystem32vbscript.dll 2012-11-14 05:57:35 173056 ----a-w- C:WindowsSystem32ieUnatt.exe 2012-11-14 05:52:40 2382848 ----a-w- C:WindowsSystem32mshtml.tlb 2012-11-14 02:09:22 1800704 ----a-w- C:WindowsSysWow64jscript9.dll 2012-11-14 01:58:15 1427968 ----a-w- C:WindowsSysWow64inetcpl.cpl 2012-11-14 01:57:37 1129472 ----a-w- C:WindowsSysWow64wininet.dll 2012-11-14 01:49:25 142848 ----a-w- C:WindowsSysWow64ieUnatt.exe 2012-11-14 01:48:27 420864 ----a-w- C:WindowsSysWow64vbscript.dll 2012-11-14 01:44:42 2382848 ----a-w- C:WindowsSysWow64mshtml.tlb 2012-11-09 05:45:09 2048 ----a-w- C:WindowsSystem32tzres.dll 2012-11-09 04:42:49 2048 ----a-w- C:WindowsSysWow64tzres.dll 2012-11-01 18:31:08 40712 ----a-w- C:WindowsSystem32driverstaphss6.sys 2012-11-01 18:25:26 42248 ----a-w- C:WindowsSystem32drivershssdrv6.sys 2012-10-25 09:12:26 94208 ----a-w- C:WindowsSysWow64QuickTimeVR.qtx 2012-10-25 09:12:26 69632 ----a-w- C:WindowsSysWow64QuickTime.qts 2012-10-22 22:34:45 95208 ----a-w- C:WindowsSysWow64WindowsAccessBridge-32.dll 2012-10-22 22:34:35 821736 ----a-w- C:WindowsSysWow64npDeployJava1.dll 2012-10-22 22:34:35 746984 ----a-w- C:WindowsSysWow64deployJava1.dll 2012-10-16 08:38:37 135168 ----a-w- C:WindowsapppatchAppPatch64AcXtrnal.dll 2012-10-16 08:38:34 350208 ----a-w- C:WindowsapppatchAppPatch64AcLayers.dll 2012-10-16 07:39:52 561664 ----a-w- C:WindowsapppatchAcLayers.dll . ============= FINISH: 8:04:46.75 ===============
  5. Hello JonTom, Here is the rest of the logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.4.1 (01.06.2013:2) OS: Windows 7 Home Premium x64 Ran by Owner on Tue 01/08/2013 at 11:33:00.07 Blog: http://thisisudax.blogspot.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [service] wajamupdater Successfully deleted: [service] wajamupdater ~~~ Registry Values Successfully deleted: [Registry Value] hkey_current_usersoftwaremicrosoftinternet explorerurlsearchhooks{ef99bd32-c1fb-11d2-892f-0090271d4f88} Successfully deleted: [Registry Value] hkey_local_machinesoftwaremicrosoftinternet explorertoolbar{ef99bd32-c1fb-11d2-892f-0090271d4f88} Successfully repaired: [Registry Value] hkey_current_usersoftwaremicrosoftinternet explorersearchscopesDefaultScope Successfully repaired: [Registry Value] hkey_local_machinesoftwaremicrosoftinternet explorersearchscopesDefaultScope Successfully repaired: [Registry Value] hkey_users.defaultsoftwaremicrosoftinternet explorersearchscopesDefaultScope Successfully repaired: [Registry Value] hkey_userss-1-5-18softwaremicrosoftinternet explorersearchscopesDefaultScope Successfully repaired: [Registry Value] hkey_userss-1-5-19softwaremicrosoftinternet explorersearchscopesDefaultScope Successfully repaired: [Registry Value] hkey_userss-1-5-20softwaremicrosoftinternet explorersearchscopesDefaultScope Successfully repaired: [Registry Value] hkey_usersS-1-5-21-4159443991-512847242-1124234837-1001softwaremicrosoftinternet explorersearchscopesDefaultScope ~~~ Registry Keys Successfully deleted: [Registry Key] hkey_local_machinesoftwaredatamngr Successfully deleted: [Registry Key] hkey_current_usersoftwaredatamngr_toolbar Successfully deleted: [Registry Key] hkey_current_usersoftwareilivid Successfully deleted: [Registry Key] hkey_current_usersoftwareilividtoolbarguid Successfully deleted: [Registry Key] hkey_current_usersoftwareinstalledbrowserextensions Successfully deleted: [Registry Key] hkey_current_usersoftwarewajam Successfully deleted: [Registry Key] hkey_local_machinesoftwarewajam Successfully deleted: [Registry Key] hkey_current_usersoftwareappdatalowsoftwareconduit Successfully deleted: [Registry Key] hkey_current_usersoftwareappdatalowsoftwarecrossrider Successfully deleted: [Registry Key] hkey_current_usersoftwareappdatalowsoftwaresmartbar Successfully deleted: [Registry Key] hkey_local_machinesoftwareclassesappidbrowserconnection.dll Successfully deleted: [Registry Key] hkey_local_machinesoftwareclassesapplicationsilividsetup.exe Successfully deleted: [Registry Key] hkey_local_machinesoftwareclassesclsid{ce4db5a3-58e6-41f1-8761-47238df4f468} Successfully deleted: [Registry Key] hkey_local_machinesoftwareclassesilividiehelper.dnsguard Successfully deleted: [Registry Key] hkey_local_machinesoftwareclassesilividiehelper.dnsguard.1 Successfully deleted: [Registry Key] hkey_local_machinesoftwareclassestypelib{75e8da27-44af-40ae-927c-f2eec99d65b1} Successfully deleted: [Registry Key] hkey_local_machinesoftwareclasseswajam.wajambho Successfully deleted: [Registry Key] hkey_local_machinesoftwareclasseswajam.wajambho.1 Successfully deleted: [Registry Key] hkey_local_machinesoftwareclasseswajam.wajamdownloader Successfully deleted: [Registry Key] hkey_local_machinesoftwareclasseswajam.wajamdownloader.1 Successfully deleted: [Registry Key] hkey_local_machinesoftwaremicrosofttracingsetupdatamngr_searchqu_rasapi32 Successfully deleted: [Registry Key] hkey_local_machinesoftwaremicrosofttracingsetupdatamngr_searchqu_rasmancs Successfully deleted: [Registry Key] hkey_local_machinesoftwarewow6432nodeilividsrtb Successfully deleted: [Registry Key] hkey_local_machinesoftwarewow6432nodemicrosofttracingilividmediabar_rasapi32 Successfully deleted: [Registry Key] hkey_local_machinesoftwarewow6432nodemicrosofttracingilividmediabar_rasmancs Successfully deleted: [Registry Key] hkey_local_machinesoftwarewow6432nodemicrosofttracingilividsetup_rasapi32 Successfully deleted: [Registry Key] hkey_local_machinesoftwarewow6432nodemicrosofttracingilividsetup_rasmancs Successfully deleted: [Registry Key] hkey_local_machinesoftwarewow6432nodemicrosoftwindowscurrentversionuninstallilividtoolbarguid Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINEsoftwareclassesCrossriderApp0021804.BHO Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINEsoftwareclassesCrossriderApp0021804.Sandbox Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINEsoftwareclassesCrossriderApp0021804.Sandbox.1 Successfully deleted: [Registry Key] hkey_classes_rootclsid{02478d38-c3f9-4efb-9b51-7695eca05670} Successfully deleted: [Registry Key] hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerbrowser helper objects{02478d38-c3f9-4efb-9b51-7695eca05670} Successfully deleted: [Registry Key] hkey_current_usersoftwaremicrosoftinternet explorersearchscopes{9bb47c17-9c68-4bb3-b188-dd9af0fd2406} Successfully deleted: [Registry Key] hkey_local_machinesoftwaremicrosoftinternet explorersearchscopes{9bb47c17-9c68-4bb3-b188-dd9af0fd2406} Successfully deleted: [Registry Key] hkey_classes_rootclsid{a7a6995d-6ee1-4fd1-a258-49395d5bf99c} Successfully deleted: [Registry Key] hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerbrowser helper objects{a7a6995d-6ee1-4fd1-a258-49395d5bf99c} Successfully deleted: [Registry Key] hkey_classes_rootclsid{c1ed9da0-afd0-4b90-ac6a-d3874f591014} Successfully deleted: [Registry Key] hkey_classes_rootclsid{ef99bd32-c1fb-11d2-892f-0090271d4f88} Successfully deleted: [Registry Key] hkey_classes_rootclsid{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE} Successfully deleted: [Registry Key] hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerbrowser helper objects{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE} ~~~ Files Successfully deleted: [File] "C:UsersOwnerAppDataRoamingmicrosoftwindowsstart menuprogramsilivid.lnk" ~~~ Folders Successfully deleted: [Folder] "C:ProgramDataboost_interprocess" Successfully deleted: [Folder] "C:UsersOwnerAppDataRoamingdrivercure" Successfully deleted: [Folder] "C:UsersOwnerappdatalocaltorch" Successfully deleted: [Folder] "C:UsersOwnerappdatalocalwajam" Successfully deleted: [Folder] "C:UsersOwnerappdatalocallowconduit" Successfully deleted: [Folder] "C:UsersOwnerappdatalocallowdatamngr" Successfully deleted: [Folder] "C:UsersOwnerappdatalocallowilividtoolbarguid" Successfully deleted: [Folder] "C:UsersOwnerappdatalocallowvaudix" Successfully deleted: [Folder] "C:Program Files (x86)wajam" Successfully deleted: [Folder] "C:UsersOwnerAppDataRoamingmicrosoftwindowsstart menuprogramswajam" ~~~ FireFox Successfully deleted: [File] "C:Program Files (x86)Mozilla Firefoxsearchpluginssearch_results.xml" Successfully deleted: [File] C:UsersOwnerAppDataRoamingmozillafirefoxprofilesnww68hdh.defaultuser.js Successfully deleted: [File] C:UsersOwnerAppDataRoamingmozillafirefoxprofilesnww68hdh.defaultinvalidprefs.js Successfully deleted: [File] "C:UsersOwnerAppDataRoamingmozillafirefoxprofilesnww68hdh.defaultextensions50970cb9d50ba@50970cb9d50f3.com.xpi" Successfully deleted: [File] C:UsersOwnerAppDataRoamingmozillafirefoxprofilesnww68hdh.defaultsearchpluginssearch_results.xml Failed to delete: [Folder] "C:Program Files (x86)Mozilla Firefoxextensions{1fd91a9c-410c-4090-bbcc-55d3450ef433}" Successfully deleted: [Folder] C:UsersOwnerAppDataRoamingmozillafirefoxprofilesnww68hdh.defaultilividtoolbarguid Successfully deleted: [Folder] C:UsersOwnerAppDataRoamingmozillafirefoxprofilesnww68hdh.defaultextensionsplugin@selectionlinks.com Successfully deleted: [Folder] C:UsersOwnerAppDataRoamingmozillafirefoxprofilesnww68hdh.defaultextensions{f34c9277-6577-4dff-b2d7-7d58092f272f} Successfully deleted the following from C:UsersOwnerAppDataRoamingmozillafirefoxprofilesnww68hdh.defaultprefs.js user_pref("Smartbar.SearchFromAddressBarSavedUrl", "http://www.goodsearch.com/search.aspx?toolbarcharity=___toolbarcharity___&id=goodsearchtb&v=2_1&keywords="); user_pref("extensions.50970cb9d5165.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,sear user_pref("extensions.crossriderapp21804.adsOldValue", -1); user_pref("extensions.toolbar.mindspark._2vMembers_.hp.user.defined", true); user_pref("extensions.toolbar.mindspark._2vMembers_.initialized", true); user_pref("extensions.toolbar.mindspark._2vMembers_.installation.contextKey", ""); user_pref("extensions.toolbar.mindspark._2vMembers_.installation.installDate", "2012120218"); user_pref("extensions.toolbar.mindspark._2vMembers_.installation.partnerId", "XMxpi000"); user_pref("extensions.toolbar.mindspark._2vMembers_.installation.partnerSubId", ""); user_pref("extensions.toolbar.mindspark._2vMembers_.installation.success", false); user_pref("extensions.toolbar.mindspark._2vMembers_.installation.toolbarId", "undefined"); user_pref("extensions.toolbar.mindspark._2vMembers_.options.defaultSearch", false); user_pref("extensions.toolbar.mindspark._2vMembers_.options.homePageEnabled", false); user_pref("extensions.toolbar.mindspark._2vMembers_.options.keywordEnabled", false); user_pref("extensions.toolbar.mindspark._2vMembers_.options.tabEnabled", false); user_pref("extensions.toolbar.mindspark._2vMembers_.weather.location", "53575"); user_pref("extensions.toolbar.mindspark._4pMembers_.homepage", "http://home.mywebsearch.com/index.jhtml?ptb=3E0332B7-CD22-4289-A1F8-A2126361EDB9&n=77ee8df8&p2=^YX^yyyyyy^YY^us user_pref("extensions.toolbar.mindspark._4pMembers_.initialized", true); user_pref("extensions.toolbar.mindspark._4pMembers_.installation.contextKey", ""); user_pref("extensions.toolbar.mindspark._4pMembers_.installation.installDate", "2012122616"); user_pref("extensions.toolbar.mindspark._4pMembers_.installation.partnerId", "^YX^yyyyyy^YY^us"); user_pref("extensions.toolbar.mindspark._4pMembers_.installation.partnerSubId", ""); user_pref("extensions.toolbar.mindspark._4pMembers_.installation.success", true); user_pref("extensions.toolbar.mindspark._4pMembers_.installation.toolbarId", "3E0332B7-CD22-4289-A1F8-A2126361EDB9"); user_pref("extensions.toolbar.mindspark._4pMembers_.lastActivePing", "1357648146463"); user_pref("extensions.toolbar.mindspark._4pMembers_.options.defaultSearch", false); user_pref("extensions.toolbar.mindspark._4pMembers_.options.homePageEnabled", false); user_pref("extensions.toolbar.mindspark._4pMembers_.options.keywordEnabled", false); user_pref("extensions.toolbar.mindspark._4pMembers_.options.tabEnabled", false); user_pref("extensions.toolbar.mindspark._4pMembers_.weather.location", "53575"); user_pref("extensions.toolbar.mindspark._63Members_.initialized", true); user_pref("extensions.toolbar.mindspark._63Members_.installation.contextKey", ""); user_pref("extensions.toolbar.mindspark._63Members_.installation.installDate", "2012120218"); user_pref("extensions.toolbar.mindspark._63Members_.installation.partnerId", "^AF4^xdm003^YY^us"); user_pref("extensions.toolbar.mindspark._63Members_.installation.partnerSubId", "CMyus_STyrMCFQpgMgodhUgAiQ"); user_pref("extensions.toolbar.mindspark._63Members_.installation.success", true); user_pref("extensions.toolbar.mindspark._63Members_.installation.toolbarId", "6FCC1F36-E439-4609-B5C2-7F599003EDC6"); user_pref("extensions.toolbar.mindspark._63Members_.lastActivePing", "1357648146488"); user_pref("extensions.toolbar.mindspark._63Members_.options.defaultSearch", false); user_pref("extensions.toolbar.mindspark._63Members_.options.homePageEnabled", false); user_pref("extensions.toolbar.mindspark._63Members_.options.keywordEnabled", false); user_pref("extensions.toolbar.mindspark._63Members_.options.tabEnabled", false); user_pref("extensions.toolbar.mindspark._63Members_.searchHistory", ""); user_pref("extensions.toolbar.mindspark._63Members_.weather.location", "53575"); user_pref("extensions.toolbar.mindspark.lastInstalled", "minddabble@mindspark.com"); user_pref("keyword.URL", "http://dts.search-results.com/sr?src=ffb&gct=ds&appid=287&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=5893014922044063&o=APN10645&q="); user_pref("smartbar.originalHomepage", "chrome://branding/locale/browserconfig.properties"); user_pref("smartbar.originalSearchAddressUrl", "http://www.goodsearch.com/search.aspx?toolbarcharity=___toolbarcharity___&id=goodsearchtb&v=2_1&keywords="); user_pref("smartbar.originalSearchEngine", false); Emptied folder: C:UsersOwnerAppDataRoamingmozillafirefoxprofilesnww68hdh.defaultminidumps [53 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Tue 01/08/2013 at 11:44:12.82 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.01.07.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Owner :: OWNER-PC [administrator] 1/8/2013 2:20:22 PM MBAM-log-2013-01-08 (15-54-16).txt Scan type: Full scan (C:|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 446711 Time elapsed: 1 hour(s), 15 minute(s), 15 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 25 C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pbar.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pbarsvc.exe.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pdatact.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pdyn.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pfeedmg.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4phighin.exe.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4phkstub.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4phttpct.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pidle.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pimpipe.exe.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pmedint.exe.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pmlbtn.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pmsg.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pPlugin.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pradio.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pregfft.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4preghk.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pscript.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pskin.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pskplay.exe.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4pSrchMn.exe.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4ptpinst.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.bin4puabtn.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.binNP4pStub.dll.vir (PUP.MyWebSearch) -> No action taken. C:QooboxQuarantineCProgram Files (x86)MINDDA~2bar2.binT8HTML.DLL.vir (PUP.MyWebSearch) -> No action taken. (end)
  6. Hello JonTom I made a mistake. I didn't save the combofix log. When I checked ComboFix.txt I found nothing. I ran ComboFix again and here is that list ComboFix 13-01-06.01 - Owner 01/07/2013 19:42:11.8.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6056.4082 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe Command switches used :: c:usersOwnerDesktopCFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:progra~2MINDDA~2bar2.bin4pbarsvc.exe" "c:progra~2MINDDA~2bar2.bin4psrchmn.exe" "c:progra~2SEARCH~1Datamngrx64datamngr.dll" "c:progra~2SEARCH~1Datamngrx64IEBHO.dll" "c:programdataVaudix508d42f54b62d.ocx" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------Legacy_NPF -------Service_NPF . . ((((((((((((((((((((((((( Files Created from 2012-12-08 to 2013-01-08 ))))))))))))))))))))))))))))))) . . 2013-01-08 02:20 . 2013-01-08 02:20 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp 2013-01-08 02:20 . 2013-01-08 02:20 -------- d-----w- c:usersPublicAppDataLocaltemp 2013-01-08 02:20 . 2013-01-08 02:20 -------- d-----w- c:usersDefaultAppDataLocaltemp 2013-01-07 15:26 . 2013-01-07 15:26 -------- d-----w- c:usersOwnerAppDataLocalPrograms 2013-01-05 17:43 . 2013-01-05 17:43 -------- d-----w- c:program files (x86)WBFS to ISO 2013-01-05 17:41 . 2013-01-05 17:41 -------- d-----w- c:usersOwnerAppDataLocalWajam 2013-01-05 17:40 . 2013-01-05 17:41 -------- d-----w- c:program files (x86)Wajam 2013-01-04 17:34 . 2013-01-04 17:34 -------- d-----w- c:usersOwnerAppDataRoamingYahoo! 2013-01-04 17:34 . 2013-01-04 17:34 -------- d-----w- c:programdataYahoo! Companion 2013-01-04 17:34 . 2013-01-04 17:34 -------- d-----w- c:program files (x86)Yahoo! 2013-01-04 17:33 . 2013-01-04 17:33 -------- d-----w- c:programdataHP Product Assistant 2013-01-04 17:33 . 2013-01-04 17:33 -------- d-----w- c:windowsSysWow64spool 2013-01-04 17:32 . 2013-01-04 17:32 -------- d-----w- c:program files (x86)Common FilesHP 2013-01-04 17:32 . 2013-01-04 17:32 -------- d-----w- c:program files (x86)Common FilesHewlett-Packard 2013-01-04 17:32 . 2013-01-04 17:32 -------- d-----w- c:windowshpoj4500g510a-f 2013-01-04 17:31 . 2013-01-04 17:34 -------- d-----w- c:program files (x86)HP 2013-01-04 17:29 . 2013-01-04 17:33 -------- d-----w- c:programdataHP 2013-01-04 12:36 . 2012-11-08 17:24 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{815A6954-172D-4B27-BDA6-DD421375ECF9}mpengine.dll 2013-01-02 19:47 . 2013-01-02 19:47 -------- d-----w- c:program files (x86)ESET 2012-12-28 15:33 . 2012-12-28 15:33 -------- d-----w- C:Hugo extras 2012-12-28 15:33 . 2012-12-28 15:33 -------- d-----w- C:Hugo 2012-12-26 14:13 . 2012-12-26 14:13 -------- d-----w- c:programdataboost_interprocess 2012-12-26 02:31 . 2012-12-31 16:16 -------- d-----w- c:usersOwnerAppDataRoamingMedia Player Lite 2012-12-26 02:28 . 2012-12-30 03:04 -------- d-----w- c:usersOwnerAppDataRoamingFileAssociationManager 2012-12-26 02:28 . 2012-12-26 02:28 -------- d-----w- c:program files (x86)FileAssociationManager 2012-12-26 02:27 . 2012-12-26 02:27 -------- d-----w- c:program files (x86)MediaPlayerLite 2012-12-26 00:57 . 2012-12-26 00:57 -------- d-----w- C:toolbarImages 2012-12-26 00:56 . 2012-12-26 00:57 -------- d-----w- c:usersOwnerAppDataLocalTorch 2012-12-25 19:54 . 2012-12-25 19:54 -------- d-----w- c:programdataBrowser Manager 2012-12-25 17:28 . 2012-06-27 19:26 773968 ----a-w- c:windowssystem32msvcr100.dll 2012-12-25 17:28 . 2012-12-25 17:28 -------- d-----w- c:programdataWincert 2012-12-23 17:43 . 2012-12-23 17:43 -------- d-----w- C:ted dvd files 2012-12-21 18:33 . 2012-12-29 21:41 -------- d-----w- c:usersOwnerAppDataRoamingdvdcss 2012-12-21 09:00 . 2012-12-16 17:11 46080 ----a-w- c:windowssystem32atmlib.dll 2012-12-21 09:00 . 2012-12-16 14:45 367616 ----a-w- c:windowssystem32atmfd.dll 2012-12-21 09:00 . 2012-12-16 14:13 295424 ----a-w- c:windowsSysWow64atmfd.dll 2012-12-21 09:00 . 2012-12-16 14:13 34304 ----a-w- c:windowsSysWow64atmlib.dll 2012-12-16 22:46 . 2012-10-30 23:51 370288 ----a-w- c:windowssystem32driversaswSP.sys 2012-12-16 22:46 . 2012-10-30 23:51 25232 ----a-w- c:windowssystem32driversaswFsBlk.sys 2012-12-16 22:46 . 2012-10-15 16:59 54072 ----a-w- c:windowssystem32driversaswRdr2.sys 2012-12-16 22:46 . 2012-10-30 23:51 59728 ----a-w- c:windowssystem32driversaswTdi.sys 2012-12-16 22:46 . 2012-10-30 23:51 984144 ----a-w- c:windowssystem32driversaswSnx.sys 2012-12-16 22:46 . 2012-10-30 23:51 71600 ----a-w- c:windowssystem32driversaswMonFlt.sys 2012-12-16 22:46 . 2012-10-30 23:51 41224 ----a-w- c:windowsavastSS.scr 2012-12-16 22:45 . 2012-10-30 23:50 227648 ----a-w- c:windowsSysWow64aswBoot.exe 2012-12-16 22:06 . 2012-12-16 22:07 -------- d-----w- c:usersOwnerAppDataLocalNETGEARGenie 2012-12-16 22:06 . 2012-12-16 22:06 369168 ----a-w- c:windowssystem32wpcap.dll 2012-12-16 22:06 . 2012-12-16 22:06 35344 ----a-w- c:windowssystem32driversnpf.sys 2012-12-16 22:06 . 2012-12-16 22:06 106000 ----a-w- c:windowssystem32packet.dll 2012-12-16 22:06 . 2012-12-16 22:06 -------- d-----w- c:program files (x86)NETGEAR Genie 2012-12-14 20:48 . 2012-12-14 20:48 -------- d-----w- c:program files (x86)uTorrent 2012-12-14 13:06 . 2012-11-14 07:06 17811968 ----a-w- c:windowssystem32mshtml.dll 2012-12-14 13:06 . 2012-11-14 06:32 10925568 ----a-w- c:windowssystem32ieframe.dll 2012-12-13 11:57 . 2012-11-02 05:59 478208 ----a-w- c:windowssystem32dpnet.dll 2012-12-13 11:57 . 2012-11-02 05:11 376832 ----a-w- c:windowsSysWow64dpnet.dll 2012-12-12 21:34 . 2012-12-13 00:47 -------- d-----w- c:usersOwnerAppDataRoamingatunes 2012-12-12 21:33 . 2012-12-12 21:33 -------- d-----w- c:program files (x86)aTunes 2012-12-12 17:44 . 2012-12-12 17:44 -------- d-----w- c:program files (x86)CheckPoint 2012-12-10 15:12 . 2012-12-10 15:12 -------- d-----w- C:FRACTURE EXTRAS . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-26 01:25 . 2012-10-17 13:39 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCore-2Microsoft.MediaCenter.Sports.UI.dll 2012-12-26 01:25 . 2012-10-06 20:26 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkupmarkup.dll 2012-12-26 01:25 . 2012-10-06 20:26 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSMStartResources.dll 2012-12-14 22:49 . 2012-11-30 15:39 24176 ----a-w- c:windowssystem32driversmbam.sys 2012-12-14 13:10 . 2012-07-25 12:45 67413224 ----a-w- c:windowssystem32MRT.exe 2012-12-12 17:57 . 2012-07-31 00:28 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe 2012-12-12 17:57 . 2012-07-31 00:28 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl 2012-11-24 01:35 . 2012-10-06 20:26 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll 2012-11-15 01:51 . 2012-11-15 01:51 62976 ----a-w- c:windowssystem32TSWbPrxy.exe 2012-11-15 01:51 . 2012-11-15 01:51 57856 ----a-w- c:windowssystem32driversTsUsbFlt.sys 2012-11-15 01:51 . 2012-11-15 01:51 5773824 ----a-w- c:windowssystem32mstscax.dll 2012-11-15 01:51 . 2012-11-15 01:51 54272 ----a-w- c:windowssystem32MsRdpWebAccess.dll 2012-11-15 01:51 . 2012-11-15 01:51 4916224 ----a-w- c:windowsSysWow64mstscax.dll 2012-11-15 01:51 . 2012-11-15 01:51 46592 ----a-w- c:windowsSysWow64MsRdpWebAccess.dll 2012-11-15 01:51 . 2012-11-15 01:51 44032 ----a-w- c:windowssystem32tsgqec.dll 2012-11-15 01:51 . 2012-11-15 01:51 43520 ----a-w- c:windowssystem32TsUsbGDCoInstaller.dll 2012-11-15 01:51 . 2012-11-15 01:51 384000 ----a-w- c:windowssystem32wksprt.exe 2012-11-15 01:51 . 2012-11-15 01:51 37376 ----a-w- c:windowsSysWow64tsgqec.dll 2012-11-15 01:51 . 2012-11-15 01:51 322560 ----a-w- c:windowssystem32aaclient.dll 2012-11-15 01:51 . 2012-11-15 01:51 3174912 ----a-w- c:windowssystem32rdpcorets.dll 2012-11-15 01:51 . 2012-11-15 01:51 269312 ----a-w- c:windowsSysWow64aaclient.dll 2012-11-15 01:51 . 2012-11-15 01:51 243200 ----a-w- c:windowssystem32rdpudd.dll 2012-11-15 01:51 . 2012-11-15 01:51 228864 ----a-w- c:windowssystem32rdpendp_winip.dll 2012-11-15 01:51 . 2012-11-15 01:51 19456 ----a-w- c:windowssystem32driversrdpvideominiport.sys 2012-11-15 01:51 . 2012-11-15 01:51 192000 ----a-w- c:windowsSysWow64rdpendp_winip.dll 2012-11-15 01:51 . 2012-11-15 01:51 18432 ----a-w- c:windowssystem32wksprtPS.dll 2012-11-15 01:51 . 2012-11-15 01:51 16896 ----a-w- c:windowsSysWow64wksprtPS.dll 2012-11-15 01:51 . 2012-11-15 01:51 15360 ----a-w- c:windowssystem32RdpGroupPolicyExtension.dll 2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyExtension.dll 2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyControl.exe 2012-11-15 01:51 . 2012-11-15 01:51 1123840 ----a-w- c:windowssystem32mstsc.exe 2012-11-15 01:51 . 2012-11-15 01:51 1048064 ----a-w- c:windowsSysWow64mstsc.exe 2012-11-15 01:50 . 2012-11-15 01:50 96768 ----a-w- c:windowsSysWow64sspicli.dll 2012-11-15 01:50 . 2012-11-15 01:50 458712 ----a-w- c:windowssystem32driverscng.sys 2012-11-15 01:50 . 2012-11-15 01:50 340992 ----a-w- c:windowssystem32schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 307200 ----a-w- c:windowssystem32ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 247808 ----a-w- c:windowsSysWow64schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 220160 ----a-w- c:windowsSysWow64ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 22016 ----a-w- c:windowsSysWow64secur32.dll 2012-11-15 01:50 . 2012-11-15 01:50 154480 ----a-w- c:windowssystem32driversksecpkg.sys 2012-11-15 01:50 . 2012-11-15 01:50 1448448 ----a-w- c:windowssystem32lsasrv.dll 2012-11-15 01:49 . 2012-11-15 01:49 514560 ----a-w- c:windowsSysWow64qdvd.dll 2012-11-15 01:49 . 2012-11-15 01:49 366592 ----a-w- c:windowssystem32qdvd.dll 2012-11-14 20:32 . 2012-11-14 20:32 30568 ----a-w- c:windowssystem32driversavgtpx64.sys 2012-11-01 18:31 . 2012-11-01 18:31 40712 ----a-w- c:windowssystem32driverstaphss6.sys 2012-11-01 18:25 . 2012-11-01 18:25 42248 ----a-w- c:windowssystem32drivershssdrv6.sys 2012-10-30 23:50 . 2012-08-03 22:43 285328 ----a-w- c:windowssystem32aswBoot.exe 2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:windowsSysWow64QuickTimeVR.qtx 2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:windowsSysWow64QuickTime.qts 2012-10-22 22:34 . 2012-10-22 22:34 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll 2012-10-22 22:34 . 2012-10-22 22:35 821736 ----a-w- c:windowsSysWow64npDeployJava1.dll 2012-10-22 22:34 . 2012-10-22 22:35 746984 ----a-w- c:windowsSysWow64deployJava1.dll 2012-10-17 13:39 . 2012-10-17 13:39 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkup-2markup.dll 2012-10-17 13:37 . 2012-10-17 13:37 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSM-2StartResources.dll 2012-10-16 08:38 . 2012-12-13 11:57 135168 ----a-w- c:windowsapppatchAppPatch64AcXtrnal.dll 2012-10-16 08:38 . 2012-12-13 11:57 350208 ----a-w- c:windowsapppatchAppPatch64AcLayers.dll 2012-10-16 07:39 . 2012-12-13 11:57 561664 ----a-w- c:windowsapppatchAcLayers.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{11111111-1111-1111-1111-110211181104}] c:program files (x86)Coupon Companion PluginCoupon Companion Plugin.dll [bU] . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{300BEC06-B743-4D19-86B9-11DC711D7FFB}] c:program files (x86)OAppsSelectionLinks.dll [bU] . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE}] c:programdataVaudix508d42f54b62d.ocx [bU] . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "IDMan"="c:program files (x86)Internet Download ManagerIDMan.exe" [2012-09-01 3528128] "Xvid"="c:program files (x86)XvidCheckUpdate.exe" [2011-01-17 8192] "Spotify Web Helper"="c:usersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe" [2012-10-28 1199576] "NETGEARGenie"="c:program files (x86)NETGEAR GeniebinNETGEARGenie.exe" [2012-10-16 1041736] "AnyDVD"="c:program files (x86)SlySoftAnyDVDAnyDVDtray.exe" [2012-12-20 6750448] . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun] "CLMLServer"="c:program files (x86)CyberLinkPower2GoCLMLSvc.exe" [2009-11-02 103720] "Samsung PanelMgr"="c:windowsSamsungPanelMgrSSMMgr.exe" [2010-06-08 618496] "UVS10 Preload"="c:program files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe" [2006-03-07 36864] "UpdatePPShortCut"="c:program files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" [2009-05-20 222504] "Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848] "APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-10-12 59280] "PowerDVD12DMREngine"="c:program files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [2012-09-19 505872] "PowerDVD12Agent"="c:program files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [2012-09-19 374560] "QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-10-25 421888] "avast"="c:program filesAVAST SoftwareAvastavastUI.exe" [2012-10-30 4297136] "HP Software Update"="c:program files (x86)HPHP Software UpdateHPWuSchd2.exe" [2007-05-08 54840] . c:usersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup MagicDisc.lnk - c:program files (x86)MagicDiscMagicDisc.exe [2012-9-15 576000] . c:programdataMicrosoftWindowsStart MenuProgramsStartup HP Digital Imaging Monitor.lnk - c:program files (x86)HPDigital Imagingbinhpqtra08.exe [2009-5-21 275768] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:windowsSysWOW64nvinit.dll . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32] "wave6"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944] R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:windowssystem32DRIVERSAVerPola.sys [2011-01-04 534144] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:program filesIntelWiFibinPanDhcpDns.exe [2011-01-05 340240] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2012-11-15 19456] R3 Samsung UPD Service;Samsung UPD Service;c:windowsSystem32SUPDSvc.exe [2010-08-09 166704] R3 StkCMini;Syntek AVStream USB2.0 ATV;c:windowssystem32DriversStkCMini.sys [2010-04-16 1816968] R3 taphss6;Anchorfree HSS VPN Adapter;c:windowssystem32DRIVERStaphss6.sys [2012-11-01 40712] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2012-11-15 57856] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2012-07-25 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32DRIVERSwdcsam64.sys [2008-05-06 14464] R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:windowssystem32DRIVERSnvpciflt.sys [2010-12-14 25576] S0 SmartDefragDriver;SmartDefragDriver;c:windowsSystem32DriversSmartDefragDriver.sys [2010-11-26 17720] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-14 30568] S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:windowssystem32DriversSABI.sys [2009-05-28 13824] S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34];c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-09-19 22:12 147704] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2012-10-30 71600] S2 BBSvc;BingBar Service;c:program files (x86)MicrosoftBingBar7.1.361.0BBSvc.exe [2012-02-10 193816] S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-09-19 90640] S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-09-19 78352] S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-09-19 295440] S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:program filesIntelWiMAXBinDMAgent.exe [2011-06-06 498688] S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.sys [2012-08-02 158944] S2 MBAMScheduler;MBAMScheduler;c:program files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [2012-12-14 398184] S2 MBAMService;MBAMService;c:program files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2012-12-14 682344] S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:program files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe [2012-09-25 231752] S2 nlsX86cc;Nalpeiron Licensing Service;c:windowsSysWOW64nlssrv32.exe [2010-11-22 66560] S2 ntk_PowerDVD12;ntk_PowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-06-20 83704] S2 UNS;Intel® Management and Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-10-06 2655768] S2 WajamUpdater;WajamUpdater;c:program files (x86)WajamUpdaterWajamUpdater.exe [2012-10-05 109064] S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:program filesIntelWiMAXBinAppSrv.exe [2011-06-06 986112] S3 BBUpdate;BBUpdate;c:program files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe [2012-02-10 240408] S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:windowssystem32DRIVERSbpenum.sys [2011-05-19 84480] S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:windowssystem32DRIVERSbpmp.sys [2011-05-19 182272] S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:windowssystem32Driversbpusb.sys [2011-05-19 83968] S3 clwvd;CyberLink WebCam Virtual Driver;c:windowssystem32DRIVERSclwvd.sys [2010-11-10 31088] S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys [2010-11-12 138024] S3 IntcDAud;Intel® Display Audio;c:windowssystem32DRIVERSIntcDAud.sys [2010-10-15 317440] S3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [2012-12-14 24176] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:windowssystem32DRIVERSnusb3hub.sys [2010-10-11 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:windowssystem32DRIVERSnusb3xhc.sys [2010-10-11 180736] S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2011-06-10 539240] S3 wdkmd;Intel WiDi KMD;c:windowssystem32DRIVERSWDKMD.sys [2010-11-30 42392] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - NPF . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionsvchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2013-01-08 c:windowsTasksAdobe Flash Player Updater.job - c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-31 17:57] . 2013-01-08 c:windowsTasksSlimDrivers Startup.job - c:program files (x86)SlimDriversSlimDrivers.exe [2012-10-14 21:29] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 23:50 133400 ----a-w- c:program filesAVAST SoftwareAvastashShA64.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersIDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOTCLSID{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 23432 ----a-w- c:program files (x86)Internet Download ManagerIDMShellExt64.dll . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "IgfxTray"="c:windowssystem32igfxtray.exe" [2011-01-04 167960] "HotKeysCmds"="c:windowssystem32hkcmd.exe" [2011-01-04 391704] "Persistence"="c:windowssystem32igfxpers.exe" [2011-01-04 417304] "RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2010-11-30 11660904] "IntelWireless"="c:program filesCommon FilesIntelWirelessCommoniFrmewrk.exe" [2011-01-05 1933584] "ETDCtrl"="c:program files (x86)ElantechETDCtrl.exe" [bU] "IntelWirelessWiMAX"="c:program filesIntelWiMAXBinWiMAXCU.exe" [2011-06-02 1622016] . ------- Supplementary Scan ------- . uLocal Page = c:windowssystem32blank.htm mStart Page = hxxp://samsung.msn.com mLocal Page = c:windowsSysWOW64blank.htm IE: Download all links with IDM - c:program files (x86)Internet Download ManagerIEGetAll.htm IE: Download with IDM - c:program files (x86)Internet Download ManagerIEExt.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=287&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=5893014922044063&o=APN10645&q= FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com FF - ExtSQL: 2012-12-16 16:53; wrc@avast.com; c:program filesAVAST SoftwareAvastWebRepFF FF - ExtSQL: 2012-12-25 11:28; {f34c9277-6577-4dff-b2d7-7d58092f272f}; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions{f34c9277-6577-4dff-b2d7-7d58092f272f} FF - ExtSQL: 2013-01-04 11:34; smartwebprinting@hp.com; c:program files (x86)HPDigital ImagingSmart Web PrintingMozillaAddOn3 FF - ExtSQL: 2013-01-05 11:41; plugin@selectionlinks.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensionsplugin@selectionlinks.com FF - ExtSQL: !HIDDEN! 2013-01-04 11:34; smartwebprinting@hp.com; c:program files (x86)HPDigital ImagingSmart Web PrintingMozillaAddOn3 user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0); . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) AddRemove-Coupon Companion Plugin - c:program files (x86)Coupon Companion PluginUninstall.exe AddRemove-iLivid - c:usersOwnerAppDataLocaliLividuninstall.exe AddRemove-ilividtoolbarguid - c:progra~2SEARCH~1DatamngrSRTOOL~1uninstall.exe AddRemove-sl-dlc - c:program files (x86)OAppssl-dlc_uninstall.exe AddRemove-{681002C6-5019-81A2-7871-A43754F71E56} - c:programdataVaudixuninstall.exe . . . [HKEY_LOCAL_MACHINESYSTEMControlSet001services{73526619-C24F-470B-9BED-53D455FBB5C6}] "ImagePath"="??c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus] @="0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:program filesAVAST SoftwareAvastAvastSvc.exe c:program files (x86)Common FilesAdobeARM1.0armsvc.exe c:program files (x86)Malwarebytes' Anti-Malwarembamgui.exe c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe c:program files (x86)CyberLinkShared filesRichVideo.exe c:program files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe c:program files (x86)CyberLinkYouCamYCMMirage.exe c:program files (x86)SamsungEasy Display ManagerWifiManager.exe c:program files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe c:program files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe c:program files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe c:program files (x86)SamsungSamsung Support CenterSSCKbdHk.exe c:program files (x86)SamsungSamsung Update PlusSUPBackground.exe . ************************************************************************** . Completion time: 2013-01-07 20:46:12 - machine was rebooted ComboFix-quarantined-files.txt 2013-01-08 02:46 ComboFix2.txt 2013-01-08 00:48 ComboFix3.txt 2013-01-07 01:05 ComboFix4.txt 2012-12-20 00:53 ComboFix5.txt 2013-01-08 01:40 . Pre-Run: 72,261,410,816 bytes free Post-Run: 72,198,590,464 bytes free . - - End Of File - - FA40F5D9DC4DB580702125E78DB47E79
  7. Hello JonTom Here you go. I will keep my surffing to a minimum. https://www.virustotal.com/file/b23112ae291efae80aa7f9b1b119eb0da4e426930a23ee77a6a43288f3c0cbb9/analysis/1357595185/ https://www.virustotal.com/file/886e8ba792af1250b359c8ccd8834f4d7d77badc3e8deae9cb6d8e8577842df7/analysis/1357595560/
  8. ComboFix 12-12-19.02 - Owner 01/06/2013 18:33:42.6.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6055.4282 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe Command switches used :: c:usersOwnerDesktopCFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDownloadSetup.exe" "c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDropDownDealsSmartSetup.exe" "c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDropDownDealsSmartSetup_2.exe" "c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsPageRageSetupAff.exe" "c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsxvidsetup.exe" "c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsxvidsetup_2.exe" "c:program files (x86)ZuxxezBattle vs. ChessSKIDROW.dll" "c:usersOwnerAudio Record Wizard 3.99 Inc Crack - Mast3r-.rar" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDownloadSetup.exe c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDropDownDealsSmartSetup.exe c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDropDownDealsSmartSetup_2.exe c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsPageRageSetupAff.exe c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsxvidsetup.exe c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsxvidsetup_2.exe c:program files (x86)ZuxxezBattle vs. ChessSKIDROW.dll c:usersOwnerAudio Record Wizard 3.99 Inc Crack - Mast3r-.rar . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------Legacy_NPF -------Service_NPF . . ((((((((((((((((((((((((( Files Created from 2012-12-07 to 2013-01-07 ))))))))))))))))))))))))))))))) . . 2013-01-07 00:46 . 2013-01-07 00:46 -------- d-----w- c:usersPublicAppDataLocaltemp 2013-01-07 00:46 . 2013-01-07 00:46 -------- d-----w- c:usersDefaultAppDataLocaltemp 2013-01-07 00:46 . 2013-01-07 00:46 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp 2013-01-05 17:43 . 2013-01-05 17:43 -------- d-----w- c:program files (x86)WBFS to ISO 2013-01-05 17:41 . 2013-01-05 17:41 -------- d-----w- c:usersOwnerAppDataLocalCoupon Companion Plugin 2013-01-05 17:41 . 2013-01-05 17:41 -------- d-----w- c:program files (x86)OApps 2013-01-05 17:41 . 2013-01-05 17:41 -------- d-----w- c:program files (x86)Coupon Companion Plugin 2013-01-05 17:41 . 2013-01-05 17:41 -------- d-----w- c:usersOwnerAppDataLocalWajam 2013-01-05 17:40 . 2013-01-05 17:41 -------- d-----w- c:program files (x86)Wajam 2013-01-04 17:34 . 2013-01-04 17:34 -------- d-----w- c:usersOwnerAppDataRoamingYahoo! 2013-01-04 17:34 . 2013-01-04 17:34 -------- d-----w- c:programdataYahoo! Companion 2013-01-04 17:34 . 2013-01-04 17:34 -------- d-----w- c:program files (x86)Yahoo! 2013-01-04 17:33 . 2013-01-04 17:33 -------- d-----w- c:programdataHP Product Assistant 2013-01-04 17:33 . 2013-01-04 17:33 -------- d-----w- c:windowsSysWow64spool 2013-01-04 17:32 . 2013-01-04 17:32 -------- d-----w- c:program files (x86)Common FilesHP 2013-01-04 17:32 . 2013-01-04 17:32 -------- d-----w- c:program files (x86)Common FilesHewlett-Packard 2013-01-04 17:32 . 2013-01-04 17:32 -------- d-----w- c:windowshpoj4500g510a-f 2013-01-04 17:31 . 2013-01-04 17:34 -------- d-----w- c:program files (x86)HP 2013-01-04 17:29 . 2013-01-04 17:33 -------- d-----w- c:programdataHP 2013-01-04 12:36 . 2012-11-08 17:24 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{815A6954-172D-4B27-BDA6-DD421375ECF9}mpengine.dll 2013-01-02 19:47 . 2013-01-02 19:47 -------- d-----w- c:program files (x86)ESET 2012-12-28 15:33 . 2012-12-28 15:33 -------- d-----w- C:Hugo extras 2012-12-28 15:33 . 2012-12-28 15:33 -------- d-----w- C:Hugo 2012-12-26 14:13 . 2012-12-26 14:13 -------- d-----w- c:programdataboost_interprocess 2012-12-26 02:31 . 2012-12-31 16:16 -------- d-----w- c:usersOwnerAppDataRoamingMedia Player Lite 2012-12-26 02:28 . 2012-12-30 03:04 -------- d-----w- c:usersOwnerAppDataRoamingFileAssociationManager 2012-12-26 02:28 . 2012-12-26 02:28 -------- d-----w- c:program files (x86)FileAssociationManager 2012-12-26 02:27 . 2012-12-26 02:27 -------- d-----w- c:program files (x86)MediaPlayerLite 2012-12-26 00:57 . 2012-12-26 00:57 -------- d-----w- C:toolbarImages 2012-12-26 00:56 . 2012-12-26 00:57 -------- d-----w- c:usersOwnerAppDataLocalTorch 2012-12-25 19:54 . 2012-12-25 19:54 -------- d-----w- c:programdataBrowser Manager 2012-12-25 17:28 . 2012-06-27 19:26 773968 ----a-w- c:windowssystem32msvcr100.dll 2012-12-25 17:28 . 2012-12-25 17:28 -------- d-----w- c:programdataWincert 2012-12-25 17:27 . 2012-12-25 17:28 -------- d-----w- c:program files (x86)Search Results Toolbar 2012-12-25 17:27 . 2012-12-26 00:56 -------- d-----w- c:usersOwnerAppDataLocaliLivid 2012-12-23 17:43 . 2012-12-23 17:43 -------- d-----w- C:ted dvd files 2012-12-21 18:33 . 2012-12-29 21:41 -------- d-----w- c:usersOwnerAppDataRoamingdvdcss 2012-12-21 09:00 . 2012-12-16 17:11 46080 ----a-w- c:windowssystem32atmlib.dll 2012-12-21 09:00 . 2012-12-16 14:45 367616 ----a-w- c:windowssystem32atmfd.dll 2012-12-21 09:00 . 2012-12-16 14:13 295424 ----a-w- c:windowsSysWow64atmfd.dll 2012-12-21 09:00 . 2012-12-16 14:13 34304 ----a-w- c:windowsSysWow64atmlib.dll 2012-12-16 22:46 . 2012-10-30 23:51 370288 ----a-w- c:windowssystem32driversaswSP.sys 2012-12-16 22:46 . 2012-10-30 23:51 25232 ----a-w- c:windowssystem32driversaswFsBlk.sys 2012-12-16 22:46 . 2012-10-15 16:59 54072 ----a-w- c:windowssystem32driversaswRdr2.sys 2012-12-16 22:46 . 2012-10-30 23:51 59728 ----a-w- c:windowssystem32driversaswTdi.sys 2012-12-16 22:46 . 2012-10-30 23:51 984144 ----a-w- c:windowssystem32driversaswSnx.sys 2012-12-16 22:46 . 2012-10-30 23:51 71600 ----a-w- c:windowssystem32driversaswMonFlt.sys 2012-12-16 22:46 . 2012-10-30 23:51 41224 ----a-w- c:windowsavastSS.scr 2012-12-16 22:45 . 2012-10-30 23:50 227648 ----a-w- c:windowsSysWow64aswBoot.exe 2012-12-16 22:06 . 2012-12-16 22:07 -------- d-----w- c:usersOwnerAppDataLocalNETGEARGenie 2012-12-16 22:06 . 2012-12-16 22:06 369168 ----a-w- c:windowssystem32wpcap.dll 2012-12-16 22:06 . 2012-12-16 22:06 35344 ----a-w- c:windowssystem32driversnpf.sys 2012-12-16 22:06 . 2012-12-16 22:06 106000 ----a-w- c:windowssystem32packet.dll 2012-12-16 22:06 . 2012-12-16 22:06 -------- d-----w- c:program files (x86)NETGEAR Genie 2012-12-14 20:48 . 2012-12-14 20:48 -------- d-----w- c:program files (x86)uTorrent 2012-12-14 13:06 . 2012-11-14 07:06 17811968 ----a-w- c:windowssystem32mshtml.dll 2012-12-14 13:06 . 2012-11-14 06:32 10925568 ----a-w- c:windowssystem32ieframe.dll 2012-12-13 11:57 . 2012-11-02 05:59 478208 ----a-w- c:windowssystem32dpnet.dll 2012-12-13 11:57 . 2012-11-02 05:11 376832 ----a-w- c:windowsSysWow64dpnet.dll 2012-12-12 21:34 . 2012-12-13 00:47 -------- d-----w- c:usersOwnerAppDataRoamingatunes 2012-12-12 21:33 . 2012-12-12 21:33 -------- d-----w- c:program files (x86)aTunes 2012-12-12 17:44 . 2012-12-12 17:44 -------- d-----w- c:program files (x86)CheckPoint 2012-12-10 15:12 . 2012-12-10 15:12 -------- d-----w- C:FRACTURE EXTRAS . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-01-07 00:50 . 2012-11-14 20:30 15712 ----a-w- c:windowssystem32driversSWDUMon.sys 2012-12-26 01:25 . 2012-10-17 13:39 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCore-2Microsoft.MediaCenter.Sports.UI.dll 2012-12-26 01:25 . 2012-10-06 20:26 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkupmarkup.dll 2012-12-26 01:25 . 2012-10-06 20:26 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSMStartResources.dll 2012-12-14 13:10 . 2012-07-25 12:45 67413224 ----a-w- c:windowssystem32MRT.exe 2012-12-12 17:57 . 2012-07-31 00:28 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe 2012-12-12 17:57 . 2012-07-31 00:28 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl 2012-11-24 01:35 . 2012-10-06 20:26 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll 2012-11-15 01:51 . 2012-11-15 01:51 62976 ----a-w- c:windowssystem32TSWbPrxy.exe 2012-11-15 01:51 . 2012-11-15 01:51 57856 ----a-w- c:windowssystem32driversTsUsbFlt.sys 2012-11-15 01:51 . 2012-11-15 01:51 5773824 ----a-w- c:windowssystem32mstscax.dll 2012-11-15 01:51 . 2012-11-15 01:51 54272 ----a-w- c:windowssystem32MsRdpWebAccess.dll 2012-11-15 01:51 . 2012-11-15 01:51 4916224 ----a-w- c:windowsSysWow64mstscax.dll 2012-11-15 01:51 . 2012-11-15 01:51 46592 ----a-w- c:windowsSysWow64MsRdpWebAccess.dll 2012-11-15 01:51 . 2012-11-15 01:51 44032 ----a-w- c:windowssystem32tsgqec.dll 2012-11-15 01:51 . 2012-11-15 01:51 43520 ----a-w- c:windowssystem32TsUsbGDCoInstaller.dll 2012-11-15 01:51 . 2012-11-15 01:51 384000 ----a-w- c:windowssystem32wksprt.exe 2012-11-15 01:51 . 2012-11-15 01:51 37376 ----a-w- c:windowsSysWow64tsgqec.dll 2012-11-15 01:51 . 2012-11-15 01:51 322560 ----a-w- c:windowssystem32aaclient.dll 2012-11-15 01:51 . 2012-11-15 01:51 3174912 ----a-w- c:windowssystem32rdpcorets.dll 2012-11-15 01:51 . 2012-11-15 01:51 269312 ----a-w- c:windowsSysWow64aaclient.dll 2012-11-15 01:51 . 2012-11-15 01:51 243200 ----a-w- c:windowssystem32rdpudd.dll 2012-11-15 01:51 . 2012-11-15 01:51 228864 ----a-w- c:windowssystem32rdpendp_winip.dll 2012-11-15 01:51 . 2012-11-15 01:51 19456 ----a-w- c:windowssystem32driversrdpvideominiport.sys 2012-11-15 01:51 . 2012-11-15 01:51 192000 ----a-w- c:windowsSysWow64rdpendp_winip.dll 2012-11-15 01:51 . 2012-11-15 01:51 18432 ----a-w- c:windowssystem32wksprtPS.dll 2012-11-15 01:51 . 2012-11-15 01:51 16896 ----a-w- c:windowsSysWow64wksprtPS.dll 2012-11-15 01:51 . 2012-11-15 01:51 15360 ----a-w- c:windowssystem32RdpGroupPolicyExtension.dll 2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyExtension.dll 2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyControl.exe 2012-11-15 01:51 . 2012-11-15 01:51 1123840 ----a-w- c:windowssystem32mstsc.exe 2012-11-15 01:51 . 2012-11-15 01:51 1048064 ----a-w- c:windowsSysWow64mstsc.exe 2012-11-15 01:50 . 2012-11-15 01:50 96768 ----a-w- c:windowsSysWow64sspicli.dll 2012-11-15 01:50 . 2012-11-15 01:50 458712 ----a-w- c:windowssystem32driverscng.sys 2012-11-15 01:50 . 2012-11-15 01:50 340992 ----a-w- c:windowssystem32schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 307200 ----a-w- c:windowssystem32ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 247808 ----a-w- c:windowsSysWow64schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 220160 ----a-w- c:windowsSysWow64ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 22016 ----a-w- c:windowsSysWow64secur32.dll 2012-11-15 01:50 . 2012-11-15 01:50 154480 ----a-w- c:windowssystem32driversksecpkg.sys 2012-11-15 01:50 . 2012-11-15 01:50 1448448 ----a-w- c:windowssystem32lsasrv.dll 2012-11-15 01:49 . 2012-11-15 01:49 514560 ----a-w- c:windowsSysWow64qdvd.dll 2012-11-15 01:49 . 2012-11-15 01:49 366592 ----a-w- c:windowssystem32qdvd.dll 2012-11-14 20:32 . 2012-11-14 20:32 30568 ----a-w- c:windowssystem32driversavgtpx64.sys 2012-11-01 18:31 . 2012-11-01 18:31 40712 ----a-w- c:windowssystem32driverstaphss6.sys 2012-11-01 18:25 . 2012-11-01 18:25 42248 ----a-w- c:windowssystem32drivershssdrv6.sys 2012-10-30 23:50 . 2012-08-03 22:43 285328 ----a-w- c:windowssystem32aswBoot.exe 2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:windowsSysWow64QuickTimeVR.qtx 2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:windowsSysWow64QuickTime.qts 2012-10-22 22:34 . 2012-10-22 22:34 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll 2012-10-22 22:34 . 2012-10-22 22:35 821736 ----a-w- c:windowsSysWow64npDeployJava1.dll 2012-10-22 22:34 . 2012-10-22 22:35 746984 ----a-w- c:windowsSysWow64deployJava1.dll 2012-10-17 13:39 . 2012-10-17 13:39 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkup-2markup.dll 2012-10-17 13:37 . 2012-10-17 13:37 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSM-2StartResources.dll 2012-10-16 08:38 . 2012-12-13 11:57 135168 ----a-w- c:windowsapppatchAppPatch64AcXtrnal.dll 2012-10-16 08:38 . 2012-12-13 11:57 350208 ----a-w- c:windowsapppatchAppPatch64AcLayers.dll 2012-10-16 07:39 . 2012-12-13 11:57 561664 ----a-w- c:windowsapppatchAcLayers.dll 2012-10-09 18:17 . 2012-11-15 12:36 55296 ----a-w- c:windowssystem32dhcpcsvc6.dll 2012-10-09 18:17 . 2012-11-15 12:36 226816 ----a-w- c:windowssystem32dhcpcore6.dll 2012-10-09 17:40 . 2012-11-15 12:36 44032 ----a-w- c:windowsSysWow64dhcpcsvc6.dll 2012-10-09 17:40 . 2012-11-15 12:36 193536 ----a-w- c:windowsSysWow64dhcpcore6.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{11111111-1111-1111-1111-110211181104}] 2013-01-05 17:41 613376 ----a-w- c:program files (x86)Coupon Companion PluginCoupon Companion Plugin.dll . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{300BEC06-B743-4D19-86B9-11DC711D7FFB}] 2013-01-05 17:41 483328 ----a-w- c:program files (x86)OAppsSelectionLinks.dll . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}] . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE}] c:programdataVaudix508d42f54b62d.ocx [bU] . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{f34c9277-6577-4dff-b2d7-7d58092f272f}] 2012-09-24 23:01 89288 ----a-w- c:progra~2SEARCH~1DatamngrSRTOOL~1searchresultsDx.dll . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar] "{f34c9277-6577-4dff-b2d7-7d58092f272f}"= "c:progra~2SEARCH~1DatamngrSRTOOL~1searchresultsDx.dll" [2012-09-24 89288] . [HKEY_CLASSES_ROOTclsid{f34c9277-6577-4dff-b2d7-7d58092f272f}] . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "IDMan"="c:program files (x86)Internet Download ManagerIDMan.exe" [2012-09-01 3528128] "Xvid"="c:program files (x86)XvidCheckUpdate.exe" [2011-01-17 8192] "Spotify Web Helper"="c:usersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe" [2012-10-28 1199576] "NETGEARGenie"="c:program files (x86)NETGEAR GeniebinNETGEARGenie.exe" [2012-10-16 1041736] "AnyDVD"="c:program files (x86)SlySoftAnyDVDAnyDVDtray.exe" [2012-12-20 6750448] . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun] "CLMLServer"="c:program files (x86)CyberLinkPower2GoCLMLSvc.exe" [2009-11-02 103720] "Samsung PanelMgr"="c:windowsSamsungPanelMgrSSMMgr.exe" [2010-06-08 618496] "UVS10 Preload"="c:program files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe" [2006-03-07 36864] "UpdatePPShortCut"="c:program files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" [2009-05-20 222504] "Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848] "APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-10-12 59280] "PowerDVD12DMREngine"="c:program files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [2012-09-19 505872] "PowerDVD12Agent"="c:program files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [2012-09-19 374560] "QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-10-25 421888] "avast"="c:program filesAVAST SoftwareAvastavastUI.exe" [2012-10-30 4297136] "MindDabble Search Scope Monitor"="c:progra~2MINDDA~2bar2.bin4psrchmn.exe" [2012-12-26 42536] "HP Software Update"="c:program files (x86)HPHP Software UpdateHPWuSchd2.exe" [2007-05-08 54840] . c:usersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup MagicDisc.lnk - c:program files (x86)MagicDiscMagicDisc.exe [2012-9-15 576000] . c:programdataMicrosoftWindowsStart MenuProgramsStartup HP Digital Imaging Monitor.lnk - c:program files (x86)HPDigital Imagingbinhpqtra08.exe [2009-5-21 275768] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:progra~2SEARCH~1Datamngrdatamngr.dll c:progra~2SEARCH~1DatamngrIEBHO.dll c:windowsSysWOW64nvinit.dll . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32] "wave6"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944] R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:windowssystem32DRIVERSAVerPola.sys [2011-01-04 534144] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:program filesIntelWiFibinPanDhcpDns.exe [2011-01-05 340240] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2012-11-15 19456] R3 Samsung UPD Service;Samsung UPD Service;c:windowsSystem32SUPDSvc.exe [2010-08-09 166704] R3 StkCMini;Syntek AVStream USB2.0 ATV;c:windowssystem32DriversStkCMini.sys [2010-04-16 1816968] R3 taphss6;Anchorfree HSS VPN Adapter;c:windowssystem32DRIVERStaphss6.sys [2012-11-01 40712] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2012-11-15 57856] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2012-07-25 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32DRIVERSwdcsam64.sys [2008-05-06 14464] R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:windowssystem32DRIVERSnvpciflt.sys [2010-12-14 25576] S0 SmartDefragDriver;SmartDefragDriver;c:windowsSystem32DriversSmartDefragDriver.sys [2010-11-26 17720] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-14 30568] S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:windowssystem32DriversSABI.sys [2009-05-28 13824] S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34];c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-09-19 22:12 147704] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2012-10-30 71600] S2 BBSvc;BingBar Service;c:program files (x86)MicrosoftBingBar7.1.361.0BBSvc.exe [2012-02-10 193816] S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-09-19 90640] S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-09-19 78352] S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-09-19 295440] S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:program filesIntelWiMAXBinDMAgent.exe [2011-06-06 498688] S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.sys [2012-08-02 158944] S2 MindDabble_4pService;MindDabbleService;c:progra~2MINDDA~2bar2.bin4pbarsvc.exe [2012-12-26 42504] S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:program files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe [2012-09-25 231752] S2 nlsX86cc;Nalpeiron Licensing Service;c:windowsSysWOW64nlssrv32.exe [2010-11-22 66560] S2 ntk_PowerDVD12;ntk_PowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-06-20 83704] S2 UNS;Intel® Management and Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-10-06 2655768] S2 WajamUpdater;WajamUpdater;c:program files (x86)WajamUpdaterWajamUpdater.exe [2012-10-05 109064] S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:program filesIntelWiMAXBinAppSrv.exe [2011-06-06 986112] S3 BBUpdate;BBUpdate;c:program files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe [2012-02-10 240408] S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:windowssystem32DRIVERSbpenum.sys [2011-05-19 84480] S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:windowssystem32DRIVERSbpmp.sys [2011-05-19 182272] S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:windowssystem32Driversbpusb.sys [2011-05-19 83968] S3 clwvd;CyberLink WebCam Virtual Driver;c:windowssystem32DRIVERSclwvd.sys [2010-11-10 31088] S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys [2010-11-12 138024] S3 IntcDAud;Intel® Display Audio;c:windowssystem32DRIVERSIntcDAud.sys [2010-10-15 317440] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:windowssystem32DRIVERSnusb3hub.sys [2010-10-11 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:windowssystem32DRIVERSnusb3xhc.sys [2010-10-11 180736] S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2011-06-10 539240] S3 wdkmd;Intel WiDi KMD;c:windowssystem32DRIVERSWDKMD.sys [2010-11-30 42392] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - NPF . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionsvchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2013-01-07 c:windowsTasksAdobe Flash Player Updater.job - c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-31 17:57] . 2013-01-07 c:windowsTasksSlimDrivers Startup.job - c:program files (x86)SlimDriversSlimDrivers.exe [2012-10-14 21:29] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 23:50 133400 ----a-w- c:program filesAVAST SoftwareAvastashShA64.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersIDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOTCLSID{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 23432 ----a-w- c:program files (x86)Internet Download ManagerIDMShellExt64.dll . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "IgfxTray"="c:windowssystem32igfxtray.exe" [2011-01-04 167960] "HotKeysCmds"="c:windowssystem32hkcmd.exe" [2011-01-04 391704] "Persistence"="c:windowssystem32igfxpers.exe" [2011-01-04 417304] "RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2010-11-30 11660904] "IntelWireless"="c:program filesCommon FilesIntelWirelessCommoniFrmewrk.exe" [2011-01-05 1933584] "ETDCtrl"="c:program files (x86)ElantechETDCtrl.exe" [bU] "IntelWirelessWiMAX"="c:program filesIntelWiMAXBinWiMAXCU.exe" [2011-06-02 1622016] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows] "AppInit_DLLs"=c:progra~2SEARCH~1Datamngrx64datamngr.dll c:progra~2SEARCH~1Datamngrx64IEBHO.dll c:windowsSystem32nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:windowssystem32blank.htm uStart Page = hxxp://www.searchnu.com/406 mStart Page = hxxp://samsung.msn.com mLocal Page = c:windowsSysWOW64blank.htm IE: Download all links with IDM - c:program files (x86)Internet Download ManagerIEGetAll.htm IE: Download with IDM - c:program files (x86)Internet Download ManagerIEExt.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default FF - prefs.js: browser.startup.homepage - hxxp://www.searchnu.com/406 FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=287&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=5893014922044063&o=APN10645&q= FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com FF - ExtSQL: 2012-12-16 16:53; wrc@avast.com; c:program filesAVAST SoftwareAvastWebRepFF FF - ExtSQL: 2012-12-25 11:28; {f34c9277-6577-4dff-b2d7-7d58092f272f}; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions{f34c9277-6577-4dff-b2d7-7d58092f272f} FF - ExtSQL: 2012-12-25 11:28; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:program files (x86)Search Results ToolbarDatamngrFirefoxExtension FF - ExtSQL: 2013-01-04 11:34; smartwebprinting@hp.com; c:program files (x86)HPDigital ImagingSmart Web PrintingMozillaAddOn3 FF - ExtSQL: 2013-01-05 11:41; plugin@selectionlinks.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensionsplugin@selectionlinks.com FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:program files (x86)MindDabble_4pbar2.bin FF - ExtSQL: !HIDDEN! 2012-12-25 11:28; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:program files (x86)Search Results ToolbarDatamngrFirefoxExtension FF - ExtSQL: !HIDDEN! 2013-01-04 11:34; smartwebprinting@hp.com; c:program files (x86)HPDigital ImagingSmart Web PrintingMozillaAddOn3 user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0); . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) Toolbar-10 - (no file) AddRemove-{681002C6-5019-81A2-7871-A43754F71E56} - c:programdataVaudixuninstall.exe . . . [HKEY_LOCAL_MACHINESYSTEMControlSet001services{73526619-C24F-470B-9BED-53D455FBB5C6}] "ImagePath"="??c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):c5,88,12,3d,a1,66,02,aa,b6,69,27,77,2a,36,ce,6b,62,5d,c5,5b,dd, 32,c3,0e,3c,fd,35,14,a9,f8,c3,8a,76,15,a2,42,fb,fb,4e,66,00,00,00,00,00,00, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):92,20,a6,2c,ac,da,97,ad,d1,24,a3,f8,5b,7f,d7,fc,ab,59,6e,1b,bf, 51,95,0a,ae,4d,7b,37,63,5b,fa,ad,73,d0,1a,32,83,42,de,9e,00,00,00,00,00,00, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{b5572adb-f71b-41a1-ad6e-0832b120e9ea}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:000000f0 "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,85,b1,12,f9,90,dd,23,a1,46,8f,3c,f2,5c,68,ee,21,c4,91,5d,38,fc,54, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{c9fa1039-b2b9-4ecb-85ad-32f7d18bc0ed}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000012c "Therad"=dword:00000001 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68, . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus] @="0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:program filesAVAST SoftwareAvastAvastSvc.exe c:program files (x86)Common FilesAdobeARM1.0armsvc.exe c:program files (x86)IObitSmart Defrag 2SmartDefrag.exe c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe c:program files (x86)CyberLinkShared filesRichVideo.exe c:program files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe c:program files (x86)SamsungEasy Display ManagerWifiManager.exe c:program files (x86)CyberLinkYouCamYCMMirage.exe c:program files (x86)SAMSUNGEasySpeedUpManagerEasySpeedUpManager.exe c:program files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe c:program files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe c:program files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe c:program files (x86)SamsungSamsung Support CenterSSCKbdHk.exe c:program files (x86)SamsungSamsung Update PlusSUPBackground.exe . ************************************************************************** . Completion time: 2013-01-06 19:05:02 - machine was rebooted ComboFix-quarantined-files.txt 2013-01-07 01:04 ComboFix2.txt 2012-12-20 00:53 ComboFix3.txt 2012-12-19 19:31 ComboFix4.txt 2012-12-18 18:54 ComboFix5.txt 2013-01-07 00:30 . Pre-Run: 76,447,506,432 bytes free Post-Run: 76,018,339,840 bytes free . - - End Of File - - 508483E5C4C2B9B0765BA8977E257860
  9. C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDownloadSetup.exe Win32/Adware.1ClickDownload.C application C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDropDownDealsSmartSetup.exe multiple threats C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDropDownDealsSmartSetup_2.exe multiple threats C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsPageRageSetupAff.exe multiple threats C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsxvidsetup.exe a variant of Win32/Obfuscated.NER trojan C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsxvidsetup_2.exe a variant of Win32/Obfuscated.NER trojan C:Program Files (x86)ZuxxezBattle vs. ChessSKIDROW.dll a variant of Win32/Packed.VMProtect.AAA trojan C:QooboxQuarantineCNew folder (2)Geek Squad Backup 07.09.2012BACKUP CONTINUEDAudio Record Wizard 3.99 Inc Crack - Mast3r-CrackARWizard3.exe.vir probably a variant of Win32/TrojanDropper.Agent.NHZIJQ trojan C:QooboxQuarantineCProgramDataVaudix508d42f54b62d.ocx.vir Win32/Adware.MultiPlug.D application C:QooboxQuarantineCProgramDataVaudix508d44c452574.ocx.vir Win32/Adware.MultiPlug.D application C:QooboxQuarantineCUsersOwnerAudio Record Wizard 3.99 Inc Crack - Mast3r-audio recordAudio Record Wizard 3.99 Inc Crack - Mast3r-CrackARWizard3.exe.vir probably a variant of Win32/TrojanDropper.Agent.NHZIJQ trojan C:UsersOwnerAudio Record Wizard 3.99 Inc Crack - Mast3r-.rar probably a variant of Win32/TrojanDropper.Agent.NHZIJQ trojan DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2 Run by Owner at 18:32:59 on 2013-01-02 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6055.3566 [GMT -6:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:Windowssystem32lsm.exe C:Windowssystem32svchost.exe -k DcomLaunch C:Windowssystem32nvvsvc.exe C:Windowssystem32svchost.exe -k RPCSS C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:Windowssystem32svchost.exe -k netsvcs C:Windowssystem32svchost.exe -k GPSvcGroup C:Windowssystem32svchost.exe -k LocalService C:Windowssystem32svchost.exe -k NetworkService C:Program FilesNVIDIA CorporationDisplayNvXDSync.exe C:Windowssystem32WLANExt.exe C:Program FilesAVAST SoftwareAvastAvastSvc.exe C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:WindowsSystem32spoolsv.exe C:Windowssystem32svchost.exe -k LocalServiceNoNetwork C:Windowssystem32taskhost.exe C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe C:Windowssystem32taskeng.exe C:WindowsSystem32hkcmd.exe C:WindowsSystem32igfxpers.exe C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe C:Program FilesIntelWiFibinEvtEng.exe C:PROGRA~2MINDDA~2bar2.bin4pbarsvc.exe C:Program Files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe C:Program FilesRealtekAudioHDARAVCpl64.exe C:WindowsSysWOW64nlssrv32.exe C:Program Files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe C:Program Files (x86)CyberLinkShared filesRichVideo.exe C:Windowssystem32svchost.exe -k imgsvc C:Program Files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe C:Program FilesIntelWiMAXBinAppSrv.exe C:WindowsSystem32svchost.exe -k secsvcs C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE C:Program FilesIntelWiMAXBinDMAgent.exe C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe C:Windowssystem32wbemunsecapp.exe C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted C:Windowssystem32wbemwmiprvse.exe C:Windowssystem32taskeng.exe C:Program Files (x86)SamsungEasy Display ManagerWifiManager.exe C:Program Files (x86)CyberLinkYouCamYCMMirage.exe C:Program FilesSRS LabsSRS Premium Sound Control Panelsrspremiumpanel_64.exe C:Program Files (x86)SamsungEasy Display Managerdmhkcore.exe C:Windowssystem32SearchIndexer.exe C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe C:Program FilesElantechETDCtrl.exe C:Program FilesIntelWiMAXBinWiMAXCU.exe C:Program FilesWindows Media Playerwmpnetwk.exe C:Windowssystem32wbemunsecapp.exe C:Program Files (x86)SAMSUNGEasySpeedUpManagerEasySpeedUpManager.exe C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation C:UsersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe C:Program Files (x86)NETGEAR GeniebinNETGEARGenie.exe C:Program FilesElantechETDCtrlHelper.exe C:Program Files (x86)Internet Download ManagerIEMonitor.exe C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe C:Program Files (x86)MagicDiscMagicDisc.exe C:Windowssystem32igfxext.exe C:Windowssystem32igfxsrvc.exe C:Program Files (x86)Common FilesJavaJava Updatejusched.exe C:Program Files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe C:Program Files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe C:Program Files (x86)QuickTimeQTTask.exe C:Program FilesAVAST SoftwareAvastAvastUI.exe C:Program Files (x86)Search Results ToolbarDatamngrdatamngrUI.exe C:Program Files (x86)NETGEAR Geniebingenie2_tray.exe C:WindowsSystem32svchost.exe -k LocalServicePeerNet C:Windowssplwow64.exe C:Program Files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe C:Program FilesSamsungSamsungFastStartSmartRestarter.exe C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe C:Program Files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe C:Program Files (x86)SamsungSamsung Support CenterSSCKbdHk.exe C:Program Files (x86)SamsungSamsung Update PlusSUPBackground.exe C:Program Files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe C:WindowsSysWOW64ctfmon.exe C:Program Files (x86)Mozilla Firefoxfirefox.exe C:Program Files (x86)Mozilla Firefoxplugin-container.exe C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_5_502_135.exe C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_5_502_135.exe C:Windowssystem32wbemwmiprvse.exe C:WindowsSystem32cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.searchnu.com/406 mStart Page = hxxp://samsung.msn.com BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:Program Files (x86)Windows LiveCompanioncompanioncore.dll BHO: W2PBrowser Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:Program FilesSamsung AnyWeb PrintW2PBrowser.dll BHO: DataMngr: {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:Program Files (x86)Search Results ToolbarDatamngrBrowserConnection.dll BHO: Vaudix Class: {D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE} - BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:Program Files (x86)MicrosoftBingBar7.1.361.0BingExt.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll BHO: Search-Results Toolbar: {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:Program Files (x86)Search Results ToolbarDatamngrSRTOOL~1searchresultsDx.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll TB: Search-Results Toolbar: {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:Program Files (x86)Search Results ToolbarDatamngrSRTOOL~1searchresultsDx.dll uRun: [iDMan] C:Program Files (x86)Internet Download ManagerIDMan.exe /onboot uRun: [Xvid] C:Program Files (x86)XvidCheckUpdate.exe uRun: [spotify Web Helper] "C:UsersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe" uRun: [NETGEARGenie] "C:Program Files (x86)NETGEAR GeniebinNETGEARGenie.exe" -mini -redirect uRun: [AnyDVD] C:Program Files (x86)SlySoftAnyDVDAnyDVDtray.exe mRun: [CLMLServer] "C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe" mRun: [samsung PanelMgr] C:WindowsSamsungPanelMgrSSMMgr.exe /autorun mRun: [uVS10 Preload] C:Program Files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe mRun: [updatePPShortCut] "C:Program Files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" "C:Program Files (x86)CyberLinkPowerProducer" UpdateWithCreateOnce "SoftwareCyberLinkPowerProducer5.0" mRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe" mRun: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" mRun: [PowerDVD12DMREngine] "C:Program Files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" mRun: [PowerDVD12Agent] "C:Program Files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" mRun: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime mRun: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /nogui mRun: [DATAMNGR] C:PROGRA~2SEARCH~1DatamngrDATAMN~1.EXE mRun: [MindDabble Search Scope Monitor] "C:PROGRA~2MINDDA~2bar2.bin4psrchmn.exe" /m=2 /w /h StartupFolder: C:UsersOwnerAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupMAGICD~1.LNK - C:Program Files (x86)MagicDiscMagicDisc.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Download all links with IDM - C:Program Files (x86)Internet Download ManagerIEGetAll.htm IE: Download with IDM - C:Program Files (x86)Internet Download ManagerIEExt.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:Program Files (x86)Windows LiveCompanioncompanioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:Program FilesSamsung AnyWeb PrintW2PBrowser.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} - hxxp://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces{EF589019-EF09-4585-8068-B38719BE845F} : DHCPNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll AppInit_DLLs= C:PROGRA~3WincertWIN32C~1.DLL C:PROGRA~2SEARCH~1Datamngrdatamngr.dll C:PROGRA~2SEARCH~1DatamngrIEBHO.dll C:WindowsSysWOW64nvinit.dll SSODL: WebCheck - <orphaned> x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program Files (x86)Internet Download ManagerIDMIECC64.dll x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll x64-BHO: DataMngr: {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:Program Files (x86)Search Results ToolbarDatamngrx64BrowserConnection.dll x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll x64-Run: [igfxTray] C:WindowsSystem32igfxtray.exe x64-Run: [HotKeysCmds] C:WindowsSystem32hkcmd.exe x64-Run: [Persistence] C:WindowsSystem32igfxpers.exe x64-Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s x64-Run: [intelWireless] "C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe" /tf Intel Wireless Tray x64-Run: [ETDCtrl] C:Program Files (x86)ElantechETDCtrl.exe x64-Run: [intelWirelessWiMAX] "C:Program FilesIntelWiMAXBinWiMAXCU.exe" /tasktray /nosplash x64-DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default FF - prefs.js: browser.startup.homepage - hxxp://www.searchnu.com/406 FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=287&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=5893014922044063&o=APN10645&q= FF - plugin: C:PROGRA~2MEADCO~1npmeadax.dll FF - plugin: C:Program Files (x86)AdobeReader 10.0ReaderAIRnppdf32.dll FF - plugin: C:Program Files (x86)Javajre7binplugin2npjp2.dll FF - plugin: c:Program Files (x86)Microsoft Silverlight5.1.10411.0npctrlui.dll FF - plugin: C:Program Files (x86)MindDabble_4pbar2.binNP4pStub.dll FF - plugin: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll FF - plugin: C:WindowsSysWOW64MacromedFlashNPSWF32_11_5_502_135.dll FF - plugin: C:WindowsSysWOW64npDeployJava1.dll FF - plugin: C:WindowsSysWOW64npmproxy.dll FF - ExtSQL: 2012-11-04 18:39; 50970cb9d50ba@50970cb9d50f3.com; C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions50970cb9d50ba@50970cb9d50f3.com.xpi FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com FF - ExtSQL: 2012-12-16 16:53; wrc@avast.com; C:Program FilesAVAST SoftwareAvastWebRepFF FF - ExtSQL: 2012-12-25 11:28; {f34c9277-6577-4dff-b2d7-7d58092f272f}; C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions{f34c9277-6577-4dff-b2d7-7d58092f272f} FF - ExtSQL: 2012-12-25 11:28; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; C:Program Files (x86)Search Results ToolbarDatamngrFirefoxExtension FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; C:Program Files (x86)MindDabble_4pbar2.bin FF - ExtSQL: !HIDDEN! 2012-12-25 11:28; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; C:Program Files (x86)Search Results ToolbarDatamngrFirefoxExtension . ============= SERVICES / DRIVERS =============== . R0 nvpciflt;nvpciflt;C:WindowsSystem32driversnvpciflt.sys [2011-2-20 25576] R0 SmartDefragDriver;SmartDefragDriver;C:WindowsSystem32driversSmartDefragDriver.sys [2012-11-21 17720] R1 aswSnx;aswSnx;C:WindowsSystem32driversaswSnx.sys [2012-12-16 984144] R1 aswSP;aswSP;C:WindowsSystem32driversaswSP.sys [2012-12-16 370288] R1 avgtp;avgtp;C:WindowsSystem32driversavgtpx64.sys [2012-11-14 30568] R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:WindowsSystem32driversSABI.sys [2011-2-20 13824] R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34:12];C:Program Files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-9-19 147704] R2 aswFsBlk;aswFsBlk;C:WindowsSystem32driversaswFsBlk.sys [2012-12-16 25232] R2 aswMonFlt;aswMonFlt;C:WindowsSystem32driversaswMonFlt.sys [2012-12-16 71600] R2 avast! Antivirus;avast! Antivirus;C:Program FilesAVAST SoftwareAvastAvastSvc.exe [2012-12-16 44808] R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-11-9 90640] R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-11-9 78352] R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-11-9 295440] R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:Program FilesIntelWiMAXBinDMAgent.exe [2011-6-6 498688] R2 IDMWFP;IDMWFP;C:WindowsSystem32driversidmwfp.sys [2012-8-31 158944] R2 MindDabble_4pService;MindDabbleService;C:PROGRA~2MINDDA~2bar2.bin4pbarsvc.exe [2012-12-26 42504] R2 NETGEARGenieDaemon;NETGEARGenieDaemon;C:Program Files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe [2012-9-25 231752] R2 nlsX86cc;Nalpeiron Licensing Service;C:WindowsSysWOW64nlssrv32.exe [2012-9-11 66560] R2 ntk_PowerDVD12;ntk_PowerDVD12;C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-11-9 83704] R2 UNS;Intel® Management and Security Application User Notification Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2011-2-20 2655768] R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:Program FilesIntelWiMAXBinAppSrv.exe [2011-6-6 986112] R3 BBUpdate;BBUpdate;C:Program Files (x86)MicrosoftBingBar7.1.361.0SeaPort.EXE [2012-2-10 240408] R3 bpenum;Intel® Centrino® WiMAX Enumerator;C:WindowsSystem32driversbpenum.sys [2011-5-19 84480] R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:WindowsSystem32driversbpmp.sys [2011-5-19 182272] R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;C:WindowsSystem32driversbpusb.sys [2011-5-19 83968] R3 clwvd;CyberLink WebCam Virtual Driver;C:WindowsSystem32driversclwvd.sys [2010-11-10 31088] R3 ETD;ELAN PS/2 Port Input Device;C:WindowsSystem32driversETD.sys [2011-2-21 138024] R3 IntcDAud;Intel® Display Audio;C:WindowsSystem32driversIntcDAud.sys [2011-2-21 317440] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:WindowsSystem32driversnusb3hub.sys [2010-10-11 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:WindowsSystem32driversnusb3xhc.sys [2010-10-11 180736] R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2012-8-6 539240] R3 wdkmd;Intel WiDi KMD;C:WindowsSystem32driversWDKMD.sys [2010-11-30 42392] S2 BBSvc;BingBar Service;C:Program Files (x86)MicrosoftBingBar7.1.361.0BBSvc.EXE [2012-2-10 193816] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2012-7-13 160944] S3 AVerPola;AVerMedia USB Polaris Series Capture Service;C:WindowsSystem32driversAVerPola.sys [2012-9-20 534144] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:Program FilesIntelWiFibinPanDhcpDns.exe [2011-1-4 340240] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:WindowsSystem32driversrdpvideominiport.sys [2012-11-14 19456] S3 Samsung UPD Service;Samsung UPD Service;C:WindowsSystem32SUPDSvc.exe [2011-2-20 166704] S3 StkCMini;Syntek AVStream USB2.0 ATV;C:WindowsSystem32driversStkCMini.sys [2012-8-9 1816968] S3 taphss6;Anchorfree HSS VPN Adapter;C:WindowsSystem32driverstaphss6.sys [2012-11-1 40712] S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2012-11-14 57856] S3 WatAdminSvc;Windows Activation Technologies Service;C:WindowsSystem32WatWatAdminSvc.exe [2012-7-25 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:WindowsSystem32driverswdcsam64.sys [2008-5-6 14464] S4 wlcrasvc;Windows Live Mesh remote connections service;C:Program FilesWindows LiveMeshwlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-01-02 19:47:18 -------- d-----w- C:Program Files (x86)ESET 2013-01-02 17:17:07 76232 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{9177B41E-E962-4833-8513-3DF4D9FED774}offreg.dll 2013-01-01 17:37:46 9125352 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{9177B41E-E962-4833-8513-3DF4D9FED774}mpengine.dll 2012-12-28 15:33:46 -------- d-----w- C:Hugo extras 2012-12-28 15:33:23 -------- d-----w- C:Hugo 2012-12-26 14:13:18 -------- d-----w- C:ProgramDataboost_interprocess 2012-12-26 02:31:41 -------- d-----w- C:UsersOwnerAppDataRoamingMedia Player Lite 2012-12-26 02:28:05 -------- d-----w- C:UsersOwnerAppDataRoamingFileAssociationManager 2012-12-26 02:28:01 -------- d-----w- C:Program Files (x86)FileAssociationManager 2012-12-26 02:27:58 -------- d-----w- C:Program Files (x86)MediaPlayerLite 2012-12-26 00:57:17 -------- d-----w- C:toolbarImages 2012-12-26 00:56:31 -------- d-----w- C:UsersOwnerAppDataLocalTorch 2012-12-25 19:54:23 -------- d-----w- C:ProgramDataBrowser Manager 2012-12-25 17:28:45 773968 ----a-w- C:WindowsSystem32msvcr100.dll 2012-12-25 17:28:12 -------- d-----w- C:ProgramDataWincert 2012-12-25 17:27:59 -------- d-----w- C:Program Files (x86)Search Results Toolbar 2012-12-25 17:27:39 -------- d-----w- C:UsersOwnerAppDataLocaliLivid 2012-12-23 17:43:36 -------- d-----w- C:ted dvd files 2012-12-21 09:00:35 46080 ----a-w- C:WindowsSystem32atmlib.dll 2012-12-21 09:00:35 367616 ----a-w- C:WindowsSystem32atmfd.dll 2012-12-21 09:00:35 34304 ----a-w- C:WindowsSysWow64atmlib.dll 2012-12-21 09:00:35 295424 ----a-w- C:WindowsSysWow64atmfd.dll 2012-12-20 00:39:31 -------- d-----w- C:$RECYCLE.BIN 2012-12-16 22:46:33 54072 ----a-w- C:WindowsSystem32driversaswRdr2.sys 2012-12-16 22:46:32 984144 ----a-w- C:WindowsSystem32driversaswSnx.sys 2012-12-16 22:46:29 71600 ----a-w- C:WindowsSystem32driversaswMonFlt.sys 2012-12-16 22:46:00 41224 ----a-w- C:WindowsavastSS.scr 2012-12-16 22:06:49 -------- d-----w- C:UsersOwnerAppDataLocalNETGEARGenie 2012-12-16 22:06:40 369168 ----a-w- C:WindowsSystem32wpcap.dll 2012-12-16 22:06:40 35344 ----a-w- C:WindowsSystem32driversnpf.sys 2012-12-16 22:06:40 106000 ----a-w- C:WindowsSystem32packet.dll 2012-12-16 22:06:32 -------- d-----w- C:Program Files (x86)NETGEAR Genie 2012-12-14 20:48:35 -------- d-----w- C:Program Files (x86)uTorrent 2012-12-13 11:57:59 478208 ----a-w- C:WindowsSystem32dpnet.dll 2012-12-13 11:57:59 376832 ----a-w- C:WindowsSysWow64dpnet.dll 2012-12-12 21:34:58 -------- d-----w- C:UsersOwnerAppDataRoamingatunes 2012-12-12 21:33:11 -------- d-----w- C:Program Files (x86)aTunes 2012-12-12 17:44:07 -------- d-----w- C:Program Files (x86)CheckPoint 2012-12-10 15:12:05 -------- d-----w- C:FRACTURE EXTRAS 2012-12-05 17:06:24 96224 ----a-w- C:Program Files (x86)Mozilla Firefoxwebapprt-stub.exe 2012-12-05 17:06:24 270816 ----a-w- C:Program Files (x86)Mozilla Firefoxupdater.exe 2012-12-05 17:06:24 157272 ----a-w- C:Program Files (x86)Mozilla Firefoxwebapp-uninstaller.exe 2012-12-05 17:06:23 73696 ----a-w- C:Program Files (x86)Mozilla Firefoxbreakpadinjector.dll . ==================== Find3M ==================== . 2012-12-12 17:57:05 697272 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe 2012-12-12 17:57:04 73656 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl 2012-11-22 03:26:40 3149824 ----a-w- C:WindowsSystem32win32k.sys 2012-11-15 01:50:36 96768 ----a-w- C:WindowsSysWow64sspicli.dll 2012-11-15 01:50:36 458712 ----a-w- C:WindowsSystem32driverscng.sys 2012-11-15 01:50:36 340992 ----a-w- C:WindowsSystem32schannel.dll 2012-11-15 01:50:36 307200 ----a-w- C:WindowsSystem32ncrypt.dll 2012-11-15 01:50:36 247808 ----a-w- C:WindowsSysWow64schannel.dll 2012-11-15 01:50:36 220160 ----a-w- C:WindowsSysWow64ncrypt.dll 2012-11-15 01:50:36 22016 ----a-w- C:WindowsSysWow64secur32.dll 2012-11-15 01:50:36 154480 ----a-w- C:WindowsSystem32driversksecpkg.sys 2012-11-15 01:50:36 1448448 ----a-w- C:WindowsSystem32lsasrv.dll 2012-11-15 01:49:36 514560 ----a-w- C:WindowsSysWow64qdvd.dll 2012-11-15 01:49:36 366592 ----a-w- C:WindowsSystem32qdvd.dll 2012-11-14 20:32:45 30568 ----a-w- C:WindowsSystem32driversavgtpx64.sys 2012-11-14 06:11:44 2312704 ----a-w- C:WindowsSystem32jscript9.dll 2012-11-14 06:04:11 1392128 ----a-w- C:WindowsSystem32wininet.dll 2012-11-14 06:02:49 1494528 ----a-w- C:WindowsSystem32inetcpl.cpl 2012-11-14 05:57:46 599040 ----a-w- C:WindowsSystem32vbscript.dll 2012-11-14 05:57:35 173056 ----a-w- C:WindowsSystem32ieUnatt.exe 2012-11-14 05:52:40 2382848 ----a-w- C:WindowsSystem32mshtml.tlb 2012-11-14 02:09:22 1800704 ----a-w- C:WindowsSysWow64jscript9.dll 2012-11-14 01:58:15 1427968 ----a-w- C:WindowsSysWow64inetcpl.cpl 2012-11-14 01:57:37 1129472 ----a-w- C:WindowsSysWow64wininet.dll 2012-11-14 01:49:25 142848 ----a-w- C:WindowsSysWow64ieUnatt.exe 2012-11-14 01:48:27 420864 ----a-w- C:WindowsSysWow64vbscript.dll 2012-11-14 01:44:42 2382848 ----a-w- C:WindowsSysWow64mshtml.tlb 2012-11-09 05:45:09 2048 ----a-w- C:WindowsSystem32tzres.dll 2012-11-09 04:42:49 2048 ----a-w- C:WindowsSysWow64tzres.dll 2012-11-01 18:31:08 40712 ----a-w- C:WindowsSystem32driverstaphss6.sys 2012-11-01 18:25:26 42248 ----a-w- C:WindowsSystem32drivershssdrv6.sys 2012-10-25 09:12:26 94208 ----a-w- C:WindowsSysWow64QuickTimeVR.qtx 2012-10-25 09:12:26 69632 ----a-w- C:WindowsSysWow64QuickTime.qts 2012-10-22 22:34:45 95208 ----a-w- C:WindowsSysWow64WindowsAccessBridge-32.dll 2012-10-22 22:34:35 821736 ----a-w- C:WindowsSysWow64npDeployJava1.dll 2012-10-22 22:34:35 746984 ----a-w- C:WindowsSysWow64deployJava1.dll 2012-10-16 08:38:37 135168 ----a-w- C:WindowsapppatchAppPatch64AcXtrnal.dll 2012-10-16 08:38:34 350208 ----a-w- C:WindowsapppatchAppPatch64AcLayers.dll 2012-10-16 07:39:52 561664 ----a-w- C:WindowsapppatchAcLayers.dll 2012-10-09 18:17:13 55296 ----a-w- C:WindowsSystem32dhcpcsvc6.dll 2012-10-09 18:17:13 226816 ----a-w- C:WindowsSystem32dhcpcore6.dll 2012-10-09 17:40:31 44032 ----a-w- C:WindowsSysWow64dhcpcsvc6.dll 2012-10-09 17:40:31 193536 ----a-w- C:WindowsSysWow64dhcpcore6.dll . ============= FINISH: 18:33:30.25 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: DeviceHarddiskVolume1 Install Date: 7/19/2012 4:23:32 AM System Uptime: 1/2/2013 1:04:52 AM (17 hours ago) . Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | RC512 Processor: Intel® Core i3-2310M CPU @ 2.10GHz | CPU 1 | 2100/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 586 GiB total, 52.694 GiB free. D: is CDROM () E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP146: 12/29/2012 12:00:02 AM - Scheduled Checkpoint RP147: 1/1/2013 11:36:55 AM - Windows Update . ==== Installed Programs ====================== . ???? ??? Windows Live ???? Windows Live ????? Messenger ????? Windows Live ?????? ??????? ?? Windows Live ???????? ?? Messenger ???????? ?????????? Windows Live ????????? Messenger ?????????? Windows Live ??????????? ?? Windows Live µTorrent Adobe AIR Adobe Download Assistant Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) Agatha Christie - Death on the Nile All Sound Recorder 1.78 „Messenger“ pagalbine priemone Angry Birds Space AnyDVD Apple Application Support Apple Software Update ASPCA Reminder by We-Care.com v4.1.17.1 Audacity 2.0 avast! Free Antivirus AVerMedia C039 USB Capture Card 10.2.64.51 AVS Update Manager 1.0 AVS Video Converter 8 AVS4YOU Software Navigator 1.4 „Windows Live Essentials“ „Windows Live Mail“ „Windows Live Messenger“ „Windows Live“ fotogalerija Bad Piggies BatteryLifeExtender Battle vs. Chess Bejeweled 2 Deluxe Best Buy pc app Bing Bar Bing Rewards Client Installer Brain Train Age V3.91 Brutal Chess Build-a-lot ChargeableUSB Chessmaster 9000 Chessmaster Grandmaster Edition Chuzzle Deluxe CloneDVD2 Codec Complemento Messenger Complément Messenger ConverterLite 1.6.1 CyberLink MediaShow CyberLink PhotoNow CyberLink Power2Go CyberLink PowerDirector CyberLink PowerDVD 12 CyberLink PowerProducer CyberLink YouCam D3DX10 Diner Dash 2 Restaurant Rescue Doplnok programu Messenger DVD Shrink 3.2 DVD Shrink version 4.1 DVDFab 8.2.1.5 (10/10/2012) Qt DVDneXtCOPYneXtTech DVDStyler v2.3 Easy Content Share Easy Display Manager Easy Migration Easy Network Manager Easy SpeedUp Manager EasyBatteryManager EasyFileShare ESET Online Scanner v3 ETDWare PS/2-X64 8.0.7.2_WHQL Farm Frenzy Fast Start File Association Manager 0.1 Fotogalerija Windows Live Free Sound Recorder v9.3.1 Galeria de Fotografias do Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live Galerie foto Windows Live Galería fotográfica de Windows Live GIMP 2.8.2 Graboid Video 3.28 iLivid Insaniquarium Deluxe Intel PROSet Wireless Intel WiMAX Tutorial Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® PROSet/Wireless WiFi Software Intel® Rapid Storage Technology Intel® Wireless Display Intel® PROSet/Wireless WiMAX Software Internet Download Manager Java 7 Update 9 Java Auto Updater John Deere Drive Green Junk Mail filter update Magic ISO Maker v5.4 (build 0239) MagicDisc 2.7.106 Malwarebytes Anti-Malware version 1.65.1.1000 MediaPlayerLite 0.4.1 Mesh Runtime Messenger-kumppani Messenger ??? ?? Messenger ???? Messenger ????? Messenger Assistent Messenger Companion Messenger kíséro Messenger Pratilac Messenger Suradnik Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Office 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Text-to-Speech Engine 4.0 (English) Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MindDabble Toolbar Movie Color Enhancer Mozilla Firefox 17.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Multimedia POP NaturalReaderFree NETGEAR Genie NVIDIA Control Panel 266.10 NVIDIA Graphics Driver 266.10 NVIDIA Install Application NVIDIA Optimus 1.0.11 NVIDIA Update Components Peggle Penguins! Pirate101 Plants vs. Zombies Poczta uslugi Windows Live Podstawowe programy Windows Live Polar Golfer Pomocnik Messenger Pošta Windows Live QuickTime Raccolta foto di Windows Live Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Renesas Electronics USB 3.0 Host Controller Driver S?????? f?t???af??? t?? Windows Live Samsung AnyWeb Print Samsung Recovery Solution 5 Samsung Support Center Samsung Universal Print Driver Samsung Universal Scan Driver Samsung Update Plus Search-Results Toolbar Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Skype™ 5.10 SlimDrivers Smart Defrag 2 Smart Driver Updater v3.0 SmartSound Quicktracks Plugin Spotify Spremljevalec Messenger SRS Premium Sound Control Panel The Ringtone Maker v5.2.9 Torch Ulead VideoStudio 10 Ulead VideoStudio SE DVD UMPlayer 0.98 [P4] Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) USB2.0 Grabber User Guide Vaudix VIO Player version 1.2 VLC media player 1.0.1 WildTangent Games WildTangent ORB Game Console Windows Live Windows Live ?? Windows Live ?? ??? Windows Live ??? Windows Live ???? Windows Live Communications Platform Windows Live Essentials Windows Live Fotótár Windows Live Foto-galerija Windows Live fotoattelu galerija Windows Live Fotogalerie Windows Live Fotogalleri Windows Live Fotogaléria Windows Live Fotograf Galerisi Windows Live Galeria de Fotos Windows Live Galerija fotografija Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Pošta Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Parçalar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennustyökalu Windows Liven sähköposti Windows Liven valokuvavalikoima WinPalace WinRAR 4.20 (64-bit) WinZip Driver Updater Xvid Video Codec ZoneAlarm LTD Toolbar Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 12/31/2012 7:02:15 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 12/28/2012 7:41:55 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 12/28/2012 6:27:23 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x000000000000002c, 0x0000000000000002, 0x0000000000000001, 0xfffff88005a8cbfe). A dump was saved in: C:WindowsMEMORY.DMP. Report Id: 122812-16645-01. 12/27/2012 3:24:49 PM, Error: volsnap [35] - The shadow copies of volume C: were aborted because the shadow copy storage failed to grow. 1/1/2013 3:48:08 PM, Error: Service Control Manager [7034] - The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 2 time(s). 1/1/2013 11:45:58 AM, Error: Service Control Manager [7034] - The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 1 time(s). . ==== End Of File ===========================
  10. Hello JonTom Here are some more logs ComboFix 12-12-19.02 - Owner 12/19/2012 18:01:35.5.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6056.4263 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe Command switches used :: c:usersOwnerDesktopCFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . FILE :: "c:program files (x86)APlusGamer_63bar1.bin63bar.dll" "c:programdataVaudix508d42f54b62d.ocx" "c:programdataVaudix508d44c452574.ocx" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:program files (x86)APlusGamer_63 c:program files (x86)APlusGamer_63bar1.bin63sknlcr.dll c:program files (x86)APlusGamer_63bar1.binBOOTSTRAP.JS c:program files (x86)APlusGamer_63bar1.binCHROME.MANIFEST c:program files (x86)APlusGamer_63bar1.binchrome63ffxtbr.jar c:program files (x86)APlusGamer_63bar1.binCREXT.DLL c:program files (x86)APlusGamer_63bar1.binCrExtP63.exe c:program files (x86)APlusGamer_63bar1.binINSTALL.RDF c:program files (x86)APlusGamer_63bar1.bininstallKeys.js c:program files (x86)APlusGamer_63bar1.binLOGO.BMP c:program files (x86)APlusGamer_63bar1.binT8EXTEX.DLL c:program files (x86)APlusGamer_63bar1.binT8EXTPEX.DLL c:program files (x86)APlusGamer_63bar1.binT8RES.DLL c:program files (x86)APlusGamer_63bar1.binT8TICKER.DLL c:program files (x86)APlusGamer_63bargen1COMMON.T8S c:program files (x86)APlusGamer_63barIE9MesgCOMMON.T8S c:program files (x86)APlusGamer_63barMessageCOMMON.T8S c:program files (x86)APlusGamer_63barSettingss_pid.dat c:programdataVaudix c:programdataVaudix508d42f54b62d.ocx c:programdataVaudix508d42f54b665.html c:programdataVaudix508d42f54b69e.js c:programdataVaudix508d44c452574.ocx c:programdataVaudix508d44c452586.html c:programdataVaudix508d44c4525bf.js c:programdataVaudixdata508d44c4525bf.js c:programdataVaudixdatajsondb.js c:programdataVaudixhgbabfgaggnigfjbbpofjcilobgblhfe.crx c:programdataVaudixmhbmcdlkpglhfnacbbdomfcikpkkhgkb.crx c:programdataVaudixsettings.ini c:programdataVaudixuninstall.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------Legacy_NPF -------Service_NPF . . ((((((((((((((((((((((((( Files Created from 2012-11-20 to 2012-12-20 ))))))))))))))))))))))))))))))) . . 2012-12-20 00:37 . 2012-12-20 00:37 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp 2012-12-20 00:37 . 2012-12-20 00:37 -------- d-----w- c:usersDefaultAppDataLocaltemp 2012-12-18 13:42 . 2012-11-08 17:24 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{E0C11D25-2DC5-4B71-8976-A4767590840B}mpengine.dll 2012-12-16 22:46 . 2012-10-30 23:51 370288 ----a-w- c:windowssystem32driversaswSP.sys 2012-12-16 22:46 . 2012-10-30 23:51 25232 ----a-w- c:windowssystem32driversaswFsBlk.sys 2012-12-16 22:46 . 2012-10-15 16:59 54072 ----a-w- c:windowssystem32driversaswRdr2.sys 2012-12-16 22:46 . 2012-10-30 23:51 59728 ----a-w- c:windowssystem32driversaswTdi.sys 2012-12-16 22:46 . 2012-10-30 23:51 984144 ----a-w- c:windowssystem32driversaswSnx.sys 2012-12-16 22:46 . 2012-10-30 23:51 71600 ----a-w- c:windowssystem32driversaswMonFlt.sys 2012-12-16 22:46 . 2012-10-30 23:51 41224 ----a-w- c:windowsavastSS.scr 2012-12-16 22:45 . 2012-10-30 23:50 227648 ----a-w- c:windowsSysWow64aswBoot.exe 2012-12-16 22:06 . 2012-12-16 22:07 -------- d-----w- c:usersOwnerAppDataLocalNETGEARGenie 2012-12-16 22:06 . 2012-12-16 22:06 369168 ----a-w- c:windowssystem32wpcap.dll 2012-12-16 22:06 . 2012-12-16 22:06 35344 ----a-w- c:windowssystem32driversnpf.sys 2012-12-16 22:06 . 2012-12-16 22:06 106000 ----a-w- c:windowssystem32packet.dll 2012-12-16 22:06 . 2012-12-16 22:06 -------- d-----w- c:program files (x86)NETGEAR Genie 2012-12-14 20:48 . 2012-12-14 20:48 -------- d-----w- c:program files (x86)uTorrent 2012-12-14 13:06 . 2012-11-14 07:06 17811968 ----a-w- c:windowssystem32mshtml.dll 2012-12-14 13:06 . 2012-11-14 06:32 10925568 ----a-w- c:windowssystem32ieframe.dll 2012-12-13 11:57 . 2012-11-02 05:59 478208 ----a-w- c:windowssystem32dpnet.dll 2012-12-13 11:57 . 2012-11-02 05:11 376832 ----a-w- c:windowsSysWow64dpnet.dll 2012-12-12 21:34 . 2012-12-13 00:47 -------- d-----w- c:usersOwnerAppDataRoamingatunes 2012-12-12 21:33 . 2012-12-12 21:33 -------- d-----w- c:program files (x86)aTunes 2012-12-12 17:44 . 2012-12-12 17:44 -------- d-----w- c:program files (x86)CheckPoint 2012-12-10 15:12 . 2012-12-10 15:12 -------- d-----w- C:FRACTURE EXTRAS 2012-12-05 17:06 . 2012-11-29 08:27 96224 ----a-w- c:program files (x86)Mozilla Firefoxwebapprt-stub.exe 2012-12-05 17:06 . 2012-11-29 08:27 270816 ----a-w- c:program files (x86)Mozilla Firefoxupdater.exe 2012-12-05 17:06 . 2012-11-29 08:27 157272 ----a-w- c:program files (x86)Mozilla Firefoxwebapp-uninstaller.exe 2012-12-05 17:06 . 2012-11-29 08:27 73696 ----a-w- c:program files (x86)Mozilla Firefoxbreakpadinjector.dll 2012-11-30 15:39 . 2012-11-30 21:47 -------- d-----w- c:program files (x86)Malwarebytes' Anti-Malware 2012-11-30 15:39 . 2012-09-30 01:54 25928 ----a-w- c:windowssystem32driversmbam.sys 2012-11-30 14:16 . 2012-11-30 14:16 -------- d-----w- c:windowsERUNT 2012-11-30 14:15 . 2012-12-06 01:06 -------- d-----w- C:JRT 2012-11-27 17:18 . 2012-12-12 19:11 -------- d-----w- C:FRST 2012-11-25 02:04 . 2012-12-05 19:46 -------- d-----w- c:usersOwnerAppDataLocalElevatedDiagnostics 2012-11-24 14:58 . 2011-05-30 13:42 240640 ----a-w- c:windowsSysWow64xvidvfw.dll 2012-11-24 14:58 . 2011-05-30 13:42 255488 ----a-w- c:windowssystem32xvidvfw.dll 2012-11-24 14:58 . 2011-05-23 09:52 153088 ----a-w- c:windowsSysWow64xvid.ax 2012-11-24 14:58 . 2011-05-23 07:49 173568 ----a-w- c:windowssystem32xvid.ax 2012-11-24 14:58 . 2011-05-23 07:46 645632 ----a-w- c:windowsSysWow64xvidcore.dll 2012-11-24 14:58 . 2011-05-23 07:45 696832 ----a-w- c:windowssystem32xvidcore.dll 2012-11-24 14:57 . 2012-11-24 14:57 -------- d-----w- c:usersOwner.bitrock 2012-11-24 01:49 . 2012-11-24 14:58 -------- d-----w- c:program files (x86)Xvid 2012-11-21 18:48 . 2010-11-26 23:02 17720 ----a-w- c:windowssystem32driversSmartDefragDriver.sys 2012-11-21 14:17 . 2012-11-21 14:19 -------- d-----w- c:program files (x86)MeadCo Neptune 2012-11-20 22:16 . 2012-12-12 16:25 -------- dc----w- c:windowssystem32DRVSTORE 2012-11-20 22:15 . 2012-11-20 22:15 -------- d-----w- c:usersOwnerAppDataRoamingCheckPoint 2012-11-20 21:46 . 2012-12-12 17:44 -------- d-----w- c:programdataCheckPoint 2012-11-20 18:23 . 2012-11-20 18:23 -------- d-----w- c:usersOwnerAppDataRoamingMalwarebytes 2012-11-20 18:22 . 2012-11-20 18:22 -------- d-----w- c:programdataMalwarebytes 2012-11-20 16:27 . 2012-11-20 16:27 -------- d-----w- c:programdataPCPitstop 2012-11-20 16:25 . 2012-11-21 15:57 -------- d-----w- c:program files (x86)PCPitstop 2012-11-20 11:53 . 2012-11-20 11:53 -------- d-----w- c:usersOwnerAppDataRoamingConverterLite 2012-11-20 01:03 . 2012-11-20 01:03 -------- d-----w- c:usersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012) . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-14 13:10 . 2012-07-25 12:45 67413224 ----a-w- c:windowssystem32MRT.exe 2012-12-12 17:57 . 2012-07-31 00:28 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe 2012-12-12 17:57 . 2012-07-31 00:28 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl 2012-11-24 01:35 . 2012-10-06 20:26 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll 2012-11-15 01:51 . 2012-11-15 01:51 62976 ----a-w- c:windowssystem32TSWbPrxy.exe 2012-11-15 01:51 . 2012-11-15 01:51 57856 ----a-w- c:windowssystem32driversTsUsbFlt.sys 2012-11-15 01:51 . 2012-11-15 01:51 5773824 ----a-w- c:windowssystem32mstscax.dll 2012-11-15 01:51 . 2012-11-15 01:51 54272 ----a-w- c:windowssystem32MsRdpWebAccess.dll 2012-11-15 01:51 . 2012-11-15 01:51 4916224 ----a-w- c:windowsSysWow64mstscax.dll 2012-11-15 01:51 . 2012-11-15 01:51 46592 ----a-w- c:windowsSysWow64MsRdpWebAccess.dll 2012-11-15 01:51 . 2012-11-15 01:51 44032 ----a-w- c:windowssystem32tsgqec.dll 2012-11-15 01:51 . 2012-11-15 01:51 43520 ----a-w- c:windowssystem32TsUsbGDCoInstaller.dll 2012-11-15 01:51 . 2012-11-15 01:51 384000 ----a-w- c:windowssystem32wksprt.exe 2012-11-15 01:51 . 2012-11-15 01:51 37376 ----a-w- c:windowsSysWow64tsgqec.dll 2012-11-15 01:51 . 2012-11-15 01:51 322560 ----a-w- c:windowssystem32aaclient.dll 2012-11-15 01:51 . 2012-11-15 01:51 3174912 ----a-w- c:windowssystem32rdpcorets.dll 2012-11-15 01:51 . 2012-11-15 01:51 269312 ----a-w- c:windowsSysWow64aaclient.dll 2012-11-15 01:51 . 2012-11-15 01:51 243200 ----a-w- c:windowssystem32rdpudd.dll 2012-11-15 01:51 . 2012-11-15 01:51 228864 ----a-w- c:windowssystem32rdpendp_winip.dll 2012-11-15 01:51 . 2012-11-15 01:51 19456 ----a-w- c:windowssystem32driversrdpvideominiport.sys 2012-11-15 01:51 . 2012-11-15 01:51 192000 ----a-w- c:windowsSysWow64rdpendp_winip.dll 2012-11-15 01:51 . 2012-11-15 01:51 18432 ----a-w- c:windowssystem32wksprtPS.dll 2012-11-15 01:51 . 2012-11-15 01:51 16896 ----a-w- c:windowsSysWow64wksprtPS.dll 2012-11-15 01:51 . 2012-11-15 01:51 15360 ----a-w- c:windowssystem32RdpGroupPolicyExtension.dll 2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyExtension.dll 2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyControl.exe 2012-11-15 01:51 . 2012-11-15 01:51 1123840 ----a-w- c:windowssystem32mstsc.exe 2012-11-15 01:51 . 2012-11-15 01:51 1048064 ----a-w- c:windowsSysWow64mstsc.exe 2012-11-15 01:50 . 2012-11-15 01:50 96768 ----a-w- c:windowsSysWow64sspicli.dll 2012-11-15 01:50 . 2012-11-15 01:50 458712 ----a-w- c:windowssystem32driverscng.sys 2012-11-15 01:50 . 2012-11-15 01:50 340992 ----a-w- c:windowssystem32schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 307200 ----a-w- c:windowssystem32ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 247808 ----a-w- c:windowsSysWow64schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 220160 ----a-w- c:windowsSysWow64ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 22016 ----a-w- c:windowsSysWow64secur32.dll 2012-11-15 01:50 . 2012-11-15 01:50 154480 ----a-w- c:windowssystem32driversksecpkg.sys 2012-11-15 01:50 . 2012-11-15 01:50 1448448 ----a-w- c:windowssystem32lsasrv.dll 2012-11-15 01:49 . 2012-11-15 01:49 514560 ----a-w- c:windowsSysWow64qdvd.dll 2012-11-15 01:49 . 2012-11-15 01:49 366592 ----a-w- c:windowssystem32qdvd.dll 2012-11-14 20:32 . 2012-11-14 20:32 30568 ----a-w- c:windowssystem32driversavgtpx64.sys 2012-11-01 18:31 . 2012-11-01 18:31 40712 ----a-w- c:windowssystem32driverstaphss6.sys 2012-11-01 18:25 . 2012-11-01 18:25 42248 ----a-w- c:windowssystem32drivershssdrv6.sys 2012-10-30 23:50 . 2012-08-03 22:43 285328 ----a-w- c:windowssystem32aswBoot.exe 2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:windowsSysWow64QuickTimeVR.qtx 2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:windowsSysWow64QuickTime.qts 2012-10-22 22:34 . 2012-10-22 22:34 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll 2012-10-22 22:34 . 2012-10-22 22:35 821736 ----a-w- c:windowsSysWow64npDeployJava1.dll 2012-10-22 22:34 . 2012-10-22 22:35 746984 ----a-w- c:windowsSysWow64deployJava1.dll 2012-10-17 13:39 . 2012-10-17 13:39 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCore-2Microsoft.MediaCenter.Sports.UI.dll 2012-10-17 13:39 . 2012-10-17 13:39 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkup-2markup.dll 2012-10-17 13:37 . 2012-10-17 13:37 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSM-2StartResources.dll 2012-10-16 08:38 . 2012-12-13 11:57 135168 ----a-w- c:windowsapppatchAppPatch64AcXtrnal.dll 2012-10-16 08:38 . 2012-12-13 11:57 350208 ----a-w- c:windowsapppatchAppPatch64AcLayers.dll 2012-10-16 07:39 . 2012-12-13 11:57 561664 ----a-w- c:windowsapppatchAcLayers.dll 2012-10-09 18:17 . 2012-11-15 12:36 55296 ----a-w- c:windowssystem32dhcpcsvc6.dll 2012-10-09 18:17 . 2012-11-15 12:36 226816 ----a-w- c:windowssystem32dhcpcore6.dll 2012-10-09 17:40 . 2012-11-15 12:36 44032 ----a-w- c:windowsSysWow64dhcpcsvc6.dll 2012-10-09 17:40 . 2012-11-15 12:36 193536 ----a-w- c:windowsSysWow64dhcpcore6.dll 2012-10-06 20:26 . 2012-10-06 20:26 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkupmarkup.dll 2012-10-06 20:26 . 2012-10-06 20:26 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSMStartResources.dll 2012-10-06 20:26 . 2012-10-06 20:26 539984 ----a-w- c:programdataMicrosofteHomePackagesMCESpotlightMCESpotlightSpotlightResources.dll 2012-10-04 16:40 . 2012-12-13 11:58 44032 ----a-w- c:windowsapppatchacwow64.dll 2012-10-03 17:56 . 2012-11-17 17:59 1914248 ----a-w- c:windowssystem32driverstcpip.sys 2012-10-03 17:44 . 2012-11-17 17:59 70656 ----a-w- c:windowssystem32nlaapi.dll 2012-10-03 17:44 . 2012-11-17 17:59 303104 ----a-w- c:windowssystem32nlasvc.dll 2012-10-03 17:44 . 2012-11-17 17:59 246272 ----a-w- c:windowssystem32netcorehc.dll 2012-10-03 17:44 . 2012-11-17 17:59 18944 ----a-w- c:windowssystem32netevent.dll 2012-10-03 17:44 . 2012-11-17 17:59 216576 ----a-w- c:windowssystem32ncsi.dll 2012-10-03 17:42 . 2012-11-17 17:59 569344 ----a-w- c:windowssystem32iphlpsvc.dll 2012-10-03 16:42 . 2012-11-17 17:59 18944 ----a-w- c:windowsSysWow64netevent.dll 2012-10-03 16:42 . 2012-11-17 17:59 175104 ----a-w- c:windowsSysWow64netcorehc.dll 2012-10-03 16:42 . 2012-11-17 17:59 156672 ----a-w- c:windowsSysWow64ncsi.dll 2012-10-03 16:07 . 2012-11-17 17:59 45568 ----a-w- c:windowssystem32driverstcpipreg.sys 2012-09-25 22:47 . 2012-11-15 12:31 78336 ----a-w- c:windowsSysWow64synceng.dll 2012-09-25 22:46 . 2012-11-15 12:31 95744 ----a-w- c:windowssystem32synceng.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "IDMan"="c:program files (x86)Internet Download ManagerIDMan.exe" [2012-09-01 3528128] "Xvid"="c:program files (x86)XvidCheckUpdate.exe" [2011-01-17 8192] "Spotify Web Helper"="c:usersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe" [2012-10-28 1199576] "NETGEARGenie"="c:program files (x86)NETGEAR GeniebinNETGEARGenie.exe" [2012-10-16 1041736] . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun] "CLMLServer"="c:program files (x86)CyberLinkPower2GoCLMLSvc.exe" [2009-11-02 103720] "Samsung PanelMgr"="c:windowsSamsungPanelMgrSSMMgr.exe" [2010-06-08 618496] "UVS10 Preload"="c:program files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe" [2006-03-07 36864] "UpdatePPShortCut"="c:program files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" [2009-05-20 222504] "Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848] "APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-10-12 59280] "PowerDVD12DMREngine"="c:program files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [2012-09-19 505872] "PowerDVD12Agent"="c:program files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [2012-09-19 374560] "QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-10-25 421888] "avast"="c:program filesAVAST SoftwareAvastavastUI.exe" [2012-10-30 4297136] . c:usersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup MagicDisc.lnk - c:program files (x86)MagicDiscMagicDisc.exe [2012-9-15 576000] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:windowsSysWOW64nvinit.dll . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32] "wave6"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944] R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:windowssystem32DRIVERSAVerPola.sys [2011-01-04 534144] R3 BBUpdate;BBUpdate;c:program files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe [2012-02-10 240408] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:program filesIntelWiFibinPanDhcpDns.exe [2011-01-05 340240] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2012-11-15 19456] R3 Samsung UPD Service;Samsung UPD Service;c:windowsSystem32SUPDSvc.exe [2010-08-09 166704] R3 StkCMini;Syntek AVStream USB2.0 ATV;c:windowssystem32DriversStkCMini.sys [2010-04-16 1816968] R3 taphss6;Anchorfree HSS VPN Adapter;c:windowssystem32DRIVERStaphss6.sys [2012-11-01 40712] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2012-11-15 57856] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2012-07-25 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32DRIVERSwdcsam64.sys [2008-05-06 14464] R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:windowssystem32DRIVERSnvpciflt.sys [2010-12-14 25576] S0 SmartDefragDriver;SmartDefragDriver;c:windowsSystem32DriversSmartDefragDriver.sys [2010-11-26 17720] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-14 30568] S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:windowssystem32DriversSABI.sys [2009-05-28 13824] S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34];c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-09-19 22:12 147704] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2012-10-30 71600] S2 BBSvc;BingBar Service;c:program files (x86)MicrosoftBingBar7.1.361.0BBSvc.exe [2012-02-10 193816] S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-09-19 90640] S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-09-19 78352] S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-09-19 295440] S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:program filesIntelWiMAXBinDMAgent.exe [2011-06-06 498688] S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.sys [2012-08-02 158944] S2 MBAMScheduler;MBAMScheduler;c:program files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [2012-09-30 399432] S2 MBAMService;MBAMService;c:program files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2012-09-30 676936] S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:program files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe [2012-09-25 231752] S2 nlsX86cc;Nalpeiron Licensing Service;c:windowsSysWOW64nlssrv32.exe [2010-11-22 66560] S2 ntk_PowerDVD12;ntk_PowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-06-20 83704] S2 UNS;Intel® Management and Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-10-06 2655768] S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:program filesIntelWiMAXBinAppSrv.exe [2011-06-06 986112] S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:windowssystem32DRIVERSbpenum.sys [2011-05-19 84480] S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:windowssystem32DRIVERSbpmp.sys [2011-05-19 182272] S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:windowssystem32Driversbpusb.sys [2011-05-19 83968] S3 clwvd;CyberLink WebCam Virtual Driver;c:windowssystem32DRIVERSclwvd.sys [2010-11-10 31088] S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys [2010-11-12 138024] S3 IntcDAud;Intel® Display Audio;c:windowssystem32DRIVERSIntcDAud.sys [2010-10-15 317440] S3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [2012-09-30 25928] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:windowssystem32DRIVERSnusb3hub.sys [2010-10-11 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:windowssystem32DRIVERSnusb3xhc.sys [2010-10-11 180736] S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2011-06-10 539240] S3 wdkmd;Intel WiDi KMD;c:windowssystem32DRIVERSWDKMD.sys [2010-11-30 42392] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - NPF . Contents of the 'Scheduled Tasks' folder . 2012-12-19 c:windowsTasksAdobe Flash Player Updater.job - c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-31 17:57] . 2012-12-20 c:windowsTasksSlimDrivers Startup.job - c:program files (x86)SlimDriversSlimDrivers.exe [2012-10-14 21:29] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 23:50 133400 ----a-w- c:program filesAVAST SoftwareAvastashShA64.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersIDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOTCLSID{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 23432 ----a-w- c:program files (x86)Internet Download ManagerIDMShellExt64.dll . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "IgfxTray"="c:windowssystem32igfxtray.exe" [2011-01-04 167960] "HotKeysCmds"="c:windowssystem32hkcmd.exe" [2011-01-04 391704] "Persistence"="c:windowssystem32igfxpers.exe" [2011-01-04 417304] "RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2010-11-30 11660904] "IntelWireless"="c:program filesCommon FilesIntelWirelessCommoniFrmewrk.exe" [2011-01-05 1933584] "ETDCtrl"="c:program files (x86)ElantechETDCtrl.exe" [bU] "IntelWirelessWiMAX"="c:program filesIntelWiMAXBinWiMAXCU.exe" [2011-06-02 1622016] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows] "AppInit_DLLs"=c:windowsSystem32nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:windowssystem32blank.htm mStart Page = hxxp://samsung.msn.com mLocal Page = c:windowsSysWOW64blank.htm IE: Download all links with IDM - c:program files (x86)Internet Download ManagerIEGetAll.htm IE: Download with IDM - c:program files (x86)Internet Download ManagerIEExt.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default FF - ExtSQL: 2012-11-04 18:39; 50970cb9d50ba@50970cb9d50f3.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions50970cb9d50ba@50970cb9d50f3.com.xpi FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com FF - ExtSQL: 2012-12-16 16:53; wrc@avast.com; c:program filesAVAST SoftwareAvastWebRepFF FF - ExtSQL: !HIDDEN! 2012-11-12 13:26; 63ffxtbr@APlusGamer_63.com; c:program files (x86)APlusGamer_63bar1.bin FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:program files (x86)MindDabble_4pbar1.bin . - - - - ORPHANS REMOVED - - - - . BHO-{30C456C5-0E73-2343-38F0-D9F9CF8B0F52} - c:programdataVaudix508d44c452574.ocx BHO-{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE} - c:programdataVaudix508d42f54b62d.ocx Toolbar-Locked - (no file) AddRemove-{681002C6-5019-81A2-7871-A43754F71E56} - c:programdataVaudixuninstall.exe . . . [HKEY_LOCAL_MACHINESYSTEMControlSet001services{73526619-C24F-470B-9BED-53D455FBB5C6}] "ImagePath"="??c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):c5,88,12,3d,a1,66,02,aa,b6,69,27,77,2a,36,ce,6b,62,5d,c5,5b,dd, 32,c3,0e,3c,fd,35,14,a9,f8,c3,8a,76,15,a2,42,fb,fb,4e,66,00,00,00,00,00,00, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):92,20,a6,2c,ac,da,97,ad,d1,24,a3,f8,5b,7f,d7,fc,ab,59,6e,1b,bf, 51,95,0a,ae,4d,7b,37,63,5b,fa,ad,73,d0,1a,32,83,42,de,9e,00,00,00,00,00,00, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{b5572adb-f71b-41a1-ad6e-0832b120e9ea}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:000000f0 "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,85,b1,12,f9,90,dd,23,a1,46,8f,3c,f2,5c,68,ee,21,c4,91,5d,38,fc,54, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{c9fa1039-b2b9-4ecb-85ad-32f7d18bc0ed}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000012c "Therad"=dword:00000001 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68, . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus] @="0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:program filesAVAST SoftwareAvastAvastSvc.exe c:program files (x86)Common FilesAdobeARM1.0armsvc.exe c:program files (x86)IObitSmart Defrag 2SmartDefrag.exe c:program files (x86)Malwarebytes' Anti-Malwarembamgui.exe c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe c:program files (x86)CyberLinkShared filesRichVideo.exe c:program files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe c:program files (x86)SamsungEasy Display ManagerWifiManager.exe c:program files (x86)CyberLinkYouCamYCMMirage.exe c:program files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe c:program files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe c:program files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe c:program files (x86)SamsungSamsung Support CenterSSCKbdHk.exe c:program files (x86)SamsungSamsung Update PlusSUPBackground.exe . ************************************************************************** . Completion time: 2012-12-19 18:52:59 - machine was rebooted ComboFix-quarantined-files.txt 2012-12-20 00:52 ComboFix2.txt 2012-12-19 19:31 ComboFix3.txt 2012-12-18 18:54 ComboFix4.txt 2012-12-11 00:42 ComboFix5.txt 2012-12-19 23:59 . Pre-Run: 70,492,712,960 bytes free Post-Run: 70,425,374,720 bytes free . - - End Of File - - 4C1BBF0C55D7FDB11EDE1024F9B8F043 Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.12.20.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Owner :: OWNER-PC [administrator] 12/19/2012 7:57:26 PM mbam-log-2012-12-19 (19-57-26).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 238507 Time elapsed: 4 minute(s), 31 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 2 HKCRCLSID{30C456C5-0E73-2343-38F0-D9F9CF8B0F52} (Adware.KorAd) -> Quarantined and deleted successfully. HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{30C456C5-0E73-2343-38F0-D9F9CF8B0F52} (Adware.KorAd) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  11. Hello JonTom, Here is the log ComboFix 12-12-19.02 - Owner 12/19/2012 12:37:13.4.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6056.4369 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe Command switches used :: c:usersOwnerDesktopCFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:new folder (2)desktop itemsdesktopaudio record wizard 3.99 inc crack - mast3r-.rar" "c:new folder (2)desktopaudio record wizard 3.99 inc crack - mast3r-.rar" "c:new folder (2)geek squad backup 07.09.2012backup continuedadobeadobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html" "c:new folder (2)geek squad backup 07.09.2012downloadsprogramsaudio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe" "c:program files (x86)kurzweil educational systemskurzweil 3000crack.exe" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:new folder (2)desktop itemsdesktopaudio record wizard 3.99 inc crack - mast3r-.rar c:new folder (2)desktopaudio record wizard 3.99 inc crack - mast3r-.rar c:new folder (2)geek squad backup 07.09.2012backup continuedadobeadobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html c:new folder (2)geek squad backup 07.09.2012downloadsprogramsaudio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe c:program files (x86)kurzweil educational systemskurzweil 3000crack.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------Legacy_NPF -------Service_NPF . . ((((((((((((((((((((((((( Files Created from 2012-11-19 to 2012-12-19 ))))))))))))))))))))))))))))))) . . 2012-12-19 19:14 . 2012-12-19 19:14 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp 2012-12-19 19:14 . 2012-12-19 19:14 -------- d-----w- c:usersDefaultAppDataLocaltemp 2012-12-18 13:42 . 2012-11-08 17:24 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{E0C11D25-2DC5-4B71-8976-A4767590840B}mpengine.dll 2012-12-16 22:46 . 2012-10-30 23:51 370288 ----a-w- c:windowssystem32driversaswSP.sys 2012-12-16 22:46 . 2012-10-30 23:51 25232 ----a-w- c:windowssystem32driversaswFsBlk.sys 2012-12-16 22:46 . 2012-10-15 16:59 54072 ----a-w- c:windowssystem32driversaswRdr2.sys 2012-12-16 22:46 . 2012-10-30 23:51 59728 ----a-w- c:windowssystem32driversaswTdi.sys 2012-12-16 22:46 . 2012-10-30 23:51 984144 ----a-w- c:windowssystem32driversaswSnx.sys 2012-12-16 22:46 . 2012-10-30 23:51 71600 ----a-w- c:windowssystem32driversaswMonFlt.sys 2012-12-16 22:46 . 2012-10-30 23:51 41224 ----a-w- c:windowsavastSS.scr 2012-12-16 22:45 . 2012-10-30 23:50 227648 ----a-w- c:windowsSysWow64aswBoot.exe 2012-12-16 22:06 . 2012-12-16 22:07 -------- d-----w- c:usersOwnerAppDataLocalNETGEARGenie 2012-12-16 22:06 . 2012-12-16 22:06 369168 ----a-w- c:windowssystem32wpcap.dll 2012-12-16 22:06 . 2012-12-16 22:06 35344 ----a-w- c:windowssystem32driversnpf.sys 2012-12-16 22:06 . 2012-12-16 22:06 106000 ----a-w- c:windowssystem32packet.dll 2012-12-16 22:06 . 2012-12-16 22:06 -------- d-----w- c:program files (x86)NETGEAR Genie 2012-12-14 20:48 . 2012-12-14 20:48 -------- d-----w- c:program files (x86)uTorrent 2012-12-14 13:06 . 2012-11-14 07:06 17811968 ----a-w- c:windowssystem32mshtml.dll 2012-12-14 13:06 . 2012-11-14 06:32 10925568 ----a-w- c:windowssystem32ieframe.dll 2012-12-13 11:57 . 2012-11-02 05:59 478208 ----a-w- c:windowssystem32dpnet.dll 2012-12-13 11:57 . 2012-11-02 05:11 376832 ----a-w- c:windowsSysWow64dpnet.dll 2012-12-12 21:34 . 2012-12-13 00:47 -------- d-----w- c:usersOwnerAppDataRoamingatunes 2012-12-12 21:33 . 2012-12-12 21:33 -------- d-----w- c:program files (x86)aTunes 2012-12-12 17:44 . 2012-12-12 17:44 -------- d-----w- c:program files (x86)CheckPoint 2012-12-10 15:12 . 2012-12-10 15:12 -------- d-----w- C:FRACTURE EXTRAS 2012-12-05 17:06 . 2012-11-29 08:27 96224 ----a-w- c:program files (x86)Mozilla Firefoxwebapprt-stub.exe 2012-12-05 17:06 . 2012-11-29 08:27 270816 ----a-w- c:program files (x86)Mozilla Firefoxupdater.exe 2012-12-05 17:06 . 2012-11-29 08:27 157272 ----a-w- c:program files (x86)Mozilla Firefoxwebapp-uninstaller.exe 2012-12-05 17:06 . 2012-11-29 08:27 73696 ----a-w- c:program files (x86)Mozilla Firefoxbreakpadinjector.dll 2012-11-30 15:39 . 2012-11-30 21:47 -------- d-----w- c:program files (x86)Malwarebytes' Anti-Malware 2012-11-30 15:39 . 2012-09-30 01:54 25928 ----a-w- c:windowssystem32driversmbam.sys 2012-11-30 14:16 . 2012-11-30 14:16 -------- d-----w- c:windowsERUNT 2012-11-30 14:15 . 2012-12-06 01:06 -------- d-----w- C:JRT 2012-11-27 17:18 . 2012-12-12 19:11 -------- d-----w- C:FRST 2012-11-25 02:04 . 2012-12-05 19:46 -------- d-----w- c:usersOwnerAppDataLocalElevatedDiagnostics 2012-11-24 14:58 . 2011-05-30 13:42 240640 ----a-w- c:windowsSysWow64xvidvfw.dll 2012-11-24 14:58 . 2011-05-30 13:42 255488 ----a-w- c:windowssystem32xvidvfw.dll 2012-11-24 14:58 . 2011-05-23 09:52 153088 ----a-w- c:windowsSysWow64xvid.ax 2012-11-24 14:58 . 2011-05-23 07:49 173568 ----a-w- c:windowssystem32xvid.ax 2012-11-24 14:58 . 2011-05-23 07:46 645632 ----a-w- c:windowsSysWow64xvidcore.dll 2012-11-24 14:58 . 2011-05-23 07:45 696832 ----a-w- c:windowssystem32xvidcore.dll 2012-11-24 14:57 . 2012-11-24 14:57 -------- d-----w- c:usersOwner.bitrock 2012-11-24 01:49 . 2012-11-24 14:58 -------- d-----w- c:program files (x86)Xvid 2012-11-21 18:48 . 2010-11-26 23:02 17720 ----a-w- c:windowssystem32driversSmartDefragDriver.sys 2012-11-21 14:17 . 2012-11-21 14:19 -------- d-----w- c:program files (x86)MeadCo Neptune 2012-11-20 22:16 . 2012-12-12 16:25 -------- dc----w- c:windowssystem32DRVSTORE 2012-11-20 22:15 . 2012-11-20 22:15 -------- d-----w- c:usersOwnerAppDataRoamingCheckPoint 2012-11-20 21:46 . 2012-12-12 17:44 -------- d-----w- c:programdataCheckPoint 2012-11-20 18:23 . 2012-11-20 18:23 -------- d-----w- c:usersOwnerAppDataRoamingMalwarebytes 2012-11-20 18:22 . 2012-11-20 18:22 -------- d-----w- c:programdataMalwarebytes 2012-11-20 16:27 . 2012-11-20 16:27 -------- d-----w- c:programdataPCPitstop 2012-11-20 16:25 . 2012-11-21 15:57 -------- d-----w- c:program files (x86)PCPitstop 2012-11-20 11:53 . 2012-11-20 11:53 -------- d-----w- c:usersOwnerAppDataRoamingConverterLite 2012-11-20 01:03 . 2012-11-20 01:03 -------- d-----w- c:usersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012) . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-14 13:10 . 2012-07-25 12:45 67413224 ----a-w- c:windowssystem32MRT.exe 2012-12-12 17:57 . 2012-07-31 00:28 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe 2012-12-12 17:57 . 2012-07-31 00:28 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl 2012-11-24 01:35 . 2012-10-06 20:26 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll 2012-11-15 01:51 . 2012-11-15 01:51 62976 ----a-w- c:windowssystem32TSWbPrxy.exe 2012-11-15 01:51 . 2012-11-15 01:51 57856 ----a-w- c:windowssystem32driversTsUsbFlt.sys 2012-11-15 01:51 . 2012-11-15 01:51 5773824 ----a-w- c:windowssystem32mstscax.dll 2012-11-15 01:51 . 2012-11-15 01:51 54272 ----a-w- c:windowssystem32MsRdpWebAccess.dll 2012-11-15 01:51 . 2012-11-15 01:51 4916224 ----a-w- c:windowsSysWow64mstscax.dll 2012-11-15 01:51 . 2012-11-15 01:51 46592 ----a-w- c:windowsSysWow64MsRdpWebAccess.dll 2012-11-15 01:51 . 2012-11-15 01:51 44032 ----a-w- c:windowssystem32tsgqec.dll 2012-11-15 01:51 . 2012-11-15 01:51 43520 ----a-w- c:windowssystem32TsUsbGDCoInstaller.dll 2012-11-15 01:51 . 2012-11-15 01:51 384000 ----a-w- c:windowssystem32wksprt.exe 2012-11-15 01:51 . 2012-11-15 01:51 37376 ----a-w- c:windowsSysWow64tsgqec.dll 2012-11-15 01:51 . 2012-11-15 01:51 322560 ----a-w- c:windowssystem32aaclient.dll 2012-11-15 01:51 . 2012-11-15 01:51 3174912 ----a-w- c:windowssystem32rdpcorets.dll 2012-11-15 01:51 . 2012-11-15 01:51 269312 ----a-w- c:windowsSysWow64aaclient.dll 2012-11-15 01:51 . 2012-11-15 01:51 243200 ----a-w- c:windowssystem32rdpudd.dll 2012-11-15 01:51 . 2012-11-15 01:51 228864 ----a-w- c:windowssystem32rdpendp_winip.dll 2012-11-15 01:51 . 2012-11-15 01:51 19456 ----a-w- c:windowssystem32driversrdpvideominiport.sys 2012-11-15 01:51 . 2012-11-15 01:51 192000 ----a-w- c:windowsSysWow64rdpendp_winip.dll 2012-11-15 01:51 . 2012-11-15 01:51 18432 ----a-w- c:windowssystem32wksprtPS.dll 2012-11-15 01:51 . 2012-11-15 01:51 16896 ----a-w- c:windowsSysWow64wksprtPS.dll 2012-11-15 01:51 . 2012-11-15 01:51 15360 ----a-w- c:windowssystem32RdpGroupPolicyExtension.dll 2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyExtension.dll 2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyControl.exe 2012-11-15 01:51 . 2012-11-15 01:51 1123840 ----a-w- c:windowssystem32mstsc.exe 2012-11-15 01:51 . 2012-11-15 01:51 1048064 ----a-w- c:windowsSysWow64mstsc.exe 2012-11-15 01:50 . 2012-11-15 01:50 96768 ----a-w- c:windowsSysWow64sspicli.dll 2012-11-15 01:50 . 2012-11-15 01:50 458712 ----a-w- c:windowssystem32driverscng.sys 2012-11-15 01:50 . 2012-11-15 01:50 340992 ----a-w- c:windowssystem32schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 307200 ----a-w- c:windowssystem32ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 247808 ----a-w- c:windowsSysWow64schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 220160 ----a-w- c:windowsSysWow64ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 22016 ----a-w- c:windowsSysWow64secur32.dll 2012-11-15 01:50 . 2012-11-15 01:50 154480 ----a-w- c:windowssystem32driversksecpkg.sys 2012-11-15 01:50 . 2012-11-15 01:50 1448448 ----a-w- c:windowssystem32lsasrv.dll 2012-11-15 01:49 . 2012-11-15 01:49 514560 ----a-w- c:windowsSysWow64qdvd.dll 2012-11-15 01:49 . 2012-11-15 01:49 366592 ----a-w- c:windowssystem32qdvd.dll 2012-11-14 20:32 . 2012-11-14 20:32 30568 ----a-w- c:windowssystem32driversavgtpx64.sys 2012-11-01 18:31 . 2012-11-01 18:31 40712 ----a-w- c:windowssystem32driverstaphss6.sys 2012-11-01 18:25 . 2012-11-01 18:25 42248 ----a-w- c:windowssystem32drivershssdrv6.sys 2012-10-30 23:50 . 2012-08-03 22:43 285328 ----a-w- c:windowssystem32aswBoot.exe 2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:windowsSysWow64QuickTimeVR.qtx 2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:windowsSysWow64QuickTime.qts 2012-10-22 22:34 . 2012-10-22 22:34 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll 2012-10-22 22:34 . 2012-10-22 22:35 821736 ----a-w- c:windowsSysWow64npDeployJava1.dll 2012-10-22 22:34 . 2012-10-22 22:35 746984 ----a-w- c:windowsSysWow64deployJava1.dll 2012-10-17 13:39 . 2012-10-17 13:39 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCore-2Microsoft.MediaCenter.Sports.UI.dll 2012-10-17 13:39 . 2012-10-17 13:39 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkup-2markup.dll 2012-10-17 13:37 . 2012-10-17 13:37 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSM-2StartResources.dll 2012-10-16 08:38 . 2012-12-13 11:57 135168 ----a-w- c:windowsapppatchAppPatch64AcXtrnal.dll 2012-10-16 08:38 . 2012-12-13 11:57 350208 ----a-w- c:windowsapppatchAppPatch64AcLayers.dll 2012-10-16 07:39 . 2012-12-13 11:57 561664 ----a-w- c:windowsapppatchAcLayers.dll 2012-10-09 18:17 . 2012-11-15 12:36 55296 ----a-w- c:windowssystem32dhcpcsvc6.dll 2012-10-09 18:17 . 2012-11-15 12:36 226816 ----a-w- c:windowssystem32dhcpcore6.dll 2012-10-09 17:40 . 2012-11-15 12:36 44032 ----a-w- c:windowsSysWow64dhcpcsvc6.dll 2012-10-09 17:40 . 2012-11-15 12:36 193536 ----a-w- c:windowsSysWow64dhcpcore6.dll 2012-10-06 20:26 . 2012-10-06 20:26 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkupmarkup.dll 2012-10-06 20:26 . 2012-10-06 20:26 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSMStartResources.dll 2012-10-06 20:26 . 2012-10-06 20:26 539984 ----a-w- c:programdataMicrosofteHomePackagesMCESpotlightMCESpotlightSpotlightResources.dll 2012-10-04 16:40 . 2012-12-13 11:58 44032 ----a-w- c:windowsapppatchacwow64.dll 2012-10-03 17:56 . 2012-11-17 17:59 1914248 ----a-w- c:windowssystem32driverstcpip.sys 2012-10-03 17:44 . 2012-11-17 17:59 70656 ----a-w- c:windowssystem32nlaapi.dll 2012-10-03 17:44 . 2012-11-17 17:59 303104 ----a-w- c:windowssystem32nlasvc.dll 2012-10-03 17:44 . 2012-11-17 17:59 246272 ----a-w- c:windowssystem32netcorehc.dll 2012-10-03 17:44 . 2012-11-17 17:59 18944 ----a-w- c:windowssystem32netevent.dll 2012-10-03 17:44 . 2012-11-17 17:59 216576 ----a-w- c:windowssystem32ncsi.dll 2012-10-03 17:42 . 2012-11-17 17:59 569344 ----a-w- c:windowssystem32iphlpsvc.dll 2012-10-03 16:42 . 2012-11-17 17:59 18944 ----a-w- c:windowsSysWow64netevent.dll 2012-10-03 16:42 . 2012-11-17 17:59 175104 ----a-w- c:windowsSysWow64netcorehc.dll 2012-10-03 16:42 . 2012-11-17 17:59 156672 ----a-w- c:windowsSysWow64ncsi.dll 2012-10-03 16:07 . 2012-11-17 17:59 45568 ----a-w- c:windowssystem32driverstcpipreg.sys 2012-09-25 22:47 . 2012-11-15 12:31 78336 ----a-w- c:windowsSysWow64synceng.dll 2012-09-25 22:46 . 2012-11-15 12:31 95744 ----a-w- c:windowssystem32synceng.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{30C456C5-0E73-2343-38F0-D9F9CF8B0F52}] 2012-10-28 14:44 129024 ----a-w- c:programdataVaudix508d44c452574.ocx . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE}] 2012-10-28 14:36 129024 ----a-w- c:programdataVaudix508d42f54b62d.ocx . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar] "{8945176c-2823-4272-9735-873e75bfe1b4}"= "c:program files (x86)APlusGamer_63bar1.bin63bar.dll" [bU] . [HKEY_CLASSES_ROOTclsid{8945176c-2823-4272-9735-873e75bfe1b4}] . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "IDMan"="c:program files (x86)Internet Download ManagerIDMan.exe" [2012-09-01 3528128] "Xvid"="c:program files (x86)XvidCheckUpdate.exe" [2011-01-17 8192] "Spotify Web Helper"="c:usersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe" [2012-10-28 1199576] "NETGEARGenie"="c:program files (x86)NETGEAR GeniebinNETGEARGenie.exe" [2012-10-16 1041736] . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun] "CLMLServer"="c:program files (x86)CyberLinkPower2GoCLMLSvc.exe" [2009-11-02 103720] "Samsung PanelMgr"="c:windowsSamsungPanelMgrSSMMgr.exe" [2010-06-08 618496] "UVS10 Preload"="c:program files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe" [2006-03-07 36864] "UpdatePPShortCut"="c:program files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" [2009-05-20 222504] "Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848] "APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-10-12 59280] "PowerDVD12DMREngine"="c:program files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [2012-09-19 505872] "PowerDVD12Agent"="c:program files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [2012-09-19 374560] "QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-10-25 421888] "avast"="c:program filesAVAST SoftwareAvastavastUI.exe" [2012-10-30 4297136] . c:usersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup MagicDisc.lnk - c:program files (x86)MagicDiscMagicDisc.exe [2012-9-15 576000] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:windowsSysWOW64nvinit.dll . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32] "wave6"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944] R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:windowssystem32DRIVERSAVerPola.sys [2011-01-04 534144] R3 BBUpdate;BBUpdate;c:program files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe [2012-02-10 240408] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:program filesIntelWiFibinPanDhcpDns.exe [2011-01-05 340240] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2012-11-15 19456] R3 Samsung UPD Service;Samsung UPD Service;c:windowsSystem32SUPDSvc.exe [2010-08-09 166704] R3 StkCMini;Syntek AVStream USB2.0 ATV;c:windowssystem32DriversStkCMini.sys [2010-04-16 1816968] R3 taphss6;Anchorfree HSS VPN Adapter;c:windowssystem32DRIVERStaphss6.sys [2012-11-01 40712] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2012-11-15 57856] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2012-07-25 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32DRIVERSwdcsam64.sys [2008-05-06 14464] R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:windowssystem32DRIVERSnvpciflt.sys [2010-12-14 25576] S0 SmartDefragDriver;SmartDefragDriver;c:windowsSystem32DriversSmartDefragDriver.sys [2010-11-26 17720] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-14 30568] S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:windowssystem32DriversSABI.sys [2009-05-28 13824] S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34];c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-09-19 22:12 147704] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2012-10-30 71600] S2 BBSvc;BingBar Service;c:program files (x86)MicrosoftBingBar7.1.361.0BBSvc.exe [2012-02-10 193816] S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-09-19 90640] S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-09-19 78352] S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-09-19 295440] S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:program filesIntelWiMAXBinDMAgent.exe [2011-06-06 498688] S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.sys [2012-08-02 158944] S2 MBAMScheduler;MBAMScheduler;c:program files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [2012-09-30 399432] S2 MBAMService;MBAMService;c:program files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2012-09-30 676936] S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:program files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe [2012-09-25 231752] S2 nlsX86cc;Nalpeiron Licensing Service;c:windowsSysWOW64nlssrv32.exe [2010-11-22 66560] S2 ntk_PowerDVD12;ntk_PowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-06-20 83704] S2 UNS;Intel® Management and Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-10-06 2655768] S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:program filesIntelWiMAXBinAppSrv.exe [2011-06-06 986112] S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:windowssystem32DRIVERSbpenum.sys [2011-05-19 84480] S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:windowssystem32DRIVERSbpmp.sys [2011-05-19 182272] S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:windowssystem32Driversbpusb.sys [2011-05-19 83968] S3 clwvd;CyberLink WebCam Virtual Driver;c:windowssystem32DRIVERSclwvd.sys [2010-11-10 31088] S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys [2010-11-12 138024] S3 IntcDAud;Intel® Display Audio;c:windowssystem32DRIVERSIntcDAud.sys [2010-10-15 317440] S3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [2012-09-30 25928] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:windowssystem32DRIVERSnusb3hub.sys [2010-10-11 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:windowssystem32DRIVERSnusb3xhc.sys [2010-10-11 180736] S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2011-06-10 539240] S3 wdkmd;Intel WiDi KMD;c:windowssystem32DRIVERSWDKMD.sys [2010-11-30 42392] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - NPF . Contents of the 'Scheduled Tasks' folder . 2012-12-19 c:windowsTasksAdobe Flash Player Updater.job - c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-31 17:57] . 2012-12-19 c:windowsTasksSlimDrivers Startup.job - c:program files (x86)SlimDriversSlimDrivers.exe [2012-10-14 21:29] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 23:50 133400 ----a-w- c:program filesAVAST SoftwareAvastashShA64.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersIDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOTCLSID{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 23432 ----a-w- c:program files (x86)Internet Download ManagerIDMShellExt64.dll . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "IgfxTray"="c:windowssystem32igfxtray.exe" [2011-01-04 167960] "HotKeysCmds"="c:windowssystem32hkcmd.exe" [2011-01-04 391704] "Persistence"="c:windowssystem32igfxpers.exe" [2011-01-04 417304] "RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2010-11-30 11660904] "IntelWireless"="c:program filesCommon FilesIntelWirelessCommoniFrmewrk.exe" [2011-01-05 1933584] "ETDCtrl"="c:program files (x86)ElantechETDCtrl.exe" [bU] "IntelWirelessWiMAX"="c:program filesIntelWiMAXBinWiMAXCU.exe" [2011-06-02 1622016] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows] "AppInit_DLLs"=c:windowsSystem32nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:windowssystem32blank.htm mStart Page = hxxp://samsung.msn.com mLocal Page = c:windowsSysWOW64blank.htm IE: Download all links with IDM - c:program files (x86)Internet Download ManagerIEGetAll.htm IE: Download with IDM - c:program files (x86)Internet Download ManagerIEExt.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default FF - ExtSQL: 2012-11-04 18:39; 50970cb9d50ba@50970cb9d50f3.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions50970cb9d50ba@50970cb9d50f3.com.xpi FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com FF - ExtSQL: 2012-12-16 16:53; wrc@avast.com; c:program filesAVAST SoftwareAvastWebRepFF FF - ExtSQL: !HIDDEN! 2012-11-12 13:26; 63ffxtbr@APlusGamer_63.com; c:program files (x86)APlusGamer_63bar1.bin FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:program files (x86)MindDabble_4pbar1.bin . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) . . . [HKEY_LOCAL_MACHINESYSTEMControlSet001services{73526619-C24F-470B-9BED-53D455FBB5C6}] "ImagePath"="??c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):c5,88,12,3d,a1,66,02,aa,b6,69,27,77,2a,36,ce,6b,62,5d,c5,5b,dd, 32,c3,0e,3c,fd,35,14,a9,f8,c3,8a,76,15,a2,42,fb,fb,4e,66,00,00,00,00,00,00, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):92,20,a6,2c,ac,da,97,ad,d1,24,a3,f8,5b,7f,d7,fc,ab,59,6e,1b,bf, 51,95,0a,ae,4d,7b,37,63,5b,fa,ad,73,d0,1a,32,83,42,de,9e,00,00,00,00,00,00, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{b5572adb-f71b-41a1-ad6e-0832b120e9ea}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:000000f0 "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,85,b1,12,f9,90,dd,23,a1,46,8f,3c,f2,5c,68,ee,21,c4,91,5d,38,fc,54, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{c9fa1039-b2b9-4ecb-85ad-32f7d18bc0ed}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000012c "Therad"=dword:00000001 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68, . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus] @="0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:program filesAVAST SoftwareAvastAvastSvc.exe c:program files (x86)Common FilesAdobeARM1.0armsvc.exe c:program files (x86)IObitSmart Defrag 2SmartDefrag.exe c:program files (x86)Malwarebytes' Anti-Malwarembamgui.exe c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe c:program files (x86)CyberLinkShared filesRichVideo.exe c:program files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe c:program files (x86)SamsungEasy Display ManagerWifiManager.exe c:program files (x86)CyberLinkYouCamYCMMirage.exe c:program files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe c:program files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe c:program files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe c:program files (x86)SamsungSamsung Support CenterSSCKbdHk.exe c:program files (x86)SamsungSamsung Update PlusSUPBackground.exe . ************************************************************************** . Completion time: 2012-12-19 13:30:59 - machine was rebooted ComboFix-quarantined-files.txt 2012-12-19 19:30 ComboFix2.txt 2012-12-18 18:54 ComboFix3.txt 2012-12-11 00:42 ComboFix4.txt 2012-12-03 17:11 . Pre-Run: 69,682,040,832 bytes free Post-Run: 68,463,153,152 bytes free . - - End Of File - - 0481626A4B6A61C9577CD2CEFC3C58FB
  12. Hello JonTom, I ran the combofix and CKScanner and now nothing works. I get this message 'illegal operation attempted on a registry key that been marked for deletion' i couldn't even open notepad i had to tranfer to a flashdrive and open it on another computer to post here are the logs ComboFix 12-12-02.01 - Owner 12/18/2012 12:31:05.3.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6055.4279 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe Command switches used :: c:usersOwnerDesktopCFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:new folder (2)desktop itemsdesktopaudio record wizard 3.99 inc crack - mast3r-.rar" "c:new folder (2)desktopaudio record wizard 3.99 inc crack - mast3r-.rar" "c:new folder (2)geek squad backup 07.09.2012backup continuedadobeadobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html" "c:new folder (2)geek squad backup 07.09.2012downloadsprogramsaudio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe" "c:program files (x86)kurzweil educational systemskurzweil 3000crack.exe" "c:usersowneraudio record wizard 3.99 inc crack - mast3r-.rar" "c:usersownerdownloadsprogramsadobe master collection cs6 - crack only (fast & easy)_secure.exe" "c:usersownerdownloadsprogramsanydvd & anydvd hd v7.0.5.0 final + crack [chattchitto rg].exe" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg] c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]AnyDVD & AnyDVD HD v6.9.1.0 FINAL + Crack [ChattChitto RG].exe c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.nfo c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.url c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg] c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.nfo c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.url c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]CloneDVD v2.9.2.8 + KeyGen [ChattChitto RG].exe c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg] c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]AnyDVD & AnyDVD HD v6.9.1.0 FINAL + Crack [ChattChitto RG].exe c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.nfo c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.url c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg] c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.nfo c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.url c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]CloneDVD v2.9.2.8 + KeyGen [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg] c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]AnyDVD & AnyDVD HD v6.9.1.0 FINAL + Crack [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cg c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgAVSAudioEditor.exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgf4cg.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgRead Me.txt c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgsetup.exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg] c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]CloneDVD v2.9.2.8 + KeyGen [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg] c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]ChattChitto RG.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]ChattChitto RG.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]CopyTo v5.1.0.2 + Crack [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg] c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]ChattChitto RG.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]ChattChitto RG.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]Digital Rescue 4 Premium v4.0.0.2E + Crack [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]DigitalRescue.exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg] c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]ChattChitto RG.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]ChattChitto RG.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]DVDFab Platinum v8.1.6.8 + Crack [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg] c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]ChattChitto RG.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]ChattChitto RG.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]DVDFab Platinum v8.1.7.3 + Crack [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpack c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackInstall How to.txt c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackReadme.txt c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackUlead VideoStudio Plus 11.5 + Keygen & Dolby Digital PowerPack.UIF c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r- c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-arw3 Setup.exe c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-Crack Instructions.txt c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-CrackARWizard3.exe c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-lucid.nfo c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg] c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]AnyDVD & AnyDVD HD v6.9.1.0 FINAL + Crack [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.nfo c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.url c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg] c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.nfo c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.url c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]CloneDVD v2.9.2.8 + KeyGen [ChattChitto RG].exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ] c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ].rar c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]AVSInstallPack.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSAudioEditorAVSAudioEditor.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSAudioRecorderAVSAudioRecorder.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSDiscCreatorAVSDiscCreator.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSDocumentConverterAVSDocumentConverter.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSDVDCopyAVSDVDCopy.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSImageConverterAVSExplorerExtension.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSImageConverterAVSImageConverter.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSPhotoEditorAVSPhotoEditor.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSRegistryCleanerAVSRegistryCleaner.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSRingtoneMakerAVSRingtoneMaker.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSScreenCaptureAVSScreenCapture.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSVideoConverterAVSVideoConverter.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSVideoEditorAVSVideoEditor.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSVideoRecorderAVSVideoRecorder.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSVideoReMakerAVSVideoReMaker.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]Instructions.txt c:new folder (2)geek squad backup 07.09.2012downloadsclonedvd 4crack c:new folder (2)geek squad backup 07.09.2012downloadsclonedvd 4crackConfigure.dll c:new folder (2)geek squad backup 07.09.2012downloadsclonedvd 4crackOptionalMainApp.dll c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsv c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvPowerDVD 10 Ultra 3D Build 1516.51 - Cracked.exe c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVHow to install.txt c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVRead Me - TSV.txt c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareAdvanced SystemCare Pro - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareDVDFab Platinum v8.0.7.3 - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareMicrosoft Office 2010 Professional Plus - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareRead Me - TSV.txt c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareSony Vegas Movie Studio HD Platinum - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareWindows 7 Ultimate - 32 Bit (Auto Activation) - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTorrent downloaded from Demonoid.me.txt c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Productions - Read Me..docx c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Software TorrentsAdvanced SystemCare Pro - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Software TorrentsMicrosoft Office 2010 Professional Plus - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Software TorrentsRead Me - TSV.txt c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Software TorrentsSony Vegas Movie Studio HD Platinum - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Software TorrentsWindows 7 Ultimate - 32 Bit (Auto Activation) - Cracked.torrent c:new folder (2)geek squad backup 07.09.2012downloadsinternet.download.manager.v6.07.final.build.12.incl.keygen.and.patch-snd c:new folder (2)geek squad backup 07.09.2012downloadsinternet.download.manager.v6.07.final.build.12.incl.keygen.and.patch-sndSNDidman607.exe c:new folder (2)geek squad backup 07.09.2012downloadslanguagesrosetta stone v3.3.5 for windowsrosetta stone v3.3.5 for windowscrack c:new folder (2)geek squad backup 07.09.2012downloadslanguagesrosetta stone v3.3.5 for windowsrosetta stone v3.3.5 for windowscrackRosettaStoneVersion3.exe c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76] c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]CrackIDMan.exe c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]Description and Installation Instructions.txt c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]GlobalErrors.log c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]IDMan.exe c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]idman611.exe c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-theta c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-theta!!Mreader.exe c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaAngryBirdsRioInstaller_1.4.0.exe c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaPatchPatch.exe c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaPatchReadme.txt c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaRead Me.txt c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaTHETA.nfo c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-theta c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-theta!!Mreader.exe c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaAngryBirdsSeasonsInstaller_2.4.1.exe c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaPatchPatch.exe c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaPatchReadme.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTHETA.nfo c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from 1337x.org.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from Ahashare.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from Btarena.org.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from Demonoid.me.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from ExtraTorrent.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from H33t.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from IsoHunt.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from Kat.ph.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from Rarbg.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from ThePirateBay.se.txt c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-theta c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaAngryBirdsSpaceInstaller_1.3.0.exe c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaPatchPatch.exe c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaPatchReadme.txt c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaTHETA.nfo c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaTorrent Downloaded From ExtraTorrent.com.txt c:usersowneraudio record wizard 3.99 inc crack - mast3r- c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordAudio Record Wizard 3.99 Inc Crack - Mast3r-arw3 Setup.exe c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordAudio Record Wizard 3.99 Inc Crack - Mast3r-Crack Instructions.txt c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordAudio Record Wizard 3.99 Inc Crack - Mast3r-CrackARWizard3.exe c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordAudio Record Wizard 3.99 Inc Crack - Mast3r-lucid.nfo c:usersownerbad.piggies.v1.0.0.cracked-theta c:usersownerbad.piggies.v1.0.0.cracked-thetaBadPiggiesInstaller_1.0.0.exe c:usersownerbad.piggies.v1.0.0.cracked-thetaPatchPatch.exe c:usersownerbad.piggies.v1.0.0.cracked-thetaTHETA.nfo c:usersownerbad.piggies.v1.0.0.cracked-thetaTorrent Downloaded From ExtraTorrent.com.txt c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg] c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]ChattChitto RG.nfo c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]ChattChitto RG.url c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]DVDFab Platinum v8.2.1.3 + Crack [ChattChitto RG].exe c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg] c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]ChattChitto RG.nfo c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]ChattChitto RG.url c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]DVDFab Platinum v8.2.1.5 + Crack [ChattChitto RG].exe c:windowsSysWow64Packet.dll c:windowsSysWow64wpcap.dll . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------Legacy_NPF -------Service_NPF . . ((((((((((((((((((((((((( Files Created from 2012-11-18 to 2012-12-18 ))))))))))))))))))))))))))))))) . . 2012-12-18 18:43 . 2012-12-18 18:43 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp 2012-12-18 18:43 . 2012-12-18 18:43 -------- d-----w- c:usersDefaultAppDataLocaltemp 2012-12-18 13:42 . 2012-11-08 17:24 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{E0C11D25-2DC5-4B71-8976-A4767590840B}mpengine.dll 2012-12-16 22:46 . 2012-10-30 23:51 370288 ----a-w- c:windowssystem32driversaswSP.sys 2012-12-16 22:46 . 2012-10-30 23:51 25232 ----a-w- c:windowssystem32driversaswFsBlk.sys 2012-12-16 22:46 . 2012-10-15 16:59 54072 ----a-w- c:windowssystem32driversaswRdr2.sys 2012-12-16 22:46 . 2012-10-30 23:51 59728 ----a-w- c:windowssystem32driversaswTdi.sys 2012-12-16 22:46 . 2012-10-30 23:51 984144 ----a-w- c:windowssystem32driversaswSnx.sys 2012-12-16 22:46 . 2012-10-30 23:51 71600 ----a-w- c:windowssystem32driversaswMonFlt.sys 2012-12-16 22:46 . 2012-10-30 23:51 41224 ----a-w- c:windowsavastSS.scr 2012-12-16 22:45 . 2012-10-30 23:50 227648 ----a-w- c:windowsSysWow64aswBoot.exe 2012-12-16 22:06 . 2012-12-16 22:07 -------- d-----w- c:usersOwnerAppDataLocalNETGEARGenie 2012-12-16 22:06 . 2012-12-16 22:06 369168 ----a-w- c:windowssystem32wpcap.dll 2012-12-16 22:06 . 2012-12-16 22:06 35344 ----a-w- c:windowssystem32driversnpf.sys 2012-12-16 22:06 . 2012-12-16 22:06 106000 ----a-w- c:windowssystem32packet.dll 2012-12-16 22:06 . 2012-12-16 22:06 -------- d-----w- c:program files (x86)NETGEAR Genie 2012-12-14 20:48 . 2012-12-14 20:48 -------- d-----w- c:program files (x86)uTorrent 2012-12-14 13:06 . 2012-11-14 07:06 17811968 ----a-w- c:windowssystem32mshtml.dll 2012-12-14 13:06 . 2012-11-14 06:32 10925568 ----a-w- c:windowssystem32ieframe.dll 2012-12-13 11:57 . 2012-11-02 05:59 478208 ----a-w- c:windowssystem32dpnet.dll 2012-12-13 11:57 . 2012-11-02 05:11 376832 ----a-w- c:windowsSysWow64dpnet.dll 2012-12-12 21:34 . 2012-12-13 00:47 -------- d-----w- c:usersOwnerAppDataRoamingatunes 2012-12-12 21:33 . 2012-12-12 21:33 -------- d-----w- c:program files (x86)aTunes 2012-12-12 17:44 . 2012-12-12 17:44 -------- d-----w- c:program files (x86)CheckPoint 2012-12-10 15:12 . 2012-12-10 15:12 -------- d-----w- C:FRACTURE EXTRAS 2012-12-05 17:06 . 2012-11-29 08:27 96224 ----a-w- c:program files (x86)Mozilla Firefoxwebapprt-stub.exe 2012-12-05 17:06 . 2012-11-29 08:27 270816 ----a-w- c:program files (x86)Mozilla Firefoxupdater.exe 2012-12-05 17:06 . 2012-11-29 08:27 157272 ----a-w- c:program files (x86)Mozilla Firefoxwebapp-uninstaller.exe 2012-12-05 17:06 . 2012-11-29 08:27 73696 ----a-w- c:program files (x86)Mozilla Firefoxbreakpadinjector.dll 2012-11-30 15:39 . 2012-11-30 21:47 -------- d-----w- c:program files (x86)Malwarebytes' Anti-Malware 2012-11-30 15:39 . 2012-09-30 01:54 25928 ----a-w- c:windowssystem32driversmbam.sys 2012-11-30 14:16 . 2012-11-30 14:16 -------- d-----w- c:windowsERUNT 2012-11-30 14:15 . 2012-12-06 01:06 -------- d-----w- C:JRT 2012-11-27 17:18 . 2012-12-12 19:11 -------- d-----w- C:FRST 2012-11-25 02:04 . 2012-12-05 19:46 -------- d-----w- c:usersOwnerAppDataLocalElevatedDiagnostics 2012-11-24 14:58 . 2011-05-30 13:42 240640 ----a-w- c:windowsSysWow64xvidvfw.dll 2012-11-24 14:58 . 2011-05-30 13:42 255488 ----a-w- c:windowssystem32xvidvfw.dll 2012-11-24 14:58 . 2011-05-23 09:52 153088 ----a-w- c:windowsSysWow64xvid.ax 2012-11-24 14:58 . 2011-05-23 07:49 173568 ----a-w- c:windowssystem32xvid.ax 2012-11-24 14:58 . 2011-05-23 07:46 645632 ----a-w- c:windowsSysWow64xvidcore.dll 2012-11-24 14:58 . 2011-05-23 07:45 696832 ----a-w- c:windowssystem32xvidcore.dll 2012-11-24 14:57 . 2012-11-24 14:57 -------- d-----w- c:usersOwner.bitrock 2012-11-24 01:49 . 2012-11-24 14:58 -------- d-----w- c:program files (x86)Xvid 2012-11-21 18:48 . 2010-11-26 23:02 17720 ----a-w- c:windowssystem32driversSmartDefragDriver.sys 2012-11-21 14:17 . 2012-11-21 14:19 -------- d-----w- c:program files (x86)MeadCo Neptune 2012-11-20 22:16 . 2012-12-12 16:25 -------- dc----w- c:windowssystem32DRVSTORE 2012-11-20 22:15 . 2012-11-20 22:15 -------- d-----w- c:usersOwnerAppDataRoamingCheckPoint 2012-11-20 21:46 . 2012-12-12 17:44 -------- d-----w- c:programdataCheckPoint 2012-11-20 18:23 . 2012-11-20 18:23 -------- d-----w- c:usersOwnerAppDataRoamingMalwarebytes 2012-11-20 18:22 . 2012-11-20 18:22 -------- d-----w- c:programdataMalwarebytes 2012-11-20 16:27 . 2012-11-20 16:27 -------- d-----w- c:programdataPCPitstop 2012-11-20 16:25 . 2012-11-21 15:57 -------- d-----w- c:program files (x86)PCPitstop 2012-11-20 11:53 . 2012-11-20 11:53 -------- d-----w- c:usersOwnerAppDataRoamingConverterLite 2012-11-20 01:03 . 2012-11-20 01:03 -------- d-----w- c:usersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012) . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-18 18:45 . 2012-11-14 20:30 15712 ----a-w- c:windowssystem32driversSWDUMon.sys 2012-12-14 13:10 . 2012-07-25 12:45 67413224 ----a-w- c:windowssystem32MRT.exe 2012-12-12 17:57 . 2012-07-31 00:28 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe 2012-12-12 17:57 . 2012-07-31 00:28 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl 2012-11-24 01:35 . 2012-10-06 20:26 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll 2012-11-15 01:51 . 2012-11-15 01:51 62976 ----a-w- c:windowssystem32TSWbPrxy.exe 2012-11-15 01:51 . 2012-11-15 01:51 57856 ----a-w- c:windowssystem32driversTsUsbFlt.sys 2012-11-15 01:51 . 2012-11-15 01:51 5773824 ----a-w- c:windowssystem32mstscax.dll 2012-11-15 01:51 . 2012-11-15 01:51 54272 ----a-w- c:windowssystem32MsRdpWebAccess.dll 2012-11-15 01:51 . 2012-11-15 01:51 4916224 ----a-w- c:windowsSysWow64mstscax.dll 2012-11-15 01:51 . 2012-11-15 01:51 46592 ----a-w- c:windowsSysWow64MsRdpWebAccess.dll 2012-11-15 01:51 . 2012-11-15 01:51 44032 ----a-w- c:windowssystem32tsgqec.dll 2012-11-15 01:51 . 2012-11-15 01:51 43520 ----a-w- c:windowssystem32TsUsbGDCoInstaller.dll 2012-11-15 01:51 . 2012-11-15 01:51 384000 ----a-w- c:windowssystem32wksprt.exe 2012-11-15 01:51 . 2012-11-15 01:51 37376 ----a-w- c:windowsSysWow64tsgqec.dll 2012-11-15 01:51 . 2012-11-15 01:51 322560 ----a-w- c:windowssystem32aaclient.dll 2012-11-15 01:51 . 2012-11-15 01:51 3174912 ----a-w- c:windowssystem32rdpcorets.dll 2012-11-15 01:51 . 2012-11-15 01:51 269312 ----a-w- c:windowsSysWow64aaclient.dll 2012-11-15 01:51 . 2012-11-15 01:51 243200 ----a-w- c:windowssystem32rdpudd.dll 2012-11-15 01:51 . 2012-11-15 01:51 228864 ----a-w- c:windowssystem32rdpendp_winip.dll 2012-11-15 01:51 . 2012-11-15 01:51 19456 ----a-w- c:windowssystem32driversrdpvideominiport.sys 2012-11-15 01:51 . 2012-11-15 01:51 192000 ----a-w- c:windowsSysWow64rdpendp_winip.dll 2012-11-15 01:51 . 2012-11-15 01:51 18432 ----a-w- c:windowssystem32wksprtPS.dll 2012-11-15 01:51 . 2012-11-15 01:51 16896 ----a-w- c:windowsSysWow64wksprtPS.dll 2012-11-15 01:51 . 2012-11-15 01:51 15360 ----a-w- c:windowssystem32RdpGroupPolicyExtension.dll 2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyExtension.dll 2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyControl.exe 2012-11-15 01:51 . 2012-11-15 01:51 1123840 ----a-w- c:windowssystem32mstsc.exe 2012-11-15 01:51 . 2012-11-15 01:51 1048064 ----a-w- c:windowsSysWow64mstsc.exe 2012-11-15 01:50 . 2012-11-15 01:50 96768 ----a-w- c:windowsSysWow64sspicli.dll 2012-11-15 01:50 . 2012-11-15 01:50 458712 ----a-w- c:windowssystem32driverscng.sys 2012-11-15 01:50 . 2012-11-15 01:50 340992 ----a-w- c:windowssystem32schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 307200 ----a-w- c:windowssystem32ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 247808 ----a-w- c:windowsSysWow64schannel.dll 2012-11-15 01:50 . 2012-11-15 01:50 220160 ----a-w- c:windowsSysWow64ncrypt.dll 2012-11-15 01:50 . 2012-11-15 01:50 22016 ----a-w- c:windowsSysWow64secur32.dll 2012-11-15 01:50 . 2012-11-15 01:50 154480 ----a-w- c:windowssystem32driversksecpkg.sys 2012-11-15 01:50 . 2012-11-15 01:50 1448448 ----a-w- c:windowssystem32lsasrv.dll 2012-11-15 01:49 . 2012-11-15 01:49 514560 ----a-w- c:windowsSysWow64qdvd.dll 2012-11-15 01:49 . 2012-11-15 01:49 366592 ----a-w- c:windowssystem32qdvd.dll 2012-11-14 20:32 . 2012-11-14 20:32 30568 ----a-w- c:windowssystem32driversavgtpx64.sys 2012-11-01 18:31 . 2012-11-01 18:31 40712 ----a-w- c:windowssystem32driverstaphss6.sys 2012-11-01 18:25 . 2012-11-01 18:25 42248 ----a-w- c:windowssystem32drivershssdrv6.sys 2012-10-30 23:50 . 2012-08-03 22:43 285328 ----a-w- c:windowssystem32aswBoot.exe 2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:windowsSysWow64QuickTimeVR.qtx 2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:windowsSysWow64QuickTime.qts 2012-10-22 22:34 . 2012-10-22 22:34 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll 2012-10-22 22:34 . 2012-10-22 22:35 821736 ----a-w- c:windowsSysWow64npDeployJava1.dll 2012-10-22 22:34 . 2012-10-22 22:35 746984 ----a-w- c:windowsSysWow64deployJava1.dll 2012-10-17 13:39 . 2012-10-17 13:39 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCore-2Microsoft.MediaCenter.Sports.UI.dll 2012-10-17 13:39 . 2012-10-17 13:39 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkup-2markup.dll 2012-10-17 13:37 . 2012-10-17 13:37 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSM-2StartResources.dll 2012-10-16 08:38 . 2012-12-13 11:57 135168 ----a-w- c:windowsapppatchAppPatch64AcXtrnal.dll 2012-10-16 08:38 . 2012-12-13 11:57 350208 ----a-w- c:windowsapppatchAppPatch64AcLayers.dll 2012-10-16 07:39 . 2012-12-13 11:57 561664 ----a-w- c:windowsapppatchAcLayers.dll 2012-10-09 18:17 . 2012-11-15 12:36 55296 ----a-w- c:windowssystem32dhcpcsvc6.dll 2012-10-09 18:17 . 2012-11-15 12:36 226816 ----a-w- c:windowssystem32dhcpcore6.dll 2012-10-09 17:40 . 2012-11-15 12:36 44032 ----a-w- c:windowsSysWow64dhcpcsvc6.dll 2012-10-09 17:40 . 2012-11-15 12:36 193536 ----a-w- c:windowsSysWow64dhcpcore6.dll 2012-10-06 20:26 . 2012-10-06 20:26 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkupmarkup.dll 2012-10-06 20:26 . 2012-10-06 20:26 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSMStartResources.dll 2012-10-06 20:26 . 2012-10-06 20:26 539984 ----a-w- c:programdataMicrosofteHomePackagesMCESpotlightMCESpotlightSpotlightResources.dll 2012-10-04 16:40 . 2012-12-13 11:58 44032 ----a-w- c:windowsapppatchacwow64.dll 2012-10-03 17:56 . 2012-11-17 17:59 1914248 ----a-w- c:windowssystem32driverstcpip.sys 2012-10-03 17:44 . 2012-11-17 17:59 70656 ----a-w- c:windowssystem32nlaapi.dll 2012-10-03 17:44 . 2012-11-17 17:59 303104 ----a-w- c:windowssystem32nlasvc.dll 2012-10-03 17:44 . 2012-11-17 17:59 246272 ----a-w- c:windowssystem32netcorehc.dll 2012-10-03 17:44 . 2012-11-17 17:59 18944 ----a-w- c:windowssystem32netevent.dll 2012-10-03 17:44 . 2012-11-17 17:59 216576 ----a-w- c:windowssystem32ncsi.dll 2012-10-03 17:42 . 2012-11-17 17:59 569344 ----a-w- c:windowssystem32iphlpsvc.dll 2012-10-03 16:42 . 2012-11-17 17:59 18944 ----a-w- c:windowsSysWow64netevent.dll 2012-10-03 16:42 . 2012-11-17 17:59 175104 ----a-w- c:windowsSysWow64netcorehc.dll 2012-10-03 16:42 . 2012-11-17 17:59 156672 ----a-w- c:windowsSysWow64ncsi.dll 2012-10-03 16:07 . 2012-11-17 17:59 45568 ----a-w- c:windowssystem32driverstcpipreg.sys 2012-09-25 22:47 . 2012-11-15 12:31 78336 ----a-w- c:windowsSysWow64synceng.dll 2012-09-25 22:46 . 2012-11-15 12:31 95744 ----a-w- c:windowssystem32synceng.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{30C456C5-0E73-2343-38F0-D9F9CF8B0F52}] 2012-10-28 14:44 129024 ----a-w- c:programdataVaudix508d44c452574.ocx . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE}] 2012-10-28 14:36 129024 ----a-w- c:programdataVaudix508d42f54b62d.ocx . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar] "{8945176c-2823-4272-9735-873e75bfe1b4}"= "c:program files (x86)APlusGamer_63bar1.bin63bar.dll" [bU] . [HKEY_CLASSES_ROOTclsid{8945176c-2823-4272-9735-873e75bfe1b4}] . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "IDMan"="c:program files (x86)Internet Download ManagerIDMan.exe" [2012-09-01 3528128] "Xvid"="c:program files (x86)XvidCheckUpdate.exe" [2011-01-17 8192] "AnyDVD"="c:program files (x86)SlySoftAnyDVDAnyDVDtray.exe" [2012-11-23 6663840] "Spotify Web Helper"="c:usersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe" [2012-10-28 1199576] "NETGEARGenie"="c:program files (x86)NETGEAR GeniebinNETGEARGenie.exe" [2012-10-16 1041736] . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun] "CLMLServer"="c:program files (x86)CyberLinkPower2GoCLMLSvc.exe" [2009-11-02 103720] "Samsung PanelMgr"="c:windowsSamsungPanelMgrSSMMgr.exe" [2010-06-08 618496] "UVS10 Preload"="c:program files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe" [2006-03-07 36864] "UpdatePPShortCut"="c:program files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" [2009-05-20 222504] "Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848] "APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-10-12 59280] "PowerDVD12DMREngine"="c:program files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [2012-09-19 505872] "PowerDVD12Agent"="c:program files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [2012-09-19 374560] "QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-10-25 421888] "avast"="c:program filesAVAST SoftwareAvastavastUI.exe" [2012-10-30 4297136] . c:usersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup MagicDisc.lnk - c:program files (x86)MagicDiscMagicDisc.exe [2012-9-15 576000] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:windowsSysWOW64nvinit.dll . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32] "wave6"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944] R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:windowssystem32DRIVERSAVerPola.sys [2011-01-04 534144] R3 BBUpdate;BBUpdate;c:program files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe [2012-02-10 240408] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:program filesIntelWiFibinPanDhcpDns.exe [2011-01-05 340240] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2012-11-15 19456] R3 Samsung UPD Service;Samsung UPD Service;c:windowsSystem32SUPDSvc.exe [2010-08-09 166704] R3 StkCMini;Syntek AVStream USB2.0 ATV;c:windowssystem32DriversStkCMini.sys [2010-04-16 1816968] R3 SWDUMon;SWDUMon;c:windowssystem32DRIVERSSWDUMon.sys [2012-12-18 15712] R3 taphss6;Anchorfree HSS VPN Adapter;c:windowssystem32DRIVERStaphss6.sys [2012-11-01 40712] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2012-11-15 57856] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2012-07-25 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32DRIVERSwdcsam64.sys [2008-05-06 14464] R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:windowssystem32DRIVERSnvpciflt.sys [2010-12-14 25576] S0 SmartDefragDriver;SmartDefragDriver;c:windowsSystem32DriversSmartDefragDriver.sys [2010-11-26 17720] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-14 30568] S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:windowssystem32DriversSABI.sys [2009-05-28 13824] S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34];c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-09-19 22:12 147704] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2012-10-30 71600] S2 BBSvc;BingBar Service;c:program files (x86)MicrosoftBingBar7.1.361.0BBSvc.exe [2012-02-10 193816] S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-09-19 90640] S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-09-19 78352] S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-09-19 295440] S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:program filesIntelWiMAXBinDMAgent.exe [2011-06-06 498688] S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.sys [2012-08-02 158944] S2 MBAMScheduler;MBAMScheduler;c:program files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [2012-09-30 399432] S2 MBAMService;MBAMService;c:program files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2012-09-30 676936] S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:program files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe [2012-09-25 231752] S2 nlsX86cc;Nalpeiron Licensing Service;c:windowsSysWOW64nlssrv32.exe [2010-11-22 66560] S2 ntk_PowerDVD12;ntk_PowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-06-20 83704] S2 UNS;Intel® Management and Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-10-06 2655768] S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:program filesIntelWiMAXBinAppSrv.exe [2011-06-06 986112] S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:windowssystem32DRIVERSbpenum.sys [2011-05-19 84480] S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:windowssystem32DRIVERSbpmp.sys [2011-05-19 182272] S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:windowssystem32Driversbpusb.sys [2011-05-19 83968] S3 clwvd;CyberLink WebCam Virtual Driver;c:windowssystem32DRIVERSclwvd.sys [2010-11-10 31088] S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys [2010-11-12 138024] S3 IntcDAud;Intel® Display Audio;c:windowssystem32DRIVERSIntcDAud.sys [2010-10-15 317440] S3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [2012-09-30 25928] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:windowssystem32DRIVERSnusb3hub.sys [2010-10-11 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:windowssystem32DRIVERSnusb3xhc.sys [2010-10-11 180736] S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2011-06-10 539240] S3 wdkmd;Intel WiDi KMD;c:windowssystem32DRIVERSWDKMD.sys [2010-11-30 42392] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - NPF . Contents of the 'Scheduled Tasks' folder . 2012-12-18 c:windowsTasksAdobe Flash Player Updater.job - c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-31 17:57] . 2012-12-18 c:windowsTasksSlimDrivers Startup.job - c:program files (x86)SlimDriversSlimDrivers.exe [2012-10-14 21:29] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 23:50 133400 ----a-w- c:program filesAVAST SoftwareAvastashShA64.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersIDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOTCLSID{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 23432 ----a-w- c:program files (x86)Internet Download ManagerIDMShellExt64.dll . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "IgfxTray"="c:windowssystem32igfxtray.exe" [2011-01-04 167960] "HotKeysCmds"="c:windowssystem32hkcmd.exe" [2011-01-04 391704] "Persistence"="c:windowssystem32igfxpers.exe" [2011-01-04 417304] "RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2010-11-30 11660904] "IntelWireless"="c:program filesCommon FilesIntelWirelessCommoniFrmewrk.exe" [2011-01-05 1933584] "ETDCtrl"="c:program files (x86)ElantechETDCtrl.exe" [bU] "IntelWirelessWiMAX"="c:program filesIntelWiMAXBinWiMAXCU.exe" [2011-06-02 1622016] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows] "AppInit_DLLs"=c:windowsSystem32nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:windowssystem32blank.htm mStart Page = hxxp://samsung.msn.com mLocal Page = c:windowsSysWOW64blank.htm IE: Download all links with IDM - c:program files (x86)Internet Download ManagerIEGetAll.htm IE: Download with IDM - c:program files (x86)Internet Download ManagerIEExt.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default FF - ExtSQL: 2012-11-04 18:39; 50970cb9d50ba@50970cb9d50f3.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions50970cb9d50ba@50970cb9d50f3.com.xpi FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com FF - ExtSQL: 2012-12-16 16:53; wrc@avast.com; c:program filesAVAST SoftwareAvastWebRepFF FF - ExtSQL: !HIDDEN! 2012-11-12 13:26; 63ffxtbr@APlusGamer_63.com; c:program files (x86)APlusGamer_63bar1.bin FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:program files (x86)MindDabble_4pbar1.bin . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) . . . [HKEY_LOCAL_MACHINESYSTEMControlSet001services{73526619-C24F-470B-9BED-53D455FBB5C6}] "ImagePath"="??c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):c5,88,12,3d,a1,66,02,aa,b6,69,27,77,2a,36,ce,6b,62,5d,c5,5b,dd, 32,c3,0e,3c,fd,35,14,a9,f8,c3,8a,76,15,a2,42,fb,fb,4e,66,00,00,00,00,00,00, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):92,20,a6,2c,ac,da,97,ad,d1,24,a3,f8,5b,7f,d7,fc,ab,59,6e,1b,bf, 51,95,0a,ae,4d,7b,37,63,5b,fa,ad,73,d0,1a,32,83,42,de,9e,00,00,00,00,00,00, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{b5572adb-f71b-41a1-ad6e-0832b120e9ea}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:000000f0 "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,85,b1,12,f9,90,dd,23,a1,46,8f,3c,f2,5c,68,ee,21,c4,91,5d,38,fc,54, . [HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{c9fa1039-b2b9-4ecb-85ad-32f7d18bc0ed}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000012c "Therad"=dword:00000001 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68, . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus] @="0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:program filesAVAST SoftwareAvastAvastSvc.exe c:program files (x86)Common FilesAdobeARM1.0armsvc.exe c:program files (x86)Malwarebytes' Anti-Malwarembamgui.exe c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe c:program files (x86)CyberLinkShared filesRichVideo.exe c:program files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe c:program files (x86)SamsungEasy Display ManagerWifiManager.exe c:program files (x86)CyberLinkYouCamYCMMirage.exe c:program files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe c:program files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe c:program files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe c:program files (x86)SamsungSamsung Support CenterSSCKbdHk.exe c:program files (x86)SamsungSamsung Update PlusSUPBackground.exe . ************************************************************************** . Completion time: 2012-12-18 12:54:06 - machine was rebooted ComboFix-quarantined-files.txt 2012-12-18 18:54 ComboFix2.txt 2012-12-11 00:42 ComboFix3.txt 2012-12-03 17:11 . Pre-Run: 70,461,120,512 bytes free Post-Run: 69,844,963,328 bytes free . - - End Of File - - 5AA7B7A2BCB6992362D1694C17AC39A4 CKScanner 2.1 - Additional Security Risks - These are not necessarily bad c:new folder (2)desktopaudio record wizard 3.99 inc crack - mast3r-.rar c:new folder (2)desktop itemsdesktopaudio record wizard 3.99 inc crack - mast3r-.rar c:new folder (2)geek squad backup 07.09.2012backup continuedadobeadobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html c:new folder (2)geek squad backup 07.09.2012downloadsprogramsaudio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe c:program filesgimp 2sharegimp2.0patternscracked.pat c:program files (x86)kurzweil educational systemskurzweil 3000crack.exe c:qooboxquarantinecnew folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe.vir c:qooboxquarantinecnew folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo.vir c:qooboxquarantinecnew folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url.vir c:qooboxquarantinecnew folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo.vir c:qooboxquarantinecnew folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url.vir c:qooboxquarantinecnew folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe.vir c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe.vir c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo.vir c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url.vir c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo.vir c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url.vir c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgavsaudioeditor.exe.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgf4cg.nfo.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgread me.txt.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgsetup.exe.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]chattchitto rg.nfo.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]chattchitto rg.url.vir c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]copyto v5.1.0.2 + crack [ch
  13. Hello JonTom Here is the next log, CKScanner 2.1 - Additional Security Risks - These are not necessarily bad c:new folder (2)desktopaudio record wizard 3.99 inc crack - mast3r-.rar c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe c:new folder (2)desktop itemsdesktopaudio record wizard 3.99 inc crack - mast3r-.rar c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgavsaudioeditor.exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgf4cg.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgread me.txt c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgsetup.exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]chattchitto rg.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]chattchitto rg.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]copyto v5.1.0.2 + crack [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]chattchitto rg.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]chattchitto rg.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]digitalrescue.exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]chattchitto rg.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]chattchitto rg.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]dvdfab platinum v8.1.6.8 + crack [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]chattchitto rg.nfo c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]chattchitto rg.url c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]dvdfab platinum v8.1.7.3 + crack [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackinstall how to.txt c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackreadme.txt c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackulead videostudio plus 11.5 + keygen & dolby digital powerpack.uif c:new folder (2)geek squad backup 07.09.2012backup continuedadobeadobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-arw3 setup.exe c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-crack instructions.txt c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-lucid.nfo c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-crackarwizard3.exe c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ].rar c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]avsinstallpack.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]instructions.txt c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsaudioeditoravsaudioeditor.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsaudiorecorderavsaudiorecorder.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsdisccreatoravsdisccreator.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsdocumentconverteravsdocumentconverter.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsdvdcopyavsdvdcopy.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsimageconverteravsexplorerextension.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsimageconverteravsimageconverter.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsphotoeditoravsphotoeditor.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsregistrycleaneravsregistrycleaner.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsringtonemakeravsringtonemaker.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsscreencaptureavsscreencapture.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsvideoconverteravsvideoconverter.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsvideoeditoravsvideoeditor.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsvideorecorderavsvideorecorder.exe c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsvideoremakeravsvideoremaker.exe c:new folder (2)geek squad backup 07.09.2012downloadsclonedvd 4crackconfigure.dll c:new folder (2)geek squad backup 07.09.2012downloadsclonedvd 4crackoptionalmainapp.dll c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvpowerdvd 10 ultra 3d build 1516.51 - cracked.exe c:new folder (2)geek squad backup 07.09.2012downloadsinternet.download.manager.v6.07.final.build.12.incl.keygen.and.patch-sndsndidman607.exe c:new folder (2)geek squad backup 07.09.2012downloadslanguagesrosetta stone v3.3.5 for windowsrosetta stone v3.3.5 for windowscrackrosettastoneversion3.exe c:new folder (2)geek squad backup 07.09.2012downloadsprogramsaudio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]description and installation instructions.txt c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]globalerrors.log c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]idman.exe c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]idman611.exe c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]crackidman.exe c:program filesgimp 2sharegimp2.0patternscracked.pat c:program files (x86)kurzweil educational systemskurzweil 3000crack.exe c:usersowneraudio record wizard 3.99 inc crack - mast3r-.rar c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-theta!!mreader.exe c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaangrybirdsrioinstaller_1.4.0.exe c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaread me.txt c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetatheta.nfo c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetapatchpatch.exe c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetapatchreadme.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-theta!!mreader.exe c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaangrybirdsseasonsinstaller_2.4.1.exe c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatheta.nfo c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from 1337x.org.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from ahashare.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from btarena.org.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from demonoid.me.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from extratorrent.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from h33t.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from isohunt.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from kat.ph.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from rarbg.com.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from thepiratebay.se.txt c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetapatchpatch.exe c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetapatchreadme.txt c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaangrybirdsspaceinstaller_1.3.0.exe c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetatheta.nfo c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetatorrent downloaded from extratorrent.com.txt c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetapatchpatch.exe c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetapatchreadme.txt c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordaudio record wizard 3.99 inc crack - mast3r-arw3 setup.exe c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordaudio record wizard 3.99 inc crack - mast3r-crack instructions.txt c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordaudio record wizard 3.99 inc crack - mast3r-lucid.nfo c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordaudio record wizard 3.99 inc crack - mast3r-crackarwizard3.exe c:usersownerbad.piggies.v1.0.0.cracked-thetabadpiggiesinstaller_1.0.0.exe c:usersownerbad.piggies.v1.0.0.cracked-thetatheta.nfo c:usersownerbad.piggies.v1.0.0.cracked-thetatorrent downloaded from extratorrent.com.txt c:usersownerbad.piggies.v1.0.0.cracked-thetapatchpatch.exe c:usersownerdownloadsprogramsadobe master collection cs6 - crack only (fast & easy)_secure.exe c:usersownerdownloadsprogramsanydvd & anydvd hd v7.0.5.0 final + crack [chattchitto rg].exe c:usersownerdownloadsvideoyahoo! video detail for harry caray on crackerjacks.flv c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]chattchitto rg.nfo c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]chattchitto rg.url c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]dvdfab platinum v8.2.1.3 + crack [chattchitto rg].exe c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]chattchitto rg.nfo c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]chattchitto rg.url c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]dvdfab platinum v8.2.1.5 + crack [chattchitto rg].exe scanner sequence 3.ZZ.11.BEAPXR ----- EOF -----
×
×
  • Create New...