Jump to content
Sign in to follow this  
goofy1139

My computer is running soo slow and internet wont goto address I type

Recommended Posts

Hello goofy1139

 

I have not ran the posted in 18 yet, but i will this afternoon

Please do, it is important that we remove all of the malware from your machine.

 

When you run the script, combofix may notify you that an internet connection is required. Even if you cannot connect to the net, allow combofix to proceed.

 

Once the script has been run, please follow with the following tool:

 

 

Please download MiniToolBox, save it to your desktop and run it.

 

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

 

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

 

Please post the combofix log and the MiniToolBox log in your next reply.

Share this post


Link to post
Share on other sites

Hello JonTom,

 

here are the logs. sorry about the wait.

 

ComboFix 12-12-02.01 - Owner 12/10/2012 18:13:00.2.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6055.4681 [GMT -6:00]

Running from: c:usersOwnerDesktopComboFix.exe

Command switches used :: c:usersOwnerDesktopCFScript.txt

AV: ZoneAlarm Antivirus *Enabled/Outdated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}

FW: ZoneAlarm Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: ZoneAlarm Anti-Spyware *Enabled/Outdated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}

.

- REDUCED FUNCTIONALITY MODE -

.

FILE ::

"c:programdataVaudix508d42f54b62d.ocx"

"c:programdataVaudix508d44c452574.ocx"

.

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:program files (x86)Hosts_Anti_Adwares_PUPs

c:program files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware.exe

c:program files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware_main.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-11-11 to 2012-12-11 )))))))))))))))))))))))))))))))

.

.

2012-12-11 00:14 . 2012-12-11 00:14 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp

2012-12-11 00:14 . 2012-12-11 00:14 -------- d-----w- c:usersDefaultAppDataLocaltemp

2012-12-10 15:12 . 2012-12-10 15:12 -------- d-----w- C:FRACTURE EXTRAS

2012-12-05 17:06 . 2012-11-29 08:27 96224 ----a-w- c:program files (x86)Mozilla Firefoxwebapprt-stub.exe

2012-12-05 17:06 . 2012-11-29 08:27 270816 ----a-w- c:program files (x86)Mozilla Firefoxupdater.exe

2012-12-05 17:06 . 2012-11-29 08:27 157272 ----a-w- c:program files (x86)Mozilla Firefoxwebapp-uninstaller.exe

2012-12-05 17:06 . 2012-11-29 08:27 73696 ----a-w- c:program files (x86)Mozilla Firefoxbreakpadinjector.dll

2012-11-30 15:39 . 2012-11-30 21:47 -------- d-----w- c:program files (x86)Malwarebytes' Anti-Malware

2012-11-30 15:39 . 2012-09-30 01:54 25928 ----a-w- c:windowssystem32driversmbam.sys

2012-11-30 14:16 . 2012-11-30 14:16 -------- d-----w- c:windowsERUNT

2012-11-30 14:15 . 2012-12-06 01:06 -------- d-----w- C:JRT

2012-11-27 17:18 . 2012-11-27 17:18 -------- d-----w- C:FRST

2012-11-25 02:04 . 2012-12-05 19:46 -------- d-----w- c:usersOwnerAppDataLocalElevatedDiagnostics

2012-11-24 14:58 . 2011-05-30 13:42 240640 ----a-w- c:windowsSysWow64xvidvfw.dll

2012-11-24 14:58 . 2011-05-30 13:42 255488 ----a-w- c:windowssystem32xvidvfw.dll

2012-11-24 14:58 . 2011-05-23 09:52 153088 ----a-w- c:windowsSysWow64xvid.ax

2012-11-24 14:58 . 2011-05-23 07:49 173568 ----a-w- c:windowssystem32xvid.ax

2012-11-24 14:58 . 2011-05-23 07:46 645632 ----a-w- c:windowsSysWow64xvidcore.dll

2012-11-24 14:58 . 2011-05-23 07:45 696832 ----a-w- c:windowssystem32xvidcore.dll

2012-11-24 14:57 . 2012-11-24 14:57 -------- d-----w- c:usersOwner.bitrock

2012-11-24 01:49 . 2012-11-24 14:58 -------- d-----w- c:program files (x86)Xvid

2012-11-21 18:48 . 2010-11-26 23:02 17720 ----a-w- c:windowssystem32driversSmartDefragDriver.sys

2012-11-21 14:17 . 2012-11-21 14:19 -------- d-----w- c:program files (x86)MeadCo Neptune

2012-11-20 22:21 . 2012-01-10 00:59 11864 ----a-w- c:windowssystem32driverskl2.sys

2012-11-20 22:21 . 2012-01-10 00:59 460888 ----a-w- c:windowssystem32driverskl1.sys

2012-11-20 22:16 . 2012-01-10 00:59 485680 ----a-w- c:windowssystem32driversklif.sys

2012-11-20 22:16 . 2012-11-20 22:21 -------- dc----w- c:windowssystem32DRVSTORE

2012-11-20 22:15 . 2012-11-20 22:15 -------- d-----w- c:usersOwnerAppDataRoamingCheckPoint

2012-11-20 22:14 . 2012-11-20 22:14 -------- d-----w- c:program filesCheckPoint

2012-11-20 21:46 . 2012-11-20 22:16 -------- d-----w- c:program files (x86)CheckPoint

2012-11-20 21:46 . 2012-11-20 21:46 -------- d-----w- c:programdataCheckPoint

2012-11-20 18:23 . 2012-11-20 18:23 -------- d-----w- c:usersOwnerAppDataRoamingMalwarebytes

2012-11-20 18:22 . 2012-11-20 18:22 -------- d-----w- c:programdataMalwarebytes

2012-11-20 16:27 . 2012-11-20 16:27 -------- d-----w- c:programdataPCPitstop

2012-11-20 16:25 . 2012-11-21 15:57 -------- d-----w- c:program files (x86)PCPitstop

2012-11-20 12:55 . 2012-11-08 17:24 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{981D4DA8-857B-4241-8D4D-3835FDF581A0}mpengine.dll

2012-11-20 11:53 . 2012-11-20 11:53 -------- d-----w- c:usersOwnerAppDataRoamingConverterLite

2012-11-20 01:03 . 2012-11-20 01:03 -------- d-----w- c:usersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012)

2012-11-17 21:22 . 2012-11-17 21:22 -------- d-----w- c:usersOwner.thumbnails

2012-11-17 21:20 . 2012-11-17 21:20 -------- d-----w- c:usersOwnerAppDataLocalfontconfig

2012-11-17 21:20 . 2012-11-17 21:38 -------- d-----w- c:usersOwner.gimp-2.8

2012-11-17 21:20 . 2012-11-17 21:20 -------- d-----w- c:usersOwnerAppDataLocalgegl-0.2

2012-11-17 21:18 . 2012-11-17 21:19 -------- d-----w- c:program filesGIMP 2

2012-11-17 17:59 . 2012-10-03 17:56 1914248 ----a-w- c:windowssystem32driverstcpip.sys

2012-11-17 17:59 . 2012-10-03 17:44 246272 ----a-w- c:windowssystem32netcorehc.dll

2012-11-17 17:59 . 2012-10-03 17:44 216576 ----a-w- c:windowssystem32ncsi.dll

2012-11-17 17:59 . 2012-10-03 17:42 569344 ----a-w- c:windowssystem32iphlpsvc.dll

2012-11-17 17:59 . 2012-10-03 16:42 156672 ----a-w- c:windowsSysWow64ncsi.dll

2012-11-17 17:59 . 2012-10-03 17:44 70656 ----a-w- c:windowssystem32nlaapi.dll

2012-11-17 17:59 . 2012-10-03 17:44 303104 ----a-w- c:windowssystem32nlasvc.dll

2012-11-17 17:59 . 2012-10-03 17:44 18944 ----a-w- c:windowssystem32netevent.dll

2012-11-17 17:59 . 2012-10-03 16:42 18944 ----a-w- c:windowsSysWow64netevent.dll

2012-11-17 17:59 . 2012-10-03 16:42 175104 ----a-w- c:windowsSysWow64netcorehc.dll

2012-11-17 17:59 . 2012-10-03 16:07 45568 ----a-w- c:windowssystem32driverstcpipreg.sys

2012-11-17 17:59 . 2012-01-13 07:12 52224 ----a-w- c:windowsSysWow64nlaapi.dll

2012-11-16 02:35 . 2012-07-26 04:47 2560 ----a-w- c:windowssystem32driversen-USwdf01000.sys.mui

2012-11-16 02:35 . 2012-07-26 04:55 785512 ----a-w- c:windowssystem32driversWdf01000.sys

2012-11-16 02:35 . 2012-07-26 04:55 54376 ----a-w- c:windowssystem32driversWdfLdr.sys

2012-11-16 02:35 . 2012-07-26 02:36 9728 ----a-w- c:windowssystem32Wdfres.dll

2012-11-16 02:29 . 2012-07-26 03:08 84992 ----a-w- c:windowssystem32WUDFSvc.dll

2012-11-16 02:29 . 2012-07-26 03:08 194048 ----a-w- c:windowssystem32WUDFPlatform.dll

2012-11-16 02:29 . 2012-07-26 02:26 87040 ----a-w- c:windowssystem32driversWUDFPf.sys

2012-11-16 02:29 . 2012-07-26 02:26 198656 ----a-w- c:windowssystem32driversWUDFRd.sys

2012-11-16 02:29 . 2012-07-26 03:08 45056 ----a-w- c:windowssystem32WUDFCoinstaller.dll

2012-11-16 02:29 . 2012-07-26 03:08 229888 ----a-w- c:windowssystem32WUDFHost.exe

2012-11-16 02:29 . 2012-07-26 03:08 744448 ----a-w- c:windowssystem32WUDFx.dll

2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin7.dll

2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin6.dll

2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin5.dll

2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin4.dll

2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin3.dll

2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin2.dll

2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin.dll

2012-11-16 02:15 . 2012-11-16 02:15 -------- d-----w- c:program files (x86)QuickTime

2012-11-15 12:36 . 2012-10-09 18:17 55296 ----a-w- c:windowssystem32dhcpcsvc6.dll

2012-11-15 12:36 . 2012-10-09 18:17 226816 ----a-w- c:windowssystem32dhcpcore6.dll

2012-11-15 12:36 . 2012-10-09 17:40 44032 ----a-w- c:windowsSysWow64dhcpcsvc6.dll

2012-11-15 12:36 . 2012-10-09 17:40 193536 ----a-w- c:windowsSysWow64dhcpcore6.dll

2012-11-15 12:36 . 2012-10-18 18:25 3149824 ----a-w- c:windowssystem32win32k.sys

2012-11-15 12:31 . 2012-09-25 22:47 78336 ----a-w- c:windowsSysWow64synceng.dll

2012-11-15 12:31 . 2012-09-25 22:46 95744 ----a-w- c:windowssystem32synceng.dll

2012-11-15 01:50 . 2012-11-15 01:50 96768 ----a-w- c:windowsSysWow64sspicli.dll

2012-11-15 01:50 . 2012-11-15 01:50 458712 ----a-w- c:windowssystem32driverscng.sys

2012-11-15 01:50 . 2012-11-15 01:50 340992 ----a-w- c:windowssystem32schannel.dll

2012-11-15 01:50 . 2012-11-15 01:50 307200 ----a-w- c:windowssystem32ncrypt.dll

2012-11-15 01:50 . 2012-11-15 01:50 247808 ----a-w- c:windowsSysWow64schannel.dll

2012-11-15 01:50 . 2012-11-15 01:50 220160 ----a-w- c:windowsSysWow64ncrypt.dll

2012-11-15 01:50 . 2012-11-15 01:50 22016 ----a-w- c:windowsSysWow64secur32.dll

2012-11-15 01:50 . 2012-11-15 01:50 154480 ----a-w- c:windowssystem32driversksecpkg.sys

2012-11-15 01:50 . 2012-11-15 01:50 1448448 ----a-w- c:windowssystem32lsasrv.dll

2012-11-15 01:49 . 2012-11-15 01:49 514560 ----a-w- c:windowsSysWow64qdvd.dll

2012-11-15 01:49 . 2012-11-15 01:49 366592 ----a-w- c:windowssystem32qdvd.dll

2012-11-14 20:32 . 2012-11-14 20:32 30568 ----a-w- c:windowssystem32driversavgtpx64.sys

2012-11-14 20:30 . 2012-12-11 00:16 15712 ----a-w- c:windowssystem32driversSWDUMon.sys

2012-11-14 20:30 . 2012-11-14 20:30 -------- d-----w- c:usersOwnerAppDataLocalSlimWare Utilities Inc

2012-11-14 20:29 . 2012-11-14 20:29 -------- d--h--w- c:programdataCommon Files

2012-11-14 20:29 . 2012-11-14 20:29 -------- d-----w- c:program files (x86)SlimDrivers

2012-11-12 21:06 . 2012-11-30 17:06 -------- d-----w- c:usersOwnerAppDataLocalMindDabble_4p

2012-11-12 21:06 . 2012-11-12 21:06 -------- d-----w- c:program files (x86)MindDabble_4p

2012-11-12 19:26 . 2012-11-12 19:26 -------- d-----w- c:usersOwnerAppDataLocalAPlusGamer_63

2012-11-12 19:26 . 2012-11-12 19:26 -------- d-----w- c:program files (x86)APlusGamer_63

2012-11-12 19:05 . 2012-11-12 19:05 -------- d-----w- c:program files (x86)BrainTrainAge

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-11-24 01:35 . 2012-10-06 20:26 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll

2012-11-18 22:46 . 2012-07-31 00:28 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl

2012-11-18 22:46 . 2012-07-31 00:28 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe

2012-11-15 12:25 . 2012-07-25 12:45 66395536 ----a-w- c:windowssystem32MRT.exe

2012-10-30 23:50 . 2012-08-03 22:43 285328 ----a-w- c:windowssystem32aswBoot.exe

2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:windowsSysWow64QuickTimeVR.qtx

2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:windowsSysWow64QuickTime.qts

2012-10-22 22:34 . 2012-10-22 22:34 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll

2012-10-22 22:34 . 2012-10-22 22:35 821736 ----a-w- c:windowsSysWow64npDeployJava1.dll

2012-10-22 22:34 . 2012-10-22 22:35 746984 ----a-w- c:windowsSysWow64deployJava1.dll

2012-10-17 13:39 . 2012-10-17 13:39 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCore-2Microsoft.MediaCenter.Sports.UI.dll

2012-10-17 13:39 . 2012-10-17 13:39 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkup-2markup.dll

2012-10-17 13:37 . 2012-10-17 13:37 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSM-2StartResources.dll

2012-10-06 20:26 . 2012-10-06 20:26 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkupmarkup.dll

2012-10-06 20:26 . 2012-10-06 20:26 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSMStartResources.dll

2012-10-06 20:26 . 2012-10-06 20:26 539984 ----a-w- c:programdataMicrosofteHomePackagesMCESpotlightMCESpotlightSpotlightResources.dll

2012-09-14 19:19 . 2012-10-12 13:06 2048 ----a-w- c:windowssystem32tzres.dll

2012-09-14 18:28 . 2012-10-12 13:06 2048 ----a-w- c:windowsSysWow64tzres.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{30C456C5-0E73-2343-38F0-D9F9CF8B0F52}]

2012-10-28 14:44 129024 ----a-w- c:programdataVaudix508d44c452574.ocx

.

[HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE}]

2012-10-28 14:36 129024 ----a-w- c:programdataVaudix508d42f54b62d.ocx

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar]

"{8945176c-2823-4272-9735-873e75bfe1b4}"= "c:program files (x86)APlusGamer_63bar1.bin63bar.dll" [bU]

.

[HKEY_CLASSES_ROOTclsid{8945176c-2823-4272-9735-873e75bfe1b4}]

.

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"IDMan"="c:new folder (2)Internet Download Manager v6.11. 8.1 (IDM) +Crack + Key [h33t][iahq76]IDMan.exe" [2010-05-26 16:16 3220912]

"Xvid"="c:program files (x86)XvidCheckUpdate.exe" [2011-01-17 8192]

"AnyDVD"="c:program files (x86)SlySoftAnyDVDAnyDVDtray.exe" [2012-11-23 6663840]

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]

"CLMLServer"="c:program files (x86)CyberLinkPower2GoCLMLSvc.exe" [2009-11-02 103720]

"Samsung PanelMgr"="c:windowsSamsungPanelMgrSSMMgr.exe" [2010-06-08 618496]

"UVS10 Preload"="c:program files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe" [2006-03-07 36864]

"UpdatePPShortCut"="c:program files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" [2009-05-20 222504]

"Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-27 919008]

"SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848]

"APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-10-12 59280]

"PowerDVD12DMREngine"="c:program files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [2012-09-19 505872]

"PowerDVD12Agent"="c:program files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [2012-09-19 374560]

"QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-10-25 421888]

.

c:usersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

MagicDisc.lnk - c:program files (x86)MagicDiscMagicDisc.exe [2012-9-15 576000]

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:windowsSysWOW64nvinit.dll

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32]

"wave6"=wdmaud.drv

.

R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-09-19 90640]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576]

R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944]

R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:windowssystem32DRIVERSAVerPola.sys [2011-01-04 534144]

R3 BBUpdate;BBUpdate;c:program files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe [2012-02-10 240408]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:program filesIntelWiFibinPanDhcpDns.exe [2011-01-05 340240]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2012-11-15 19456]

R3 Samsung UPD Service;Samsung UPD Service;c:windowsSystem32SUPDSvc.exe [2010-08-09 166704]

R3 StkCMini;Syntek AVStream USB2.0 ATV;c:windowssystem32DriversStkCMini.sys [2010-04-16 1816968]

R3 SWDUMon;SWDUMon;c:windowssystem32DRIVERSSWDUMon.sys [2012-12-11 15712]

R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2012-11-15 57856]

R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2012-07-25 1255736]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32DRIVERSwdcsam64.sys [2008-05-06 14464]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 57184]

S0 nvpciflt;nvpciflt;c:windowssystem32DRIVERSnvpciflt.sys [2010-12-14 25576]

S0 SmartDefragDriver;SmartDefragDriver;c:windowsSystem32DriversSmartDefragDriver.sys [2010-11-26 17720]

S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-14 30568]

S1 kl2;kl2;c:windowssystem32DRIVERSkl2.sys [2012-01-10 11864]

S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:windowssystem32DriversSABI.sys [2009-05-28 13824]

S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34];c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-09-19 22:12 147704]

S2 BBSvc;BingBar Service;c:program files (x86)MicrosoftBingBar7.1.361.0BBSvc.exe [2012-02-10 193816]

S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-09-19 78352]

S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-09-19 295440]

S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:program filesIntelWiMAXBinDMAgent.exe [2011-06-06 498688]

S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.sys [2012-08-02 158944]

S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:program filesCheckPointZAForceFieldISWKL.sys [2012-08-30 33712]

S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:program filesCheckPointZAForceFieldIswSvc.exe [2012-08-30 827560]

S2 MBAMScheduler;MBAMScheduler;c:program files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [2012-09-30 399432]

S2 MBAMService;MBAMService;c:program files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2012-09-30 676936]

S2 nlsX86cc;Nalpeiron Licensing Service;c:windowsSysWOW64nlssrv32.exe [2010-11-22 66560]

S2 ntk_PowerDVD12;ntk_PowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-06-20 83704]

S2 UNS;Intel® Management and Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-10-06 2655768]

S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:program filesIntelWiMAXBinAppSrv.exe [2011-06-06 986112]

S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:windowssystem32DRIVERSbpenum.sys [2011-05-19 84480]

S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:windowssystem32DRIVERSbpmp.sys [2011-05-19 182272]

S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:windowssystem32Driversbpusb.sys [2011-05-19 83968]

S3 clwvd;CyberLink WebCam Virtual Driver;c:windowssystem32DRIVERSclwvd.sys [2010-11-10 31088]

S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys [2010-11-12 138024]

S3 IntcDAud;Intel® Display Audio;c:windowssystem32DRIVERSIntcDAud.sys [2010-10-15 317440]

S3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [2012-09-30 25928]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:windowssystem32DRIVERSnusb3hub.sys [2010-10-11 80384]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:windowssystem32DRIVERSnusb3xhc.sys [2010-10-11 180736]

S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2011-06-10 539240]

S3 wdkmd;Intel WiDi KMD;c:windowssystem32DRIVERSWDKMD.sys [2010-11-30 42392]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-12-10 c:windowsTasksAdobe Flash Player Updater.job

- c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-31 22:46]

.

2012-12-11 c:windowsTasksSlimDrivers Startup.job

- c:program files (x86)SlimDriversSlimDrivers.exe [2012-10-14 21:29]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersIDM Shell Extension]

@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"

[HKEY_CLASSES_ROOTCLSID{CDC95B92-E27C-4745-A8C5-64A52A78855D}]

2012-02-08 00:49 23432 ----a-w- c:program files (x86)Internet Download ManagerIDMShellExt64.dll

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"IgfxTray"="c:windowssystem32igfxtray.exe" [2011-01-04 167960]

"HotKeysCmds"="c:windowssystem32hkcmd.exe" [2011-01-04 391704]

"Persistence"="c:windowssystem32igfxpers.exe" [2011-01-04 417304]

"RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2010-11-30 11660904]

"IntelWireless"="c:program filesCommon FilesIntelWirelessCommoniFrmewrk.exe" [2011-01-05 1933584]

"ETDCtrl"="c:program files (x86)ElantechETDCtrl.exe" [bU]

"IntelWirelessWiMAX"="c:program filesIntelWiMAXBinWiMAXCU.exe" [2011-06-02 1622016]

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]

"AppInit_DLLs"=c:windowsSystem32nvinitx.dll

.

------- Supplementary Scan -------

.

uLocal Page = c:windowssystem32blank.htm

uStart Page = hxxp://www.google.com

mStart Page = hxxp://samsung.msn.com

mLocal Page = c:windowsSysWOW64blank.htm

IE: Download all links with IDM - c:new folder (2)Internet Download Manager v6.11. 8.1 (IDM) +Crack + Key [h33t][iahq76]IEGetAll.htm

IE: Download FLV video content with IDM - c:new folder (2)Internet Download Manager v6.11. 8.1 (IDM) +Crack + Key [h33t][iahq76]IEGetVL.htm

IE: Download with IDM - c:new folder (2)Internet Download Manager v6.11. 8.1 (IDM) +Crack + Key [h33t][iahq76]IEExt.htm

FF - ProfilePath - c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default

FF - prefs.js: keyword.URL - hxxp://www.goodsearch.com/search.aspx?toolbarcharity=___toolbarcharity___&id=goodsearchtb&v=2_1&keywords=

FF - prefs.js: network.proxy.type - 0

FF - ExtSQL: 2012-11-04 18:39; 50970cb9d50ba@50970cb9d50f3.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions50970cb9d50ba@50970cb9d50f3.com.xpi

FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com

FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com

FF - ExtSQL: 2012-11-20 16:15; {FFB96CC1-7EB3-449D-B827-DB661701C6BB}; c:program filesCheckPointZAForceFieldWOW64TrustChecker

FF - ExtSQL: !HIDDEN! 2012-11-12 13:26; 63ffxtbr@APlusGamer_63.com; c:program files (x86)APlusGamer_63bar1.bin

FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:program files (x86)MindDabble_4pbar1.bin

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

.

.

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001services{73526619-C24F-470B-9BED-53D455FBB5C6}]

"ImagePath"="??c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"scansk"=hex(0):c5,88,12,3d,a1,66,02,aa,b6,69,27,77,2a,36,ce,6b,62,5d,c5,5b,dd,

32,c3,0e,3c,fd,35,14,a9,f8,c3,8a,76,15,a2,42,fb,fb,4e,66,00,00,00,00,00,00,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]

@Denied: (Full) (Everyone)

"scansk"=hex(0):92,20,a6,2c,ac,da,97,ad,d1,24,a3,f8,5b,7f,d7,fc,ab,59,6e,1b,bf,

51,95,0a,ae,4d,7b,37,63,5b,fa,ad,73,d0,1a,32,83,42,de,9e,00,00,00,00,00,00,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{b5572adb-f71b-41a1-ad6e-0832b120e9ea}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"Model"=dword:000000f0

"Therad"=dword:0000001e

"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,

38,95,44,85,b1,12,f9,90,dd,23,a1,46,8f,3c,f2,5c,68,ee,21,c4,91,5d,38,fc,54,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{c9fa1039-b2b9-4ecb-85ad-32f7d18bc0ed}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"Model"=dword:0000012c

"Therad"=dword:00000001

"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,

1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32]

@="c:Windowssystem32MacromedFlashFlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32]

@="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:program files (x86)GoforFilesGFFUpdater.exe

c:program files (x86)Common FilesAdobeARM1.0armsvc.exe

c:program files (x86)IObitSmart Defrag 2SmartDefrag.exe

c:program files (x86)Malwarebytes' Anti-Malwarembamgui.exe

c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe

c:program files (x86)CyberLinkShared filesRichVideo.exe

c:program files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe

c:program files (x86)SamsungEasy Display ManagerWifiManager.exe

c:program files (x86)CyberLinkYouCamYCMMirage.exe

c:new folder (2)Internet Download Manager v6.11. 8.1 (IDM) +Crack + Key [h33t][iahq76]IDMan.exe

c:program files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe

c:program files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe

c:program files (x86)SamsungSamsung Support CenterSSCKbdHk.exe

c:program files (x86)SamsungSamsung Update PlusSUPBackground.exe

c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSHardwareTranscode.exe

c:program files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe

.

**************************************************************************

.

Completion time: 2012-12-10 18:42:06 - machine was rebooted

ComboFix-quarantined-files.txt 2012-12-11 00:42

ComboFix2.txt 2012-12-03 17:11

.

Pre-Run: 76,139,724,800 bytes free

Post-Run: 75,595,681,792 bytes free

.

- - End Of File - - 72B58F4FA36BEA16E452D82E870828F7

 

 

MiniToolBox by Farbar Version: 25-11-2012

Ran by Owner (administrator) on 10-12-2012 at 20:40:33

Running from "C:UsersOwnerDesktop"

Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

***************************************************************************

 

========================= Flush DNS: ===================================

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========================= IE Proxy Settings: ==============================

 

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

 

========================= FF Proxy Settings: ==============================

 

"network.proxy.type", 0

 

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

 

========================= Hosts content: =================================

 

127.0.0.1 localhost

 

========================= IP Configuration: ================================

 

Intel® Centrino® Advanced-N 6250 AGN = Wireless Network Connection (Connected)

Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)

Intel® Centrino® WiMAX 6250 = Local Area Connection 2 (Media disconnected)

Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)

 

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

 

reset

set global

 

 

popd

# End of IPv4 configuration

 

 

 

Windows IP Configuration

 

Host Name . . . . . . . . . . . . : Owner-PC

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

 

Ethernet adapter Local Area Connection 2:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® Centrino® WiMAX 6250

Physical Address. . . . . . . . . : 64-D4-DA-1D-0F-92

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

 

Wireless LAN adapter Wireless Network Connection 2:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter

Physical Address. . . . . . . . . : 00-23-15-AE-6F-31

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

 

Wireless LAN adapter Wireless Network Connection:

 

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6250 AGN

Physical Address. . . . . . . . . : 00-23-15-AE-6F-30

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::d954:f86b:c6c9:aa%11(Preferred)

Autoconfiguration IPv4 Address. . : 169.254.0.170(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.0.0

Default Gateway . . . . . . . . . :

DHCPv6 IAID . . . . . . . . . . . : 369107733

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-37-DD-DA-E8-03-9A-9D-4E-63

DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1

fec0:0:0:ffff::2%1

fec0:0:0:ffff::3%1

NetBIOS over Tcpip. . . . . . . . : Enabled

 

Ethernet adapter Local Area Connection:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller

Physical Address. . . . . . . . . : E8-03-9A-9D-4E-63

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.{EF589019-EF09-4585-8068-B38719BE845F}:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Teredo Tunneling Pseudo-Interface:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Server: UnKnown

Address: fec0:0:0:ffff::1

 

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown

Address: fec0:0:0:ffff::1

 

Ping request could not find host yahoo.com. Please check the name and try again.

 

Pinging 127.0.0.1 with 32 bytes of data:

Request timed out.

Request timed out.

 

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

===========================================================================

Interface List

16...64 d4 da 1d 0f 92 ......Intel® Centrino® WiMAX 6250

12...00 23 15 ae 6f 31 ......Microsoft Virtual WiFi Miniport Adapter

11...00 23 15 ae 6f 30 ......Intel® Centrino® Advanced-N 6250 AGN

10...e8 03 9a 9d 4e 63 ......Realtek PCIe GBE Family Controller

1...........................Software Loopback Interface 1

19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

===========================================================================

 

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

127.0.0.0 255.0.0.0 On-link 127.0.0.1 306

127.0.0.1 255.255.255.255 On-link 127.0.0.1 306

127.255.255.255 255.255.255.255 On-link 127.0.0.1 306

169.254.0.0 255.255.0.0 On-link 169.254.0.170 281

169.254.0.170 255.255.255.255 On-link 169.254.0.170 281

169.254.255.255 255.255.255.255 On-link 169.254.0.170 281

224.0.0.0 240.0.0.0 On-link 127.0.0.1 306

224.0.0.0 240.0.0.0 On-link 169.254.0.170 281

255.255.255.255 255.255.255.255 On-link 127.0.0.1 306

255.255.255.255 255.255.255.255 On-link 169.254.0.170 281

===========================================================================

Persistent Routes:

None

 

IPv6 Route Table

===========================================================================

Active Routes:

If Metric Network Destination Gateway

1 306 ::1/128 On-link

11 281 fe80::/64 On-link

11 281 fe80::d954:f86b:c6c9:aa/128

On-link

1 306 ff00::/8 On-link

11 281 ff00::/8 On-link

===========================================================================

Persistent Routes:

None

========================= Winsock entries =====================================

 

Catalog5 01 C:WindowsSysWOW64NLAapi.dll [52224] (Microsoft Corporation)

Catalog5 02 C:WindowsSysWOW64napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:WindowsSysWOW64pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:WindowsSysWOW64pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 06 C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 07 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation)

Catalog5 08 C:WindowsSysWOW64winrnr.dll [20992] (Microsoft Corporation)

Catalog9 01 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation)

Catalog9 02 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation)

Catalog9 03 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation)

Catalog9 04 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation)

Catalog9 05 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation)

Catalog9 06 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation)

Catalog9 07 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation)

Catalog9 08 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation)

Catalog9 09 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation)

Catalog9 10 C:WindowsSysWOW64mswsock.dll [232448] (Microsoft Corporation)

x64-Catalog5 01 C:WindowsSystem32NLAapi.dll [70656] (Microsoft Corporation)

x64-Catalog5 02 C:WindowsSystem32napinsp.dll [68096] (Microsoft Corporation)

x64-Catalog5 03 C:WindowsSystem32pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 04 C:WindowsSystem32pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 05 C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [170880] (Microsoft Corp.)

x64-Catalog5 06 C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [170880] (Microsoft Corp.)

x64-Catalog5 07 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog5 08 C:WindowsSystem32winrnr.dll [28672] (Microsoft Corporation)

x64-Catalog9 01 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 02 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 03 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 04 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 05 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 06 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 07 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 08 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 09 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 10 C:WindowsSystem32mswsock.dll [326144] (Microsoft Corporation)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (12/10/2012 07:45:19 AM) (Source: Application Error) (User: )

Description: Faulting application name: NvXDSync.exe, version: 7.17.12.6610, time stamp: 0x4d0108c6

Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e

Exception code: 0xc0000374

Fault offset: 0x00000000000c40f2

Faulting process id: 0x470

Faulting application start time: 0xNvXDSync.exe0

Faulting application path: NvXDSync.exe1

Faulting module path: NvXDSync.exe2

Report Id: NvXDSync.exe3

 

Error: (12/08/2012 08:49:13 AM) (Source: Application Error) (User: )

Description: Faulting application name: CLMSHardwareTranscode.exe, version: 2.2.0.10510, time stamp: 0x504dcabc

Faulting module name: CLMSHardwareTranscode.exe, version: 2.2.0.10510, time stamp: 0x504dcabc

Exception code: 0xc0000005

Fault offset: 0x00002415

Faulting process id: 0x1244

Faulting application start time: 0xCLMSHardwareTranscode.exe0

Faulting application path: CLMSHardwareTranscode.exe1

Faulting module path: CLMSHardwareTranscode.exe2

Report Id: CLMSHardwareTranscode.exe3

 

Error: (12/03/2012 00:10:11 PM) (Source: Application Hang) (User: )

Description: The program iexplore.exe version 9.0.8112.16455 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: e50

 

Start Time: 01cdd17f7d6f0233

 

Termination Time: 16

 

Application Path: C:Program Files (x86)Internet Exploreriexplore.exe

 

Report Id:

 

 

System errors:

=============

Error: (12/10/2012 06:36:55 PM) (Source: DCOM) (User: )

Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}

 

Error: (12/10/2012 06:36:55 PM) (Source: DCOM) (User: )

Description: {C37BFDB8-9D49-4DCB-8D83-6C34A5FBA8ED}

 

Error: (12/10/2012 06:34:35 PM) (Source: DCOM) (User: )

Description: {4991D34B-80A1-4291-83B6-3328366B9097}

 

Error: (12/10/2012 06:36:50 PM) (Source: Service Control Manager) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

 

Error: (12/10/2012 06:35:50 PM) (Source: Service Control Manager) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

 

Error: (12/10/2012 06:35:50 PM) (Source: Service Control Manager) (User: )

Description: The CyberLink PowerDVD 12 Media Server Service service failed to start due to the following error:

%%1053

 

Error: (12/10/2012 06:35:50 PM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the CyberLink PowerDVD 12 Media Server Service service to connect.

 

Error: (12/10/2012 06:33:50 PM) (Source: Service Control Manager) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

 

Error: (12/10/2012 06:33:17 PM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

 

Error: (12/10/2012 06:33:14 PM) (Source: Service Control Manager) (User: )

Description: The Security Center service hung on starting.

 

 

Microsoft Office Sessions:

=========================

Error: (12/10/2012 07:45:19 AM) (Source: Application Error)(User: )

Description: NvXDSync.exe7.17.12.66104d0108c6ntdll.dll6.1.7601.177254ec4aa8ec000037400000000000c40f247001cdd6dc873fd261C:Program FilesNVIDIA CorporationDisplayNvXDSync.exeC:WindowsSYSTEM32ntdll.dlld5df44f9-42cf-11e2-9b7f-e8039a9d4e63

 

Error: (12/08/2012 08:49:13 AM) (Source: Application Error)(User: )

Description: CLMSHardwareTranscode.exe2.2.0.10510504dcabcCLMSHardwareTranscode.exe2.2.0.10510504dcabcc000000500002415124401cdd5532f2b8f4dC:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSHardwareTranscode.exeC:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSHardwareTranscode.exe6de052ec-4146-11e2-a540-e8039a9d4e63

 

Error: (12/03/2012 00:10:11 PM) (Source: Application Hang)(User: )

Description: iexplore.exe9.0.8112.16455e5001cdd17f7d6f023316C:Program Files (x86)Internet Exploreriexplore.exe

 

 

CodeIntegrity Errors:

===================================

Date: 2012-12-10 18:14:19.280

Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2ComboFixcatchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

Date: 2012-12-10 18:14:19.217

Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2ComboFixcatchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

Date: 2012-12-10 18:14:19.155

Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2ComboFixcatchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

Date: 2012-12-10 18:14:19.108

Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2ComboFixcatchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

Date: 2012-12-03 10:35:21.671

Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2ComboFixcatchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

Date: 2012-12-03 10:35:21.624

Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2ComboFixcatchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

Date: 2012-11-20 19:37:29.306

Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume2Program FilesCheckPointZAForceFieldPluginsISWSHEX.dll because the set of per-page image hashes could not be found on the system.

 

Date: 2012-11-20 19:13:35.076

Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume2Program FilesCheckPointZAForceFieldPluginsISWSHEX.dll because the set of per-page image hashes could not be found on the system.

 

Date: 2012-08-02 22:30:41.921

Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume2WindowsSystem32nvoptimusmft.dll because the set of per-page image hashes could not be found on the system.

 

Date: 2012-07-30 12:31:29.110

Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume2WindowsSystem32nvoptimusmft.dll because the set of per-page image hashes could not be found on the system.

 

 

=========================== Installed Programs ============================

 

???? ??? Windows Live (Version: 15.4.3502.0922)

???? Windows Live (Version: 15.4.3502.0922)

?????? ??????? ?? Windows Live (Version: 15.4.3502.0922)

???????? ?? Messenger (Version: 15.4.3502.0922)

???????? ?????????? Windows Live (Version: 15.4.3502.0922)

????????? Messenger (Version: 15.4.3502.0922)

?????????? Windows Live (Version: 15.4.3502.0922)

??????????? ?? Windows Live (Version: 15.4.3502.0922)

Adobe AIR (Version: 3.4.0.2540)

Adobe Download Assistant (Version: 1.2.2)

Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)

Adobe Flash Player 11 Plugin (Version: 11.5.502.110)

Adobe Reader X (10.1.4) (Version: 10.1.4)

Agatha Christie - Death on the Nile (Version: 2.2.0.82)

All Sound Recorder 1.78

„Messenger“ pagalbine priemone (Version: 15.4.3502.0922)

Angry Birds Space (Version: 1.3.0)

AnyDVD (Version: 7.1.2.0)

Apple Application Support (Version: 2.3)

Apple Software Update (Version: 2.1.3.127)

ASPCA Reminder by We-Care.com v4.1.17.1 (Version: 4.1.17.1)

Audacity 2.0

AVerMedia C039 USB Capture Card 10.2.64.51 (Version: 10.2.64.51)

AVS Update Manager 1.0

AVS Video Converter 8

AVS4YOU Software Navigator 1.4

„Windows Live Essentials“ (Version: 15.4.3502.0922)

„Windows Live Mail“ (Version: 15.4.3502.0922)

„Windows Live Messenger“ (Version: 15.4.3502.0922)

„Windows Live“ fotogalerija (Version: 15.4.3502.0922)

Bad Piggies (Version: 1.0.0)

BatteryLifeExtender (Version: 1.0.11)

Battle vs. Chess (Version: 1.0)

Bejeweled 2 Deluxe (Version: 2.2.0.95)

Best Buy pc app (Version: 3.0.0.0)

Bing Bar (Version: 7.1.361.0)

Bing Rewards Client Installer (Version: 16.0.345.0)

Brain Train Age V3.91

Brutal Chess

Build-a-lot (Version: 2.2.0.82)

ChargeableUSB (Version: 1.0.0.0)

Chessmaster 9000

Chessmaster Grandmaster Edition (Version: 1.00.0000)

Chuzzle Deluxe (Version: 2.2.0.82)

CloneDVD2 (Version: 2.9.3.0)

Codec (Version: 1.0)

Complemento Messenger (Version: 15.4.3502.0922)

Complément Messenger (Version: 15.4.3502.0922)

ConverterLite 1.6.1 (Version: 1.6.1)

CyberLink MediaShow (Version: 5.0.1130a)

CyberLink PhotoNow (Version: 1.1.6904)

CyberLink Power2Go (Version: 6.1.3802)

CyberLink PowerDirector (Version: 8.0.2718a)

CyberLink PowerDVD 12 (Version: 12.0.2118a.57)

CyberLink PowerProducer (Version: 5.0.2.2429)

CyberLink YouCam (Version: 3.1.3509)

D3DX10 (Version: 15.4.2368.0902)

Diner Dash 2 Restaurant Rescue (Version: 2.2.0.82)

Doplnok programu Messenger (Version: 15.4.3502.0922)

DVD Shrink 3.2

DVD Shrink version 4.1 (Version: 4.1)

DVDFab 8.2.1.5 (10/10/2012) Qt

DVDneXtCOPYneXtTech

DVDStyler v2.3

Easy Content Share (Version: 1.0)

Easy Display Manager (Version: 3.2)

Easy Migration (Version: 1.0)

Easy Network Manager (Version: 4.4.7)

Easy SpeedUp Manager (Version: 2.1.1.1)

EasyBatteryManager (Version: 4.0.0.4)

EasyFileShare (Version: 1.0.11)

ETDWare PS/2-X64 8.0.7.2_WHQL (Version: 8.0.7.2)

Farm Frenzy (Version: 2.2.0.82)

Fast Start (Version: 2.2.0.0)

Fotogalerija Windows Live (Version: 15.4.3502.0922)

Free Sound Recorder v9.3.1

Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)

Galeria fotografii uslugi Windows Live (Version: 15.4.3502.0922)

Galerie de photos Windows Live (Version: 15.4.3502.0922)

Galerie foto Windows Live (Version: 15.4.3502.0922)

Galería fotográfica de Windows Live (Version: 15.4.3502.0922)

GIMP 2.8.2 (Version: 2.8.2)

GoforFiles (Version: 1.2.0)

Graboid Video 3.28 (Version: 3.28)

Insaniquarium Deluxe (Version: 2.2.0.82)

Intel PROSet Wireless

Intel WiMAX Tutorial (Version: 1.5.3.1)

Intel® Control Center (Version: 1.2.1.1007)

Intel® Management Engine Components (Version: 7.0.0.1118)

Intel® Processor Graphics (Version: 8.15.10.2253)

Intel® PROSet/Wireless WiFi Software (Version: 14.0.2000)

Intel® Rapid Storage Technology (Version: 10.0.0.1046)

Intel® Wireless Display

Intel® Wireless Display (Version: 2.0.27.0)

Intel® PROSet/Wireless WiMAX Software (Version: 6.05.0000)

Internet Download Manager

Java 7 Update 9 (Version: 7.0.90)

Java Auto Updater (Version: 2.1.9.0)

John Deere Drive Green (Version: 2.2.0.82)

Junk Mail filter update (Version: 15.4.3502.0922)

Kurzweil 3000 v.10 (Version: 10.00.0000)

Magic ISO Maker v5.4 (build 0239)

MagicDisc 2.7.106

Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)

Mesh Runtime (Version: 15.4.5722.2)

Messenger-kumppani (Version: 15.4.3502.0922)

Messenger ??? ?? (Version: 15.4.3502.0922)

Messenger ???? (Version: 15.4.3502.0922)

Messenger ????? (Version: 15.4.3502.0922)

Messenger Assistent (Version: 15.4.3502.0922)

Messenger Companion (Version: 15.4.3502.0922)

Messenger kíséro (Version: 15.4.3502.0922)

Messenger Pratilac (Version: 15.4.3502.0922)

Messenger Suradnik (Version: 15.4.3502.0922)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Games for Windows - LIVE (Version: 3.3.24.0)

Microsoft Games for Windows - LIVE Redistributable (Version: 3.2.3.0)

Microsoft Office 2010 (Version: 14.0.4763.1000)

Microsoft Silverlight (Version: 5.1.10411.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)

Microsoft Text-to-Speech Engine 4.0 (English)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Movie Color Enhancer (Version: 1.0)

Mozilla Firefox 17.0.1 (x86 en-US) (Version: 17.0.1)

Mozilla Maintenance Service (Version: 17.0.1)

MSVCRT (Version: 15.4.2862.0708)

MSVCRT_amd64 (Version: 15.4.2862.0708)

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

Multimedia POP (Version: 1.1)

NaturalReaderFree (Version: 11)

NVIDIA Control Panel 266.10 (Version: 266.10)

NVIDIA Graphics Driver 266.10 (Version: 266.10)

NVIDIA Install Application (Version: 2.265.34.0)

NVIDIA Optimus 1.0.11 (Version: 1.0.11)

NVIDIA Update Components (Version: 1.0.11)

Peggle (Version: 2.2.0.82)

Penguins! (Version: 2.2.0.82)

Pirate101 (Version: 1.0.0)

Plants vs. Zombies (Version: 2.2.0.82)

Poczta uslugi Windows Live (Version: 15.4.3502.0922)

Podstawowe programy Windows Live (Version: 15.4.3502.0922)

Polar Golfer (Version: 2.2.0.82)

Pomocnik Messenger (Version: 15.4.3502.0922)

Pošta Windows Live (Version: 15.4.3502.0922)

QuickTime (Version: 7.73.80.64)

Raccolta foto di Windows Live (Version: 15.4.3502.0922)

Realtek Ethernet Controller Driver (Version: 7.46.610.2011)

Realtek High Definition Audio Driver (Version: 6.0.1.6257)

Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.26.0)

S?????? f?t???af??? t?? Windows Live (Version: 15.4.3502.0922)

Samsung AnyWeb Print (Version: 1.0)

Samsung AnyWeb Print (Version: 1.1.21.0)

Samsung Recovery Solution 5 (Version: 5.0.0.8)

Samsung Support Center (Version: 1.1.21)

Samsung Universal Print Driver (Version: 2.01.06.00:16)

Samsung Universal Scan Driver (Version: 1.2.1.0)

Samsung Update Plus (Version: 3.0.0.17)

Skype™ 5.10 (Version: 5.10.116)

SlimDrivers (Version: 2.2.24428)

Smart Defrag 2 (Version: 2.6)

Smart Driver Updater v3.0 (Version: 3.0)

SmartSound Quicktracks Plugin (Version: 3.0.2.7)

Spotify (Version: 0.8.5.1333.g822e0de8)

Spremljevalec Messenger (Version: 15.4.3502.0922)

SRS Premium Sound Control Panel (Version: 1.10.1000)

The Ringtone Maker v5.2.9 (Version: 5.2.9.110)

Ulead VideoStudio 10 (Version: 10.0)

Ulead VideoStudio SE DVD (Version: 10.0)

UMPlayer 0.98 [P4] (Version: 0.98)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

USB2.0 Grabber (Version: 7.12.000.002)

User Guide (Version: 1.0)

Share this post


Link to post
Share on other sites

Hello goofy1139

 

Thank you for the logs.

 

We are going to have to try and troubleshoot exactly what is causing your connection issues.

 

Lets begin with the following:

 

Please run your Zonealarm uninstaller program. The program can probably be accessed from Programs on your Start Menu.

 

If you do not see it listed there, please navigate to the following locations and see if the uninstaller is present:

 

 

C:\Program Files\CheckPoint\ZAForceField

 

and:

 

C:\Program Files (x86)\CheckPoint\ZoneAlarm

 

 

If the uninstaller is listed in either one of those folders, please run it, then rescan your machine with Farbar's Recovery Scan Tool.

 

Post the new FRST log in your next reply and let me know if you are now able to connect to the net.

 

NOTE please be very careful to keep your browsing to a minimum while zonealarm is uninstalled.

Share this post


Link to post
Share on other sites

Hello JonTom,

 

The only uninstaller I found and ran was in C:Program FilesCheckPointZAForceField

 

Here is the log

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2012

Ran by SYSTEM at 11-12-2012 09:59:00

Running from F:

Windows 7 Home Premium (X64) OS Language: English(US)

The current controlset is ControlSet001

 

==================== Registry (Whitelisted) ===================

 

HKLM...Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s [11660904 2010-11-30] (Realtek Semiconductor)

HKLM...Run: [intelWireless] "C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe" /tf Intel Wireless Tray [1933584 2011-01-04] (Intel® Corporation)

HKLM...Run: [ETDCtrl] %ProgramFiles%ElantechETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)

HKLM...Run: [intelWirelessWiMAX] "C:Program FilesIntelWiMAXBinWiMAXCU.exe" /tasktray /nosplash [1622016 2011-06-02] (Intel® Corporation)

HKLM-x32...Run: [CLMLServer] "C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe" [103720 2009-11-01] (CyberLink)

HKLM-x32...Run: [samsung PanelMgr] C:WindowsSamsungPanelMgrSSMMgr.exe /autorun [618496 2010-06-07] ()

HKLM-x32...Run: [uVS10 Preload] C:Program Files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe [36864 2006-03-06] (Ulead Systems, Inc.)

HKLM-x32...Run: [updatePPShortCut] "C:Program Files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" "C:Program Files (x86)CyberLinkPowerProducer" UpdateWithCreateOnce "SoftwareCyberLinkPowerProducer5.0" [222504 2009-05-19] (CyberLink Corp.)

HKLM-x32...Run: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)

HKLM-x32...Run: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)

HKLM-x32...Run: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [59280 2012-10-11] (Apple Inc.)

HKLM-x32...Run: [PowerDVD12DMREngine] "C:Program Files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [505872 2012-09-18] (CyberLink)

HKLM-x32...Run: [PowerDVD12Agent] "C:Program Files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [374560 2012-09-18] (CyberLink Corp.)

HKLM-x32...Run: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)

HKUOwner...Run: [iDMan] C:New folder (2)Internet Download Manager v6.11. 8.1 (IDM) +Crack + Key [h33t][iahq76]IDMan.exe /onboot [3220912 2010-05-26] (Tonec Inc.)

HKUOwner...Run: [Xvid] C:Program Files (x86)XvidCheckUpdate.exe [8192 2011-01-17] ()

HKUOwner...Run: [AnyDVD] C:Program Files (x86)SlySoftAnyDVDAnyDVDtray.exe [6663840 2012-11-23] (SlySoft, Inc.)

AppInit_DLLs: C:WindowsSystem32nvinitx.dll

Startup: C:UsersOwnerStart MenuProgramsStartupMagicDisc.lnk

ShortcutTarget: MagicDisc.lnk -> C:Program Files (x86)MagicDiscMagicDisc.exe (MagicISO, Inc.)

 

==================== Services (Whitelisted) ===================

 

2 CLHNServiceForPowerDVD12; C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [90640 2012-09-18] (CyberLink Corp.)

2 CyberLink PowerDVD 12 Media Server Monitor Service; "C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe" [78352 2012-09-18] (CyberLink)

2 CyberLink PowerDVD 12 Media Server Service; "C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe" [295440 2012-09-18] (CyberLink)

2 MBAMScheduler; "C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation)

2 MBAMService; "C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe" [676936 2012-09-29] (Malwarebytes Corporation)

3 MyWiFiDHCPDNS; C:Program FilesIntelWiFibinPanDhcpDns.exe [340240 2011-01-04] ()

2 nlsX86cc; "C:WindowsSysWOW64nlssrv32.exe" [66560 2010-11-22] (Nalpeiron Ltd.)

2 RichVideo; "C:Program Files (x86)CyberLinkShared filesRichVideo.exe" [244904 2009-11-30] ()

2 vsmon; C:Program Files (x86)CheckPointZoneAlarmvsmon.exe -service [2447440 2012-10-09] (Check Point Software Technologies LTD)

 

==================== Drivers (Whitelisted) =====================

 

3 AnyDVD; C:WindowsSystem32DriversAnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)

3 AnyDVD; C:WindowsSysWow64DriversAnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)

3 AVerPola; C:WindowsSystem32DriversAVerPola.sys [534144 2011-01-03] (AVerMedia TECHNOLOGIES, Inc.)

1 avgtp; ??C:Windowssystem32driversavgtpx64.sys [30568 2012-11-14] (AVG Technologies)

0 KL1; C:WindowsSystem32DriversKL1.sys [460888 2012-01-09] (Kaspersky Lab ZAO)

1 kl2; C:WindowsSystem32Driverskl2.sys [11864 2012-01-09] (Kaspersky Lab ZAO)

1 KLIF; C:WindowsSystem32DriversKLIF.sys [485680 2012-01-09] (Kaspersky Lab)

3 MBAMProtector; ??C:Windowssystem32driversmbam.sys [25928 2012-09-29] (Malwarebytes Corporation)

2 ntk_PowerDVD12; ??C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)

0 SmartDefragDriver; C:WindowsSystem32DriversSmartDefragDriver.sys [17720 2010-11-26] ()

3 StkCMini; C:WindowsSystem32DriversStkCMini.sys [1816968 2010-04-16] (Syntek)

3 SWDUMon; C:WindowsSystem32DriversSWDUMon.sys [15712 2012-12-11] ()

1 Vsdatant; C:WindowsSystem32DriversVsdatant.sys [454232 2011-05-07] (Check Point Software Technologies LTD)

2 {73526619-C24F-470B-9BED-53D455FBB5C6}; ??C:Program Files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [147704 2012-09-19] (CyberLink Corp.)

3 catchme; ??C:ComboFixcatchme.sys [x]

 

==================== NetSvcs (Whitelisted) ====================

 

 

==================== One Month Created Files and Folders ========

 

2012-12-11 07:50 - 2012-12-11 07:50 - 00000048 ____A C:WindowsAE0F15C41BFB83F3.log

2012-12-11 07:47 - 2012-12-11 06:17 - 01461029 ____A (Farbar) C:UsersOwnerDesktopFRST64.exe

2012-12-10 18:40 - 2012-12-10 18:41 - 00030347 ____A C:UsersOwnerDesktopResult.txt

2012-12-10 18:38 - 2012-12-08 12:46 - 00752213 ____A (Farbar) C:UsersOwnerDesktopMiniToolBox.exe

2012-12-10 18:31 - 2012-12-10 18:31 - 00031862 ____A C:UsersOwnerDesktop12-10-12test.txt

2012-12-10 16:42 - 2012-12-10 16:42 - 00031862 ____A C:ComboFix.txt

2012-12-10 16:12 - 2012-12-10 16:12 - 00001302 ____A C:CF-Submit.htm

2012-12-10 16:11 - 2012-12-10 18:26 - 00000000 ____D C:ComboFix

2012-12-10 07:12 - 2012-12-10 07:12 - 00000000 ____D C:FRACTURE EXTRAS

2012-12-09 06:52 - 2012-12-09 06:52 - 00000000 ____D C:UsersOwnerDesktopNew Folder

2012-12-09 06:25 - 2012-12-09 06:26 - 00000000 ____D C:UsersOwnerDesktopcf

2012-12-07 15:51 - 2012-12-07 15:51 - 00089974 ____A C:UsersOwnerDesktopIce Age_ Continental Drift.pds

2012-12-07 14:15 - 2012-12-07 14:15 - 00089950 ____A C:UsersOwnerDocumentsicemp4.pds

2012-12-07 13:56 - 2012-12-07 14:13 - 465468200 ____A C:UsersOwnerDocumentsProduce.mp4

2012-12-07 13:56 - 2012-12-07 13:56 - 00003539 ____A C:UsersOwnerDocumentsProduce.THM

2012-12-06 10:30 - 2012-12-06 10:30 - 00000000 ____D C:UsersOwnerDesktopSTEPPENWOLF

2012-12-05 15:46 - 2012-12-05 15:42 - 01995672 ____A (Driver Whiz) C:UsersOwnerDesktopDriverwhiz_2.exe

2012-12-05 09:06 - 2012-12-05 09:06 - 00001147 ____A C:UsersPublicDesktopMozilla Firefox.lnk

2012-12-05 09:02 - 2012-12-05 09:03 - 00002323 ____A C:UsersOwnerDesktopFSS.txt

2012-12-05 09:00 - 2012-12-05 05:44 - 00696153 ____A (Farbar) C:UsersOwnerDesktopFSS.exe

2012-12-04 09:49 - 2012-12-04 09:49 - 00000324 ____A C:UsersOwnerDesktopmessup.txt

2012-12-04 05:48 - 2012-12-04 05:48 - 00001724 ____A C:AdwCleaner[s6].txt

2012-12-03 09:38 - 2012-12-03 09:38 - 00032483 ____A C:UsersOwnerDesktopx.txt

2012-12-03 08:27 - 2011-06-25 22:45 - 00256000 ____A C:WindowsPEV.exe

2012-12-03 08:27 - 2010-11-07 09:20 - 00208896 ____A C:WindowsMBR.exe

2012-12-03 08:27 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:WindowsNIRCMD.exe

2012-12-03 08:27 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:WindowsSWREG.exe

2012-12-03 08:27 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:WindowsSWSC.exe

2012-12-03 08:27 - 2000-08-30 16:00 - 00098816 ____A C:Windowssed.exe

2012-12-03 08:27 - 2000-08-30 16:00 - 00080412 ____A C:Windowsgrep.exe

2012-12-03 08:27 - 2000-08-30 16:00 - 00068096 ____A C:Windowszip.exe

2012-12-03 08:24 - 2012-12-10 18:26 - 00000000 ____D C:Qoobox

2012-12-03 08:23 - 2012-12-03 09:06 - 00000000 ____D C:Windowserdnt

2012-12-03 05:40 - 2012-12-03 05:41 - 05009299 ____R (Swearware) C:UsersOwnerDesktopComboFix.exe

2012-12-02 18:48 - 2012-12-02 14:45 - 00856731 ____A C:UsersOwnerDesktopSecurityCheck.exe

2012-12-02 18:40 - 2012-12-02 18:40 - 00000490 ____A C:UsersOwnerDesktopcomp websites.txt

2012-12-01 11:47 - 2012-12-01 11:47 - 00011384 ____A C:UsersOwnerDesktopJRT.txt

2012-11-30 07:39 - 2012-11-30 13:47 - 00001109 ____A C:UsersPublicDesktopMalwarebytes Anti-Malware.lnk

2012-11-30 07:39 - 2012-11-30 13:47 - 00000000 ____D C:Program Files (x86)Malwarebytes' Anti-Malware

2012-11-30 07:39 - 2012-09-29 17:54 - 00025928 ____A (Malwarebytes Corporation) C:WindowsSystem32Driversmbam.sys

2012-11-30 06:16 - 2012-11-30 06:16 - 00000000 ____D C:WindowsERUNT

2012-11-30 06:15 - 2012-12-05 17:06 - 00000000 ____D C:JRT

2012-11-30 06:15 - 2012-12-01 11:43 - 00000347 ____A C:UsersOwnerDownloadsaskregvalue_x64.dat

2012-11-30 05:50 - 2012-11-30 05:53 - 00000000 ____D C:UsersOwnerDesktopmark new comp stuff

2012-11-30 05:50 - 2012-11-30 04:16 - 10669952 ____A (Malwarebytes Corporation ) C:UsersOwnerDesktopmbam-setup-1.65.1.1000.exe

2012-11-30 05:50 - 2012-11-30 04:15 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.com

2012-11-30 05:50 - 2012-11-30 04:12 - 00912454 ____A C:UsersOwnerDesktopJRT.exe

2012-11-30 05:50 - 2012-11-30 04:10 - 00448512 ___RA (OldTimer Tools) C:UsersOwnerDesktopTFC.exe

2012-11-27 09:18 - 2012-11-27 09:18 - 00000000 ____D C:FRST

2012-11-25 12:29 - 2012-11-25 07:22 - 04732416 ____A (AVAST Software) C:UsersOwnerDesktopaswMBR.exe

2012-11-25 11:14 - 2012-11-28 08:04 - 00000000 ____D C:UsersOwnerDesktopfor marks computer

2012-11-25 11:14 - 2012-11-25 08:06 - 00011464 ____A C:UsersOwnerDesktophelp1.txt

2012-11-25 11:14 - 2012-11-25 07:36 - 00027239 ____A C:UsersOwnerDesktopcomp help

2012-11-25 11:14 - 2012-11-25 07:18 - 00602112 ____A C:UsersOwnerDesktopOTL.exe

2012-11-25 11:08 - 2012-11-25 11:08 - 00000732 ____A C:UsersOwnerDesktopfor marks computer - Shortcut.lnk

2012-11-24 14:56 - 2012-11-24 14:56 - 00001236 ____A C:AdwCleaner[s5].txt

2012-11-24 14:52 - 2012-11-24 18:05 - 00001181 ____A C:UsersOwnerDesktopDesinstaller_HOSTS_Anti-PUPs.lnk

2012-11-24 14:40 - 2012-11-24 14:40 - 00001157 ____A C:AdwCleaner[s4].txt

2012-11-24 07:07 - 2012-11-24 07:08 - 00001096 ____A C:AdwCleaner[s3].txt

2012-11-24 06:58 - 2011-05-30 05:42 - 00255488 ____A C:WindowsSystem32xvidvfw.dll

2012-11-24 06:58 - 2011-05-30 05:42 - 00240640 ____A C:WindowsSysWOW64xvidvfw.dll

2012-11-24 06:58 - 2011-05-23 01:52 - 00153088 ____A C:WindowsSysWOW64xvid.ax

2012-11-24 06:58 - 2011-05-22 23:49 - 00173568 ____A C:WindowsSystem32xvid.ax

2012-11-24 06:58 - 2011-05-22 23:46 - 00645632 ____A C:WindowsSysWOW64xvidcore.dll

2012-11-24 06:58 - 2011-05-22 23:45 - 00696832 ____A C:WindowsSystem32xvidcore.dll

2012-11-24 06:57 - 2012-11-24 06:57 - 00000000 ____D C:UsersOwner.bitrock

2012-11-24 06:54 - 2012-11-24 06:54 - 00001550 ____A C:AdwCleaner[s2].txt

2012-11-23 17:49 - 2012-11-24 06:58 - 00000000 ____D C:Program Files (x86)Xvid

2012-11-23 14:53 - 2012-11-23 14:53 - 00051166 ____A C:UsersOwnerDocumentsAdwCleaner[s1]1.txt

2012-11-23 14:31 - 2012-11-23 14:32 - 00051166 ____A C:AdwCleaner[s1].txt

2012-11-23 14:27 - 2012-11-23 14:27 - 00543531 ____A C:UsersOwnerDesktopAdwCleaner.exe

2012-11-23 06:52 - 2012-11-23 06:52 - 00009544 ____A C:UsersOwnerDesktopbridesmaids unrated.pds

2012-11-21 11:11 - 2012-12-01 12:03 - 00025658 ____A C:UsersOwnerDesktopdds.txt

2012-11-21 11:11 - 2012-12-01 12:03 - 00010123 ____A C:UsersOwnerDesktopattach.txt

2012-11-21 10:48 - 2010-11-26 15:02 - 00017720 ____A C:WindowsSystem32DriversSmartDefragDriver.sys

2012-11-21 07:29 - 2012-11-21 07:29 - 02213976 ____A (Kaspersky Lab ZAO) C:UsersOwnerDesktoptdsskiller.exe

2012-11-21 07:26 - 2012-11-21 07:26 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.EXE

2012-11-21 06:18 - 2012-11-21 06:18 - 00169816 ____A (Microsoft Corporation) C:UsersOwnerDownloadsMeadCo_Neptune.exe

2012-11-21 06:17 - 2012-11-21 06:19 - 00000000 ____D C:Program Files (x86)MeadCo Neptune

2012-11-20 14:22 - 2012-11-21 05:17 - 00415934 ____A C:WindowsSystem32Driversvsconfig.xml

2012-11-20 14:21 - 2012-01-09 16:59 - 00460888 ____A (Kaspersky Lab ZAO) C:WindowsSystem32Driverskl1.sys

2012-11-20 14:21 - 2012-01-09 16:59 - 00011864 ____A (Kaspersky Lab ZAO) C:WindowsSystem32Driverskl2.sys

2012-11-20 14:16 - 2012-11-20 14:16 - 00000762 ____A C:UsersPublicDesktopZoneAlarm Security.lnk

2012-11-20 14:16 - 2012-11-20 14:16 - 00000000 ____D C:UsersOwnerDocumentsForceField Shared Files

2012-11-20 14:16 - 2012-01-09 16:59 - 00485680 ____A (Kaspersky Lab) C:WindowsSystem32Driversklif.sys

2012-11-20 14:15 - 2012-11-20 14:15 - 00000000 ____D C:UsersOwnerAppDataRoamingCheckPoint

2012-11-20 14:14 - 2012-11-20 14:14 - 00000000 ____D C:Program FilesCheckPoint

2012-11-20 13:46 - 2012-11-20 14:16 - 00000000 ____D C:Program Files (x86)CheckPoint

2012-11-20 13:46 - 2012-11-20 13:46 - 00000000 ____D C:UsersAll UsersCheckPoint

2012-11-20 13:00 - 2012-12-11 06:28 - 00030712 ____A C:WindowsPFRO.log

2012-11-20 10:23 - 2012-11-20 10:23 - 00000000 ____D C:UsersOwnerAppDataRoamingMalwarebytes

2012-11-20 10:22 - 2012-11-20 10:22 - 00000000 ____D C:UsersAll UsersMalwarebytes

2012-11-20 08:27 - 2012-11-20 08:27 - 00000000 ____D C:UsersAll UsersPCPitstop

2012-11-20 08:25 - 2012-11-21 07:57 - 00000000 ____D C:Program Files (x86)PCPitstop

2012-11-20 03:53 - 2012-11-20 03:53 - 00000000 ____D C:UsersOwnerAppDataRoamingConverterLite

2012-11-20 03:36 - 2012-11-20 03:36 - 00000000 ____D C:UsersOwnerDocumentsMy Video

2012-11-19 19:27 - 2012-11-19 19:27 - 00010486 ____A C:UsersOwnerDesktopkill bill.pds

2012-11-19 17:03 - 2012-11-19 17:03 - 00000000 ____D C:UsersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012)

2012-11-19 12:16 - 2012-11-19 12:16 - 00181636 ____A C:UsersOwnerDesktopdisk music.pds

2012-11-19 11:25 - 2012-11-19 11:25 - 00001019 ____A C:UsersUpdatusUserDesktopARWizard3.lnk

2012-11-17 18:29 - 2012-11-17 18:29 - 00157793 ____A C:UsersOwnerDesktopbeer.pds

2012-11-17 13:25 - 2012-11-17 13:25 - 00001374 ____A C:UsersOwnerAppDataLocalrecently-used.xbel

2012-11-17 13:22 - 2012-11-17 13:22 - 00000000 ____D C:UsersOwner.thumbnails

2012-11-17 13:20 - 2012-11-17 13:38 - 00000000 ____D C:UsersOwner.gimp-2.8

2012-11-17 13:20 - 2012-11-17 13:20 - 00000000 ____D C:UsersOwnerAppDataLocalgegl-0.2

2012-11-17 13:18 - 2012-11-17 13:19 - 00000000 ____D C:Program FilesGIMP 2

2012-11-17 12:01 - 2012-11-17 12:01 - 01555254 ____A C:UsersOwnerDocumentsSnapshot.bmp

2012-11-17 11:20 - 2012-11-17 11:41 - 3152334848 ____A C:UsersOwnerDesktopBottoms Up.mpg

2012-11-17 10:47 - 2012-11-17 10:47 - 00054406 ____A C:UsersOwnerDesktopbottom.pds

2012-11-17 09:59 - 2012-10-03 09:56 - 01914248 ____A (Microsoft Corporation) C:WindowsSystem32Driverstcpip.sys

2012-11-17 09:59 - 2012-10-03 09:44 - 00303104 ____A (Microsoft Corporation) C:WindowsSystem32nlasvc.dll

2012-11-17 09:59 - 2012-10-03 09:44 - 00246272 ____A (Microsoft Corporation) C:WindowsSystem32netcorehc.dll

2012-11-17 09:59 - 2012-10-03 09:44 - 00216576 ____A (Microsoft Corporation) C:WindowsSystem32ncsi.dll

2012-11-17 09:59 - 2012-10-03 09:44 - 00070656 ____A (Microsoft Corporation) C:WindowsSystem32nlaapi.dll

2012-11-17 09:59 - 2012-10-03 09:44 - 00018944 ____A (Microsoft Corporation) C:WindowsSystem32netevent.dll

2012-11-17 09:59 - 2012-10-03 09:42 - 00569344 ____A (Microsoft Corporation) C:WindowsSystem32iphlpsvc.dll

2012-11-17 09:59 - 2012-10-03 08:42 - 00175104 ____A (Microsoft Corporation) C:WindowsSysWOW64netcorehc.dll

2012-11-17 09:59 - 2012-10-03 08:42 - 00156672 ____A (Microsoft Corporation) C:WindowsSysWOW64ncsi.dll

2012-11-17 09:59 - 2012-10-03 08:42 - 00018944 ____A (Microsoft Corporation) C:WindowsSysWOW64netevent.dll

2012-11-17 09:59 - 2012-10-03 08:07 - 00045568 ____A (Microsoft Corporation) C:WindowsSystem32Driverstcpipreg.sys

2012-11-17 09:59 - 2012-01-12 23:12 - 00052224 ____A (Microsoft Corporation) C:WindowsSysWOW64nlaapi.dll

2012-11-16 15:54 - 2012-11-16 16:52 - 1609062400 ____A C:UsersOwnerDocumentsbottoms up.mpg

2012-11-16 03:37 - 2012-12-11 07:49 - 00005442 ____A C:Windowssetupact.log

2012-11-16 03:37 - 2012-11-16 03:37 - 00000000 ____A C:Windowssetuperr.log

2012-11-15 18:35 - 2012-07-25 20:55 - 00785512 ____A (Microsoft Corporation) C:WindowsSystem32DriversWdf01000.sys

2012-11-15 18:35 - 2012-07-25 20:55 - 00054376 ____A (Microsoft Corporation) C:WindowsSystem32DriversWdfLdr.sys

2012-11-15 18:35 - 2012-07-25 18:36 - 00009728 ____A (Microsoft Corporation) C:WindowsSystem32Wdfres.dll

2012-11-15 18:35 - 2012-06-02 06:35 - 00000003 ____A C:WindowsSystem32DriversMsftWdf_Kernel_01011_Inbox_Critical.Wdf

2012-11-15 18:30 - 2012-10-08 04:19 - 17811968 ____A (Microsoft Corporation) C:WindowsSystem32mshtml.dll

2012-11-15 18:30 - 2012-10-08 03:42 - 10925568 ____A (Microsoft Corporation) C:WindowsSystem32ieframe.dll

2012-11-15 18:30 - 2012-10-08 03:31 - 02312704 ____A (Microsoft Corporation) C:WindowsSystem32jscript9.dll

2012-11-15 18:30 - 2012-10-08 03:24 - 01346048 ____A (Microsoft Corporation) C:WindowsSystem32urlmon.dll

2012-11-15 18:30 - 2012-10-08 03:23 - 01392128 ____A (Microsoft Corporation) C:WindowsSystem32wininet.dll

2012-11-15 18:30 - 2012-10-08 03:22 - 01494528 ____A (Microsoft Corporation) C:WindowsSystem32inetcpl.cpl

2012-11-15 18:30 - 2012-10-08 03:22 - 00237056 ____A (Microsoft Corporation) C:WindowsSystem32url.dll

2012-11-15 18:30 - 2012-10-08 03:20 - 00085504 ____A (Microsoft Corporation) C:WindowsSystem32jsproxy.dll

2012-11-15 18:30 - 2012-10-08 03:18 - 00173056 ____A (Microsoft Corporation) C:WindowsSystem32ieUnatt.exe

2012-11-15 18:30 - 2012-10-08 03:17 - 00816640 ____A (Microsoft Corporation) C:WindowsSystem32jscript.dll

2012-11-15 18:30 - 2012-10-08 03:17 - 00599040 ____A (Microsoft Corporation) C:WindowsSystem32vbscript.dll

2012-11-15 18:30 - 2012-10-08 03:15 - 02144768 ____A (Microsoft Corporation) C:WindowsSystem32iertutil.dll

2012-11-15 18:30 - 2012-10-08 03:15 - 00729088 ____A (Microsoft Corporation) C:WindowsSystem32msfeeds.dll

2012-11-15 18:30 - 2012-10-08 03:13 - 02382848 ____A (Microsoft Corporation) C:WindowsSystem32mshtml.tlb

2012-11-15 18:30 - 2012-10-08 03:13 - 00096768 ____A (Microsoft Corporation) C:WindowsSystem32mshtmled.dll

2012-11-15 18:30 - 2012-10-08 03:09 - 00248320 ____A (Microsoft Corporation) C:WindowsSystem32ieui.dll

2012-11-15 18:30 - 2012-10-08 00:28 - 12320768 ____A (Microsoft Corporation) C:WindowsSysWOW64mshtml.dll

2012-11-15 18:30 - 2012-10-08 00:02 - 09738240 ____A (Microsoft Corporation) C:WindowsSysWOW64ieframe.dll

2012-11-15 18:30 - 2012-10-07 23:56 - 01800704 ____A (Microsoft Corporation) C:WindowsSysWOW64jscript9.dll

2012-11-15 18:30 - 2012-10-07 23:48 - 01129472 ____A (Microsoft Corporation) C:WindowsSysWOW64wininet.dll

2012-11-15 18:30 - 2012-10-07 23:48 - 01103872 ____A (Microsoft Corporation) C:WindowsSysWOW64urlmon.dll

2012-11-15 18:30 - 2012-10-07 23:47 - 01427968 ____A (Microsoft Corporation) C:WindowsSysWOW64inetcpl.cpl

2012-11-15 18:30 - 2012-10-07 23:46 - 00231936 ____A (Microsoft Corporation) C:WindowsSysWOW64url.dll

2012-11-15 18:30 - 2012-10-07 23:45 - 00065024 ____A (Microsoft Corporation) C:WindowsSysWOW64jsproxy.dll

2012-11-15 18:30 - 2012-10-07 23:44 - 00142848 ____A (Microsoft Corporation) C:WindowsSysWOW64ieUnatt.exe

2012-11-15 18:30 - 2012-10-07 23:43 - 00717824 ____A (Microsoft Corporation) C:WindowsSysWOW64jscript.dll

2012-11-15 18:30 - 2012-10-07 23:43 - 00420864 ____A (Microsoft Corporation) C:WindowsSysWOW64vbscript.dll

2012-11-15 18:30 - 2012-10-07 23:42 - 00607744 ____A (Microsoft Corporation) C:WindowsSysWOW64msfeeds.dll

2012-11-15 18:30 - 2012-10-07 23:41 - 01793024 ____A (Microsoft Corporation) C:WindowsSysWOW64iertutil.dll

2012-11-15 18:30 - 2012-10-07 23:41 - 00073216 ____A (Microsoft Corporation) C:WindowsSysWOW64mshtmled.dll

2012-11-15 18:30 - 2012-10-07 23:40 - 02382848 ____A (Microsoft Corporation) C:WindowsSysWOW64mshtml.tlb

2012-11-15 18:30 - 2012-10-07 23:37 - 00176640 ____A (Microsoft Corporation) C:WindowsSysWOW64ieui.dll

2012-11-15 18:29 - 2012-07-25 19:08 - 00744448 ____A (Microsoft Corporation) C:WindowsSystem32WUDFx.dll

2012-11-15 18:29 - 2012-07-25 19:08 - 00229888 ____A (Microsoft Corporation) C:WindowsSystem32WUDFHost.exe

2012-11-15 18:29 - 2012-07-25 19:08 - 00194048 ____A (Microsoft Corporation) C:WindowsSystem32WUDFPlatform.dll

2012-11-15 18:29 - 2012-07-25 19:08 - 00084992 ____A (Microsoft Corporation) C:WindowsSystem32WUDFSvc.dll

2012-11-15 18:29 - 2012-07-25 19:08 - 00045056 ____A (Microsoft Corporation) C:WindowsSystem32WUDFCoinstaller.dll

2012-11-15 18:29 - 2012-07-25 18:26 - 00198656 ____A (Microsoft Corporation) C:WindowsSystem32DriversWUDFRd.sys

2012-11-15 18:29 - 2012-07-25 18:26 - 00087040 ____A (Microsoft Corporation) C:WindowsSystem32DriversWUDFPf.sys

2012-11-15 18:29 - 2012-06-02 06:57 - 00000003 ____A C:WindowsSystem32DriversMsftWdf_User_01_11_00_Inbox_Critical.Wdf

2012-11-15 18:15 - 2012-11-15 18:15 - 00001845 ____A C:UsersPublicDesktopQuickTime Player.lnk

2012-11-15 18:15 - 2012-11-15 18:15 - 00000000 ____D C:Program Files (x86)QuickTime

2012-11-15 06:14 - 2012-11-15 06:14 - 44687360 ____A C:WindowsSystem32configCOMPONENTS.iobit

2012-11-15 04:36 - 2012-10-18 10:25 - 03149824 ____A (Microsoft Corporation) C:WindowsSystem32win32k.sys

2012-11-15 04:36 - 2012-10-09 10:17 - 00226816 ____A (Microsoft Corporation) C:WindowsSystem32dhcpcore6.dll

2012-11-15 04:36 - 2012-10-09 10:17 - 00055296 ____A (Microsoft Corporation) C:WindowsSystem32dhcpcsvc6.dll

2012-11-15 04:36 - 2012-10-09 09:40 - 00193536 ____A (Microsoft Corporation) C:WindowsSysWOW64dhcpcore6.dll

2012-11-15 04:36 - 2012-10-09 09:40 - 00044032 ____A (Microsoft Corporation) C:WindowsSysWOW64dhcpcsvc6.dll

2012-11-15 04:31 - 2012-09-25 14:47 - 00078336 ____A (Microsoft Corporation) C:WindowsSysWOW64synceng.dll

2012-11-15 04:31 - 2012-09-25 14:46 - 00095744 ____A (Microsoft Corporation) C:WindowsSystem32synceng.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 05773824 ____A (Microsoft Corporation) C:WindowsSystem32mstscax.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 04916224 ____A (Microsoft Corporation) C:WindowsSysWOW64mstscax.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 03174912 ____A (Microsoft Corporation) C:WindowsSystem32rdpcorets.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 01123840 ____A (Microsoft Corporation) C:WindowsSystem32mstsc.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 01048064 ____A (Microsoft Corporation) C:WindowsSysWOW64mstsc.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00384000 ____A (Microsoft Corporation) C:WindowsSystem32wksprt.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00322560 ____A (Microsoft Corporation) C:WindowsSystem32aaclient.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00269312 ____A (Microsoft Corporation) C:WindowsSysWOW64aaclient.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00243200 ____A (Microsoft Corporation) C:WindowsSystem32rdpudd.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00228864 ____A (Microsoft Corporation) C:WindowsSystem32rdpendp_winip.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00192000 ____A (Microsoft Corporation) C:WindowsSysWOW64rdpendp_winip.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00062976 ____A (Microsoft Corporation) C:WindowsSystem32TSWbPrxy.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00057856 ____A (Microsoft Corporation) C:WindowsSystem32DriversTsUsbFlt.sys

2012-11-14 17:51 - 2012-11-14 17:51 - 00054272 ____A (Microsoft Corporation) C:WindowsSystem32MsRdpWebAccess.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00046592 ____A (Microsoft Corporation) C:WindowsSysWOW64MsRdpWebAccess.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00044032 ____A (Microsoft Corporation) C:WindowsSystem32tsgqec.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00043520 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbGDCoInstaller.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00037376 ____A (Microsoft Corporation) C:WindowsSysWOW64tsgqec.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00019456 ____A (Microsoft Corporation) C:WindowsSystem32Driversrdpvideominiport.sys

2012-11-14 17:51 - 2012-11-14 17:51 - 00018432 ____A (Microsoft Corporation) C:WindowsSystem32wksprtPS.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00016896 ____A (Microsoft Corporation) C:WindowsSysWOW64wksprtPS.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00015360 ____A (Microsoft Corporation) C:WindowsSystem32RdpGroupPolicyExtension.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyExtension.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyControl.exe

2012-11-14 17:50 - 2012-11-14 17:50 - 01448448 ____A (Microsoft Corporation) C:WindowsSystem32lsasrv.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00458712 ____A (Microsoft Corporation) C:WindowsSystem32Driverscng.sys

2012-11-14 17:50 - 2012-11-14 17:50 - 00340992 ____A (Microsoft Corporation) C:WindowsSystem32schannel.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00307200 ____A (Microsoft Corporation) C:WindowsSystem32ncrypt.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00247808 ____A (Microsoft Corporation) C:WindowsSysWOW64schannel.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00220160 ____A (Microsoft Corporation) C:WindowsSysWOW64ncrypt.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00154480 ____A (Microsoft Corporation) C:WindowsSystem32Driversksecpkg.sys

2012-11-14 17:50 - 2012-11-14 17:50 - 00096768 ____A (Microsoft Corporation) C:WindowsSysWOW64sspicli.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00022016 ____A (Microsoft Corporation) C:WindowsSysWOW64secur32.dll

2012-11-14 17:49 - 2012-11-14 17:49 - 00514560 ____A (Microsoft Corporation) C:WindowsSysWOW64qdvd.dll

2012-11-14 17:49 - 2012-11-14 17:49 - 00366592 ____A (Microsoft Corporation) C:WindowsSystem32qdvd.dll

2012-11-14 17:45 - 2012-11-14 17:45 - 65363968 ____A C:WindowsSystem32configSOFTWARE.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 19095552 ____A C:WindowsSystem32configSYSTEM.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00311296 ____A C:WindowsSystem32configDEFAULT.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00061440 ____A C:WindowsSystem32configSAM.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00028672 ____A C:WindowsSystem32configSECURITY.iobit

2012-11-14 12:32 - 2012-11-14 12:32 - 00030568 ____A (AVG Technologies) C:WindowsSystem32Driversavgtpx64.sys

2012-11-14 12:30 - 2012-12-11 07:50 - 00015712 ____A C:WindowsSystem32DriversSWDUMon.sys

2012-11-14 12:30 - 2012-12-11 07:50 - 00000410 ____A C:WindowsTasksSlimDrivers Startup.job

2012-11-14 12:30 - 2012-11-14 12:30 - 00000000 ____D C:UsersOwnerAppDataLocalSlimWare Utilities Inc

2012-11-14 12:29 - 2012-11-14 12:29 - 00002467 ____A C:UsersPublicDesktopSlimDrivers.lnk

2012-11-14 12:29 - 2012-11-14 12:29 - 00000000 ____D C:UsersPublicDocumentsDownloaded Installers

2012-11-14 08:21 - 2012-11-14 08:27 - 00000359 ____A C:UsersOwnerDesktopwisconbeer.txt

2012-11-12 13:06 - 2012-11-30 09:06 - 00000000 ____D C:UsersOwnerAppDataLocalMindDabble_4p

2012-11-12 13:06 - 2012-11-12 13:06 - 00000000 ____D C:Program Files (x86)MindDabble_4p

2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:UsersOwnerAppDataLocalAPlusGamer_63

2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:Program Files (x86)APlusGamer_63

2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersUpdatusUserDesktopBrain Train Age.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersOwnerDesktopBrain Train Age.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersUpdatusUserDesktopUpdate.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersOwnerDesktopUpdate.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000000 ____D C:Program Files (x86)BrainTrainAge

2012-11-12 10:33 - 2012-11-12 10:34 - 74027949 ____A (The Code::Blocks Team) C:UsersOwnerDesktopcodeblocks-10.05mingw-setup.exe

 

==================== One Month Modified Files and Folders =======

 

2012-12-11 07:50 - 2012-12-11 07:50 - 00000048 ____A C:WindowsAE0F15C41BFB83F3.log

2012-12-11 07:50 - 2012-11-14 12:30 - 00015712 ____A C:WindowsSystem32DriversSWDUMon.sys

2012-12-11 07:50 - 2012-11-14 12:30 - 00000410 ____A C:WindowsTasksSlimDrivers Startup.job

2012-12-11 07:49 - 2012-11-16 03:37 - 00005442 ____A C:Windowssetupact.log

2012-12-11 07:49 - 2009-07-13 21:08 - 00000006 ___AH C:WindowsTasksSA.DAT

2012-12-11 07:48 - 2011-02-20 21:12 - 01877928 ____A C:WindowsWindowsUpdate.log

2012-12-11 06:56 - 2012-07-30 16:28 - 00000830 ____A C:WindowsTasksAdobe Flash Player Updater.job

2012-12-11 06:46 - 2009-07-13 20:45 - 00014144 ___AH C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2012-12-11 06:46 - 2009-07-13 20:45 - 00014144 ___AH C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2012-12-11 06:28 - 2012-11-20 13:00 - 00030712 ____A C:WindowsPFRO.log

2012-12-11 06:17 - 2012-12-11 07:47 - 01461029 ____A (Farbar) C:UsersOwnerDesktopFRST64.exe

2012-12-11 04:46 - 2009-07-13 21:13 - 00726316 ____A C:WindowsSystem32PerfStringBackup.INI

2012-12-10 18:41 - 2012-12-10 18:40 - 00030347 ____A C:UsersOwnerDesktopResult.txt

2012-12-10 18:31 - 2012-12-10 18:31 - 00031862 ____A C:UsersOwnerDesktop12-10-12test.txt

2012-12-10 18:26 - 2012-12-10 16:11 - 00000000 ____D C:ComboFix

2012-12-10 18:26 - 2012-12-03 08:24 - 00000000 ____D C:Qoobox

2012-12-10 16:42 - 2012-12-10 16:42 - 00031862 ____A C:ComboFix.txt

2012-12-10 16:16 - 2009-07-13 18:34 - 00000215 ____A C:Windowssystem.ini

2012-12-10 16:12 - 2012-12-10 16:12 - 00001302 ____A C:CF-Submit.htm

2012-12-10 07:12 - 2012-12-10 07:12 - 00000000 ____D C:FRACTURE EXTRAS

2012-12-09 19:55 - 2012-08-03 14:43 - 00000000 ____D C:Program Files (x86)Google

2012-12-09 19:48 - 2012-07-30 07:28 - 00000000 ____D C:UsersOwnerDownloadsVideo

2012-12-09 19:47 - 2012-07-30 09:16 - 00000000 ____D C:UsersOwner.umplayer

2012-12-09 06:52 - 2012-12-09 06:52 - 00000000 ____D C:UsersOwnerDesktopNew Folder

2012-12-09 06:26 - 2012-12-09 06:25 - 00000000 ____D C:UsersOwnerDesktopcf

2012-12-08 12:46 - 2012-12-10 18:38 - 00752213 ____A (Farbar) C:UsersOwnerDesktopMiniToolBox.exe

2012-12-08 06:49 - 2012-07-30 09:43 - 00000000 ____D C:UsersOwnerAppDataLocalCrashDumps

2012-12-07 15:51 - 2012-12-07 15:51 - 00089974 ____A C:UsersOwnerDesktopIce Age_ Continental Drift.pds

2012-12-07 14:17 - 2012-09-23 15:34 - 00000000 ____D C:UsersOwnerDesktoptgwi

2012-12-07 14:15 - 2012-12-07 14:15 - 00089950 ____A C:UsersOwnerDocumentsicemp4.pds

2012-12-07 14:13 - 2012-12-07 13:56 - 465468200 ____A C:UsersOwnerDocumentsProduce.mp4

2012-12-07 13:56 - 2012-12-07 13:56 - 00003539 ____A C:UsersOwnerDocumentsProduce.THM

2012-12-06 10:30 - 2012-12-06 10:30 - 00000000 ____D C:UsersOwnerDesktopSTEPPENWOLF

2012-12-06 09:49 - 2012-09-01 12:04 - 00000000 ____D C:UsersOwnerAppDataRoamingIDM

2012-12-06 09:28 - 2012-07-29 03:52 - 00000000 ____D C:Program Files (x86)Mozilla Maintenance Service

2012-12-05 17:56 - 2012-07-30 07:28 - 00000000 ____D C:UsersOwnerAppDataRoamingDMCache

2012-12-05 17:06 - 2012-11-30 06:15 - 00000000 ____D C:JRT

2012-12-05 15:52 - 2009-07-13 19:20 - 00000000 ____D C:WindowsSystem32NDF

2012-12-05 15:42 - 2012-12-05 15:46 - 01995672 ____A (Driver Whiz) C:UsersOwnerDesktopDriverwhiz_2.exe

2012-12-05 09:06 - 2012-12-05 09:06 - 00001147 ____A C:UsersPublicDesktopMozilla Firefox.lnk

2012-12-05 09:06 - 2012-07-29 03:52 - 00000000 ____D C:Program Files (x86)Mozilla Firefox

2012-12-05 09:03 - 2012-12-05 09:02 - 00002323 ____A C:UsersOwnerDesktopFSS.txt

2012-12-05 05:44 - 2012-12-05 09:00 - 00696153 ____A (Farbar) C:UsersOwnerDesktopFSS.exe

2012-12-04 11:50 - 2012-07-19 01:29 - 00000000 ____D C:UsersOwnerAppDataLocalApps2.0

2012-12-04 09:49 - 2012-12-04 09:49 - 00000324 ____A C:UsersOwnerDesktopmessup.txt

2012-12-04 05:48 - 2012-12-04 05:48 - 00001724 ____A C:AdwCleaner[s6].txt

2012-12-04 04:28 - 2009-07-13 21:08 - 00032544 ____A C:WindowsTasksSCHEDLGU.TXT

2012-12-03 09:38 - 2012-12-03 09:38 - 00032483 ____A C:UsersOwnerDesktopx.txt

2012-12-03 09:11 - 2009-07-13 19:20 - 00000000 __RHD C:usersDefault

2012-12-03 09:06 - 2012-12-03 08:23 - 00000000 ____D C:Windowserdnt

2012-12-03 08:36 - 2009-07-13 18:34 - 67108864 ____A C:WindowsSystem32configSOFTWARE.bak

2012-12-03 08:36 - 2009-07-13 18:34 - 19922944 ____A C:WindowsSystem32configSYSTEM.bak

2012-12-03 08:36 - 2009-07-13 18:34 - 00311296 ____A C:WindowsSystem32configDEFAULT.bak

2012-12-03 08:36 - 2009-07-13 18:34 - 00061440 ____A C:WindowsSystem32configSAM.bak

2012-12-03 08:36 - 2009-07-13 18:34 - 00028672 ____A C:WindowsSystem32configSECURITY.bak

2012-12-03 05:41 - 2012-12-03 05:40 - 05009299 ____R (Swearware) C:UsersOwnerDesktopComboFix.exe

2012-12-02 18:40 - 2012-12-02 18:40 - 00000490 ____A C:UsersOwnerDesktopcomp websites.txt

2012-12-02 14:45 - 2012-12-02 18:48 - 00856731 ____A C:UsersOwnerDesktopSecurityCheck.exe

2012-12-01 12:03 - 2012-11-21 11:11 - 00025658 ____A C:UsersOwnerDesktopdds.txt

2012-12-01 12:03 - 2012-11-21 11:11 - 00010123 ____A C:UsersOwnerDesktopattach.txt

2012-12-01 11:47 - 2012-12-01 11:47 - 00011384 ____A C:UsersOwnerDesktopJRT.txt

2012-12-01 11:43 - 2012-11-30 06:15 - 00000347 ____A C:UsersOwnerDownloadsaskregvalue_x64.dat

2012-11-30 20:10 - 2012-09-22 05:42 - 00001101 ____A C:UsersPublicDesktopAnyDVD.lnk

2012-11-30 13:47 - 2012-11-30 07:39 - 00001109 ____A C:UsersPublicDesktopMalwarebytes Anti-Malware.lnk

2012-11-30 13:47 - 2012-11-30 07:39 - 00000000 ____D C:Program Files (x86)Malwarebytes' Anti-Malware

2012-11-30 09:06 - 2012-11-12 13:06 - 00000000 ____D C:UsersOwnerAppDataLocalMindDabble_4p

2012-11-30 06:16 - 2012-11-30 06:16 - 00000000 ____D C:WindowsERUNT

2012-11-30 05:53 - 2012-11-30 05:50 - 00000000 ____D C:UsersOwnerDesktopmark new comp stuff

2012-11-30 04:16 - 2012-11-30 05:50 - 10669952 ____A (Malwarebytes Corporation ) C:UsersOwnerDesktopmbam-setup-1.65.1.1000.exe

2012-11-30 04:15 - 2012-11-30 05:50 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.com

2012-11-30 04:12 - 2012-11-30 05:50 - 00912454 ____A C:UsersOwnerDesktopJRT.exe

2012-11-30 04:10 - 2012-11-30 05:50 - 00448512 ___RA (OldTimer Tools) C:UsersOwnerDesktopTFC.exe

2012-11-28 08:04 - 2012-11-25 11:14 - 00000000 ____D C:UsersOwnerDesktopfor marks computer

2012-11-28 07:51 - 2012-07-29 04:08 - 00000000 ____D C:UsersOwnerAppDataRoaminguTorrent

2012-11-28 04:31 - 2012-08-03 14:42 - 00000000 ____D C:UsersAll UsersAVAST Software

2012-11-27 09:18 - 2012-11-27 09:18 - 00000000 ____D C:FRST

2012-11-25 11:08 - 2012-11-25 11:08 - 00000732 ____A C:UsersOwnerDesktopfor marks computer - Shortcut.lnk

2012-11-25 08:06 - 2012-11-25 11:14 - 00011464 ____A C:UsersOwnerDesktophelp1.txt

2012-11-25 07:36 - 2012-11-25 11:14 - 00027239 ____A C:UsersOwnerDesktopcomp help

2012-11-25 07:22 - 2012-11-25 12:29 - 04732416 ____A (AVAST Software) C:UsersOwnerDesktopaswMBR.exe

2012-11-25 07:18 - 2012-11-25 11:14 - 00602112 ____A C:UsersOwnerDesktopOTL.exe

2012-11-24 18:05 - 2012-11-24 14:52 - 00001181 ____A C:UsersOwnerDesktopDesinstaller_HOSTS_Anti-PUPs.lnk

2012-11-24 14:56 - 2012-11-24 14:56 - 00001236 ____A C:AdwCleaner[s5].txt

2012-11-24 14:40 - 2012-11-24 14:40 - 00001157 ____A C:AdwCleaner[s4].txt

2012-11-24 07:08 - 2012-11-24 07:07 - 00001096 ____A C:AdwCleaner[s3].txt

2012-11-24 06:58 - 2012-11-23 17:49 - 00000000 ____D C:Program Files (x86)Xvid

2012-11-24 06:57 - 2012-11-24 06:57 - 00000000 ____D C:UsersOwner.bitrock

2012-11-24 06:57 - 2012-07-19 01:23 - 00000000 ____D C:usersOwner

2012-11-24 06:54 - 2012-11-24 06:54 - 00001550 ____A C:AdwCleaner[s2].txt

2012-11-23 14:53 - 2012-11-23 14:53 - 00051166 ____A C:UsersOwnerDocumentsAdwCleaner[s1]1.txt

2012-11-23 14:32 - 2012-11-23 14:31 - 00051166 ____A C:AdwCleaner[s1].txt

2012-11-23 14:27 - 2012-11-23 14:27 - 00543531 ____A C:UsersOwnerDesktopAdwCleaner.exe

2012-11-23 13:31 - 2012-08-02 19:08 - 00001779 ____A C:UsersOwnerDesktoppremier.txt

2012-11-23 06:52 - 2012-11-23 06:52 - 00009544 ____A C:UsersOwnerDesktopbridesmaids unrated.pds

2012-11-22 16:34 - 2012-07-30 07:28 - 00000000 ____D C:UsersOwnerDownloadsCompressed

2012-11-21 08:14 - 2012-09-15 05:28 - 00000000 ____D C:New folder (2)

2012-11-21 07:59 - 2012-10-15 13:09 - 00000000 ____D C:Program Files (x86)TextAloud

2012-11-21 07:57 - 2012-11-20 08:25 - 00000000 ____D C:Program Files (x86)PCPitstop

2012-11-21 07:54 - 2012-10-14 18:14 - 00000000 ____D C:Program Files (x86)IVONA

2012-11-21 07:50 - 2012-08-09 14:42 - 00000000 ____D C:UsersOwnerAppDataRoamingAnvisoft

2012-11-21 07:50 - 2012-08-09 14:42 - 00000000 ____D C:Program Files (x86)Anvisoft

2012-11-21 07:49 - 2012-08-11 10:53 - 00000000 ____D C:UsersOwnerAppDataRoamingApple Computer

2012-11-21 07:29 - 2012-11-21 07:29 - 02213976 ____A (Kaspersky Lab ZAO) C:UsersOwnerDesktoptdsskiller.exe

2012-11-21 07:26 - 2012-11-21 07:26 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.EXE

2012-11-21 06:19 - 2012-11-21 06:17 - 00000000 ____D C:Program Files (x86)MeadCo Neptune

2012-11-21 06:18 - 2012-11-21 06:18 - 00169816 ____A (Microsoft Corporation) C:UsersOwnerDownloadsMeadCo_Neptune.exe

2012-11-21 06:16 - 2012-09-02 06:28 - 00000000 ____D C:Program Files (x86)Internet Download Manager

2012-11-21 05:17 - 2012-11-20 14:22 - 00415934 ____A C:WindowsSystem32Driversvsconfig.xml

2012-11-20 14:16 - 2012-11-20 14:16 - 00000762 ____A C:UsersPublicDesktopZoneAlarm Security.lnk

2012-11-20 14:16 - 2012-11-20 14:16 - 00000000 ____D C:UsersOwnerDocumentsForceField Shared Files

2012-11-20 14:16 - 2012-11-20 13:46 - 00000000 ____D C:Program Files (x86)CheckPoint

2012-11-20 14:15 - 2012-11-20 14:15 - 00000000 ____D C:UsersOwnerAppDataRoamingCheckPoint

2012-11-20 14:14 - 2012-11-20 14:14 - 00000000 ____D C:Program FilesCheckPoint

2012-11-20 13:46 - 2012-11-20 13:46 - 00000000 ____D C:UsersAll UsersCheckPoint

2012-11-20 10:34 - 2012-08-03 15:02 - 00000000 ____D C:UsersOwnerAppDataLocalSpotify

2012-11-20 10:34 - 2012-08-03 14:53 - 00000000 ____D C:UsersOwnerAppDataRoamingSpotify

2012-11-20 10:23 - 2012-11-20 10:23 - 00000000 ____D C:UsersOwnerAppDataRoamingMalwarebytes

2012-11-20 10:22 - 2012-11-20 10:22 - 00000000 ____D C:UsersAll UsersMalwarebytes

2012-11-20 08:27 - 2012-11-20 08:27 - 00000000 ____D C:UsersAll UsersPCPitstop

2012-11-20 03:53 - 2012-11-20 03:53 - 00000000 ____D C:UsersOwnerAppDataRoamingConverterLite

2012-11-20 03:53 - 2012-10-21 17:31 - 00001947 ____A C:UsersPublicDesktopConverterLite.lnk

2012-11-20 03:36 - 2012-11-20 03:36 - 00000000 ____D C:UsersOwnerDocumentsMy Video

2012-11-19 19:27 - 2012-11-19 19:27 - 00010486 ____A C:UsersOwnerDesktopkill bill.pds

2012-11-19 17:03 - 2012-11-19 17:03 - 00000000 ____D C:UsersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012)

2012-11-19 16:15 - 2012-07-30 10:38 - 00014336 __ASH C:UsersOwnerThumbs.db

2012-11-19 12:16 - 2012-11-19 12:16 - 00181636 ____A C:UsersOwnerDesktopdisk music.pds

2012-11-19 11:25 - 2012-11-19 11:25 - 00001019 ____A C:UsersUpdatusUserDesktopARWizard3.lnk

2012-11-19 08:58 - 2012-08-02 19:07 - 00002902 ____A C:UsersOwnerDesktopkt work 608-264-9826 Your IP 71.90.87.244.odt

2012-11-18 14:50 - 2011-02-20 21:42 - 00000000 ____D C:UsersAll UsersAdobe

2012-11-18 14:46 - 2012-07-30 16:28 - 00697272 ____A (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerApp.exe

2012-11-18 14:46 - 2012-07-30 16:28 - 00073656 ____A (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerCPLApp.cpl

2012-11-18 09:55 - 2009-07-13 19:20 - 00000000 ____D C:Windowsrescache

2012-11-17 18:29 - 2012-11-17 18:29 - 00157793 ____A C:UsersOwnerDesktopbeer.pds

2012-11-17 13:38 - 2012-11-17 13:20 - 00000000 ____D C:UsersOwner.gimp-2.8

2012-11-17 13:28 - 2012-08-07 13:33 - 00000000 ____D C:UsersOwnerAppDataRoamingCyberLink

2012-11-17 13:25 - 2012-11-17 13:25 - 00001374 ____A C:UsersOwnerAppDataLocalrecently-used.xbel

2012-11-17 13:22 - 2012-11-17 13:22 - 00000000 ____D C:UsersOwner.thumbnails

2012-11-17 13:20 - 2012-11-17 13:20 - 00000000 ____D C:UsersOwnerAppDataLocalgegl-0.2

2012-11-17 13:19 - 2012-11-17 13:18 - 00000000 ____D C:Program FilesGIMP 2

2012-11-17 12:01 - 2012-11-17 12:01 - 01555254 ____A C:UsersOwnerDocumentsSnapshot.bmp

2012-11-17 11:41 - 2012-11-17 11:20 - 3152334848 ____A C:UsersOwnerDesktopBottoms Up.mpg

2012-11-17 10:47 - 2012-11-17 10:47 - 00054406 ____A C:UsersOwnerDesktopbottom.pds

2012-11-16 16:52 - 2012-11-16 15:54 - 1609062400 ____A C:UsersOwnerDocumentsbottoms up.mpg

2012-11-16 15:50 - 2012-08-07 13:35 - 00000000 ____D C:UsersOwnerDocumentsYoucam

2012-11-16 07:40 - 2012-07-30 09:17 - 00000000 ____D C:UsersOwnerAppDataLocalMPlayer

2012-11-16 03:39 - 2012-07-19 01:29 - 00076920 ____A C:UsersOwnerAppDataLocalGDIPFONTCACHEV1.DAT

2012-11-16 03:37 - 2012-11-16 03:37 - 00000000 ____A C:Windowssetuperr.log

2012-11-16 03:37 - 2009-07-13 20:45 - 00305776 ____A C:WindowsSystem32FNTCACHE.DAT

2012-11-15 18:38 - 2009-07-13 19:20 - 00000000 ____D C:WindowsPolicyDefinitions

2012-11-15 18:15 - 2012-11-15 18:15 - 00001845 ____A C:UsersPublicDesktopQuickTime Player.lnk

2012-11-15 18:15 - 2012-11-15 18:15 - 00000000 ____D C:Program Files (x86)QuickTime

2012-11-15 18:15 - 2012-08-07 15:26 - 00000000 ____D C:UsersAll UsersApple Computer

2012-11-15 06:14 - 2012-11-15 06:14 - 44687360 ____A C:WindowsSystem32configCOMPONENTS.iobit

2012-11-15 04:25 - 2012-07-25 04:45 - 66395536 ____A (Microsoft Corporation) C:WindowsSystem32MRT.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 05773824 ____A (Microsoft Corporation) C:WindowsSystem32mstscax.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 04916224 ____A (Microsoft Corporation) C:WindowsSysWOW64mstscax.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 03174912 ____A (Microsoft Corporation) C:WindowsSystem32rdpcorets.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 01123840 ____A (Microsoft Corporation) C:WindowsSystem32mstsc.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 01048064 ____A (Microsoft Corporation) C:WindowsSysWOW64mstsc.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00384000 ____A (Microsoft Corporation) C:WindowsSystem32wksprt.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00322560 ____A (Microsoft Corporation) C:WindowsSystem32aaclient.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00269312 ____A (Microsoft Corporation) C:WindowsSysWOW64aaclient.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00243200 ____A (Microsoft Corporation) C:WindowsSystem32rdpudd.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00228864 ____A (Microsoft Corporation) C:WindowsSystem32rdpendp_winip.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00192000 ____A (Microsoft Corporation) C:WindowsSysWOW64rdpendp_winip.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00062976 ____A (Microsoft Corporation) C:WindowsSystem32TSWbPrxy.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00057856 ____A (Microsoft Corporation) C:WindowsSystem32DriversTsUsbFlt.sys

2012-11-14 17:51 - 2012-11-14 17:51 - 00054272 ____A (Microsoft Corporation) C:WindowsSystem32MsRdpWebAccess.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00046592 ____A (Microsoft Corporation) C:WindowsSysWOW64MsRdpWebAccess.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00044032 ____A (Microsoft Corporation) C:WindowsSystem32tsgqec.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00043520 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbGDCoInstaller.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00037376 ____A (Microsoft Corporation) C:WindowsSysWOW64tsgqec.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00019456 ____A (Microsoft Corporation) C:WindowsSystem32Driversrdpvideominiport.sys

2012-11-14 17:51 - 2012-11-14 17:51 - 00018432 ____A (Microsoft Corporation) C:WindowsSystem32wksprtPS.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00016896 ____A (Microsoft Corporation) C:WindowsSysWOW64wksprtPS.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00015360 ____A (Microsoft Corporation) C:WindowsSystem32RdpGroupPolicyExtension.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyExtension.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyControl.exe

2012-11-14 17:50 - 2012-11-14 17:50 - 01448448 ____A (Microsoft Corporation) C:WindowsSystem32lsasrv.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00458712 ____A (Microsoft Corporation) C:WindowsSystem32Driverscng.sys

2012-11-14 17:50 - 2012-11-14 17:50 - 00340992 ____A (Microsoft Corporation) C:WindowsSystem32schannel.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00307200 ____A (Microsoft Corporation) C:WindowsSystem32ncrypt.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00247808 ____A (Microsoft Corporation) C:WindowsSysWOW64schannel.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00220160 ____A (Microsoft Corporation) C:WindowsSysWOW64ncrypt.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00154480 ____A (Microsoft Corporation) C:WindowsSystem32Driversksecpkg.sys

2012-11-14 17:50 - 2012-11-14 17:50 - 00096768 ____A (Microsoft Corporation) C:WindowsSysWOW64sspicli.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00022016 ____A (Microsoft Corporation) C:WindowsSysWOW64secur32.dll

2012-11-14 17:49 - 2012-11-14 17:49 - 00514560 ____A (Microsoft Corporation) C:WindowsSysWOW64qdvd.dll

2012-11-14 17:49 - 2012-11-14 17:49 - 00366592 ____A (Microsoft Corporation) C:WindowsSystem32qdvd.dll

2012-11-14 17:45 - 2012-11-14 17:45 - 65363968 ____A C:WindowsSystem32configSOFTWARE.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 19095552 ____A C:WindowsSystem32configSYSTEM.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00311296 ____A C:WindowsSystem32configDEFAULT.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00061440 ____A C:WindowsSystem32configSAM.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00028672 ____A C:WindowsSystem32configSECURITY.iobit

2012-11-14 12:32 - 2012-11-14 12:32 - 00030568 ____A (AVG Technologies) C:WindowsSystem32Driversavgtpx64.sys

2012-11-14 12:30 - 2012-11-14 12:30 - 00000000 ____D C:UsersOwnerAppDataLocalSlimWare Utilities Inc

2012-11-14 12:29 - 2012-11-14 12:29 - 00002467 ____A C:UsersPublicDesktopSlimDrivers.lnk

2012-11-14 12:29 - 2012-11-14 12:29 - 00000000 ____D C:UsersPublicDocumentsDownloaded Installers

2012-11-14 11:45 - 2012-08-02 19:08 - 00000541 ____A C:UsersOwnerDesktopphone.txt

2012-11-14 08:27 - 2012-11-14 08:21 - 00000359 ____A C:UsersOwnerDesktopwisconbeer.txt

2012-11-12 13:06 - 2012-11-12 13:06 - 00000000 ____D C:Program Files (x86)MindDabble_4p

2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:UsersOwnerAppDataLocalAPlusGamer_63

2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:Program Files (x86)APlusGamer_63

2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersUpdatusUserDesktopBrain Train Age.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersOwnerDesktopBrain Train Age.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersUpdatusUserDesktopUpdate.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersOwnerDesktopUpdate.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000000 ____D C:Program Files (x86)BrainTrainAge

2012-11-12 10:34 - 2012-11-12 10:33 - 74027949 ____A (The Code::Blocks Team) C:UsersOwnerDesktopcodeblocks-10.05mingw-setup.exe

 

==================== Known DLLs (Whitelisted) =================

 

 

==================== Bamital & volsnap Check =================

 

C:WindowsSystem32winlogon.exe => MD5 is legit

C:WindowsSystem32wininit.exe => MD5 is legit

C:WindowsSysWOW64wininit.exe => MD5 is legit

C:Windowsexplorer.exe => MD5 is legit

C:WindowsSysWOW64explorer.exe => MD5 is legit

C:WindowsSystem32svchost.exe => MD5 is legit

C:WindowsSysWOW64svchost.exe => MD5 is legit

C:WindowsSystem32services.exe => MD5 is legit

C:WindowsSystem32User32.dll => MD5 is legit

C:WindowsSysWOW64User32.dll => MD5 is legit

C:WindowsSystem32userinit.exe => MD5 is legit

C:WindowsSysWOW64userinit.exe => MD5 is legit

C:WindowsSystem32Driversvolsnap.sys => MD5 is legit

 

==================== EXE ASSOCIATION =====================

 

HKLM....exe: exefile => OK

HKLM...exefileDefaultIcon: %1 => OK

HKLM...exefileopencommand: "%1" %* => OK

 

==================== Restore Points =========================

 

Restore point made on: 2012-11-30 06:57:43

Restore point made on: 2012-12-02 17:44:40

Restore point made on: 2012-12-10 06:33:52

 

==================== Memory info ===========================

 

Percentage of memory in use: 11%

Total physical RAM: 6056.37 MB

Available physical RAM: 5340.92 MB

Total Pagefile: 6054.52 MB

Available Pagefile: 5334.86 MB

Total Virtual: 8192 MB

Available Virtual: 8191.91 MB

 

==================== Partitions =============================

 

1 Drive c: () (Fixed) (Total:586.07 GB) (Free:70.1 GB) NTFS

3 Drive f: (USB20FD) (Removable) (Total:7.59 GB) (Free:7.51 GB) FAT32

4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

5 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]

 

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 596 GB 0 B

Disk 1 Online 7788 MB 0 B

 

Partitions of Disk 0:

===============

 

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 100 MB 1024 KB

Partition 2 Primary 586 GB 101 MB

Partition 3 OEM 9 GB 586 GB

 

==================================================================================

 

Disk: 0

Partition 1

Type : 07

Hidden: No

Active: Yes

 

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy

 

=========================================================

 

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: No

 

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C NTFS Partition 586 GB Healthy

 

=========================================================

 

Disk: 0

Partition 3

Type : 12

Hidden: Yes

Active: No

 

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 RECOVERY NTFS Partition 9 GB Healthy Hidden

 

=========================================================

 

Partitions of Disk 1:

===============

 

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 7782 MB 5820 KB

 

==================================================================================

 

Disk: 1

Partition 1

Type : 0C

Hidden: No

Active: Yes

 

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 F USB20FD FAT32 Removable 7782 MB Healthy

 

=========================================================

 

Last Boot: 2012-12-05 03:49

 

==================== End Of Log =============================

 

I still have problems with internet

Share this post


Link to post
Share on other sites

Hello goofy1139

 

There are still some traces of Zonealarm showing in your latest log.

 

Lets try this:

 

  • Please un-install your ZoneAlarm product

  • Click on "Start" then on "Control Panel" and then on the "Programs and Features" tab.
  • Find your Zonealarm program, click on it once and then click on the "uninstall" button.
  • If you are prompted to re-boot your computer to complete the uninstall please do so.
Once you have done that (or if Zonealarm is not listed in your program list) please download and run the Zonealarm removal tool located here: http://download.zone...nload/clean.exe

 

After completing the steps above please post a new FRST log and let me know if you are still having problems :)

 

Share this post


Link to post
Share on other sites

Hello JonTom

 

After uninstalling ZoneAlarm I was able to get online! Thank You so much! Here is the new FRST log.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2012

Ran by SYSTEM at 12-12-2012 13:37:45

Running from F:

Windows 7 Home Premium (X64) OS Language: English(US)

The current controlset is ControlSet001

 

==================== Registry (Whitelisted) ===================

 

HKLM...Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s [11660904 2010-11-30] (Realtek Semiconductor)

HKLM...Run: [intelWireless] "C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe" /tf Intel Wireless Tray [1933584 2011-01-04] (Intel® Corporation)

HKLM...Run: [ETDCtrl] %ProgramFiles%ElantechETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)

HKLM...Run: [intelWirelessWiMAX] "C:Program FilesIntelWiMAXBinWiMAXCU.exe" /tasktray /nosplash [1622016 2011-06-02] (Intel® Corporation)

HKLM-x32...Run: [CLMLServer] "C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe" [103720 2009-11-01] (CyberLink)

HKLM-x32...Run: [samsung PanelMgr] C:WindowsSamsungPanelMgrSSMMgr.exe /autorun [618496 2010-06-07] ()

HKLM-x32...Run: [uVS10 Preload] C:Program Files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe [36864 2006-03-06] (Ulead Systems, Inc.)

HKLM-x32...Run: [updatePPShortCut] "C:Program Files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" "C:Program Files (x86)CyberLinkPowerProducer" UpdateWithCreateOnce "SoftwareCyberLinkPowerProducer5.0" [222504 2009-05-19] (CyberLink Corp.)

HKLM-x32...Run: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)

HKLM-x32...Run: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)

HKLM-x32...Run: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [59280 2012-10-11] (Apple Inc.)

HKLM-x32...Run: [PowerDVD12DMREngine] "C:Program Files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [505872 2012-09-18] (CyberLink)

HKLM-x32...Run: [PowerDVD12Agent] "C:Program Files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [374560 2012-09-18] (CyberLink Corp.)

HKLM-x32...Run: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)

HKUOwner...Run: [iDMan] C:New folder (2)Internet Download Manager v6.11. 8.1 (IDM) +Crack + Key [h33t][iahq76]IDMan.exe /onboot [3220912 2010-05-26] (Tonec Inc.)

HKUOwner...Run: [Xvid] C:Program Files (x86)XvidCheckUpdate.exe [8192 2011-01-17] ()

HKUOwner...Run: [AnyDVD] C:Program Files (x86)SlySoftAnyDVDAnyDVDtray.exe [6663840 2012-11-23] (SlySoft, Inc.)

TcpipParameters: [DhcpNameServer] 24.196.64.53 68.113.206.10 24.178.162.3

AppInit_DLLs: C:WindowsSystem32nvinitx.dll

Startup: C:UsersOwnerStart MenuProgramsStartupMagicDisc.lnk

ShortcutTarget: MagicDisc.lnk -> C:Program Files (x86)MagicDiscMagicDisc.exe (MagicISO, Inc.)

 

==================== Services (Whitelisted) ===================

 

2 CLHNServiceForPowerDVD12; C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [90640 2012-09-18] (CyberLink Corp.)

2 CyberLink PowerDVD 12 Media Server Monitor Service; "C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe" [78352 2012-09-18] (CyberLink)

2 CyberLink PowerDVD 12 Media Server Service; "C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe" [295440 2012-09-18] (CyberLink)

2 MBAMScheduler; "C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation)

2 MBAMService; "C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe" [676936 2012-09-29] (Malwarebytes Corporation)

3 MyWiFiDHCPDNS; C:Program FilesIntelWiFibinPanDhcpDns.exe [340240 2011-01-04] ()

2 nlsX86cc; "C:WindowsSysWOW64nlssrv32.exe" [66560 2010-11-22] (Nalpeiron Ltd.)

2 RichVideo; "C:Program Files (x86)CyberLinkShared filesRichVideo.exe" [244904 2009-11-30] ()

 

==================== Drivers (Whitelisted) =====================

 

3 AnyDVD; C:WindowsSystem32DriversAnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)

3 AnyDVD; C:WindowsSysWow64DriversAnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)

3 AVerPola; C:WindowsSystem32DriversAVerPola.sys [534144 2011-01-03] (AVerMedia TECHNOLOGIES, Inc.)

1 avgtp; ??C:Windowssystem32driversavgtpx64.sys [30568 2012-11-14] (AVG Technologies)

3 MBAMProtector; ??C:Windowssystem32driversmbam.sys [25928 2012-09-29] (Malwarebytes Corporation)

2 ntk_PowerDVD12; ??C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)

0 SmartDefragDriver; C:WindowsSystem32DriversSmartDefragDriver.sys [17720 2010-11-26] ()

3 StkCMini; C:WindowsSystem32DriversStkCMini.sys [1816968 2010-04-16] (Syntek)

3 SWDUMon; C:WindowsSystem32DriversSWDUMon.sys [15712 2012-12-12] ()

2 {73526619-C24F-470B-9BED-53D455FBB5C6}; ??C:Program Files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [147704 2012-09-19] (CyberLink Corp.)

3 catchme; ??C:ComboFixcatchme.sys [x]

 

==================== NetSvcs (Whitelisted) ====================

 

 

==================== One Month Created Files and Folders ========

 

2012-12-12 11:34 - 2012-12-12 11:34 - 00000024 ____A C:WindowsAE0F15C41BFB83F3.log

2012-12-12 11:20 - 2012-12-12 11:20 - 00001994 ____A C:UsersOwnerDesktopFSS.txt

2012-12-12 11:12 - 2012-12-12 11:12 - 00046663 ____A C:UsersOwnerDesktopFRST.txt

2012-12-12 09:44 - 2012-12-12 09:44 - 00000000 ____D C:Program Files (x86)CheckPoint

2012-12-11 18:21 - 2012-12-11 18:21 - 00006130 ____A C:WirelessDiagLog.csv

2012-12-11 07:47 - 2012-12-11 06:17 - 01461029 ____A (Farbar) C:UsersOwnerDesktopFRST64.exe

2012-12-10 18:40 - 2012-12-10 18:41 - 00030347 ____A C:UsersOwnerDesktopResult.txt

2012-12-10 18:38 - 2012-12-08 12:46 - 00752213 ____A (Farbar) C:UsersOwnerDesktopMiniToolBox.exe

2012-12-10 18:31 - 2012-12-10 18:31 - 00031862 ____A C:UsersOwnerDesktop12-10-12test.txt

2012-12-10 16:42 - 2012-12-10 16:42 - 00031862 ____A C:ComboFix.txt

2012-12-10 16:12 - 2012-12-10 16:12 - 00001302 ____A C:CF-Submit.htm

2012-12-10 16:11 - 2012-12-10 18:26 - 00000000 ____D C:ComboFix

2012-12-10 07:12 - 2012-12-10 07:12 - 00000000 ____D C:FRACTURE EXTRAS

2012-12-09 06:52 - 2012-12-09 06:52 - 00000000 ____D C:UsersOwnerDesktopNew Folder

2012-12-09 06:25 - 2012-12-09 06:26 - 00000000 ____D C:UsersOwnerDesktopcf

2012-12-07 15:51 - 2012-12-07 15:51 - 00089974 ____A C:UsersOwnerDesktopIce Age_ Continental Drift.pds

2012-12-07 14:15 - 2012-12-07 14:15 - 00089950 ____A C:UsersOwnerDocumentsicemp4.pds

2012-12-07 13:56 - 2012-12-07 14:13 - 465468200 ____A C:UsersOwnerDocumentsProduce.mp4

2012-12-07 13:56 - 2012-12-07 13:56 - 00003539 ____A C:UsersOwnerDocumentsProduce.THM

2012-12-06 10:30 - 2012-12-06 10:30 - 00000000 ____D C:UsersOwnerDesktopSTEPPENWOLF

2012-12-05 15:46 - 2012-12-05 15:42 - 01995672 ____A (Driver Whiz) C:UsersOwnerDesktopDriverwhiz_2.exe

2012-12-05 09:06 - 2012-12-05 09:06 - 00001147 ____A C:UsersPublicDesktopMozilla Firefox.lnk

2012-12-05 09:00 - 2012-12-12 11:05 - 00697869 ____A (Farbar) C:UsersOwnerDesktopFSS.exe

2012-12-04 09:49 - 2012-12-04 09:49 - 00000324 ____A C:UsersOwnerDesktopmessup.txt

2012-12-04 05:48 - 2012-12-04 05:48 - 00001724 ____A C:AdwCleaner[s6].txt

2012-12-03 09:38 - 2012-12-03 09:38 - 00032483 ____A C:UsersOwnerDesktopx.txt

2012-12-03 08:27 - 2011-06-25 22:45 - 00256000 ____A C:WindowsPEV.exe

2012-12-03 08:27 - 2010-11-07 09:20 - 00208896 ____A C:WindowsMBR.exe

2012-12-03 08:27 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:WindowsNIRCMD.exe

2012-12-03 08:27 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:WindowsSWREG.exe

2012-12-03 08:27 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:WindowsSWSC.exe

2012-12-03 08:27 - 2000-08-30 16:00 - 00098816 ____A C:Windowssed.exe

2012-12-03 08:27 - 2000-08-30 16:00 - 00080412 ____A C:Windowsgrep.exe

2012-12-03 08:27 - 2000-08-30 16:00 - 00068096 ____A C:Windowszip.exe

2012-12-03 08:24 - 2012-12-10 18:26 - 00000000 ____D C:Qoobox

2012-12-03 08:23 - 2012-12-03 09:06 - 00000000 ____D C:Windowserdnt

2012-12-03 05:40 - 2012-12-03 05:41 - 05009299 ____R (Swearware) C:UsersOwnerDesktopComboFix.exe

2012-12-02 18:48 - 2012-12-02 14:45 - 00856731 ____A C:UsersOwnerDesktopSecurityCheck.exe

2012-12-02 18:40 - 2012-12-02 18:40 - 00000490 ____A C:UsersOwnerDesktopcomp websites.txt

2012-12-01 11:47 - 2012-12-01 11:47 - 00011384 ____A C:UsersOwnerDesktopJRT.txt

2012-11-30 07:39 - 2012-11-30 13:47 - 00001109 ____A C:UsersPublicDesktopMalwarebytes Anti-Malware.lnk

2012-11-30 07:39 - 2012-11-30 13:47 - 00000000 ____D C:Program Files (x86)Malwarebytes' Anti-Malware

2012-11-30 07:39 - 2012-09-29 17:54 - 00025928 ____A (Malwarebytes Corporation) C:WindowsSystem32Driversmbam.sys

2012-11-30 06:16 - 2012-11-30 06:16 - 00000000 ____D C:WindowsERUNT

2012-11-30 06:15 - 2012-12-05 17:06 - 00000000 ____D C:JRT

2012-11-30 06:15 - 2012-12-01 11:43 - 00000347 ____A C:UsersOwnerDownloadsaskregvalue_x64.dat

2012-11-30 05:50 - 2012-11-30 05:53 - 00000000 ____D C:UsersOwnerDesktopmark new comp stuff

2012-11-30 05:50 - 2012-11-30 04:16 - 10669952 ____A (Malwarebytes Corporation ) C:UsersOwnerDesktopmbam-setup-1.65.1.1000.exe

2012-11-30 05:50 - 2012-11-30 04:15 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.com

2012-11-30 05:50 - 2012-11-30 04:12 - 00912454 ____A C:UsersOwnerDesktopJRT.exe

2012-11-30 05:50 - 2012-11-30 04:10 - 00448512 ___RA (OldTimer Tools) C:UsersOwnerDesktopTFC.exe

2012-11-27 09:18 - 2012-12-12 11:11 - 00000000 ____D C:FRST

2012-11-25 12:29 - 2012-11-25 07:22 - 04732416 ____A (AVAST Software) C:UsersOwnerDesktopaswMBR.exe

2012-11-25 11:14 - 2012-11-28 08:04 - 00000000 ____D C:UsersOwnerDesktopfor marks computer

2012-11-25 11:14 - 2012-11-25 08:06 - 00011464 ____A C:UsersOwnerDesktophelp1.txt

2012-11-25 11:14 - 2012-11-25 07:36 - 00027239 ____A C:UsersOwnerDesktopcomp help

2012-11-25 11:14 - 2012-11-25 07:18 - 00602112 ____A C:UsersOwnerDesktopOTL.exe

2012-11-25 11:08 - 2012-11-25 11:08 - 00000732 ____A C:UsersOwnerDesktopfor marks computer - Shortcut.lnk

2012-11-24 14:56 - 2012-11-24 14:56 - 00001236 ____A C:AdwCleaner[s5].txt

2012-11-24 14:52 - 2012-11-24 18:05 - 00001181 ____A C:UsersOwnerDesktopDesinstaller_HOSTS_Anti-PUPs.lnk

2012-11-24 14:40 - 2012-11-24 14:40 - 00001157 ____A C:AdwCleaner[s4].txt

2012-11-24 07:07 - 2012-11-24 07:08 - 00001096 ____A C:AdwCleaner[s3].txt

2012-11-24 06:58 - 2011-05-30 05:42 - 00255488 ____A C:WindowsSystem32xvidvfw.dll

2012-11-24 06:58 - 2011-05-30 05:42 - 00240640 ____A C:WindowsSysWOW64xvidvfw.dll

2012-11-24 06:58 - 2011-05-23 01:52 - 00153088 ____A C:WindowsSysWOW64xvid.ax

2012-11-24 06:58 - 2011-05-22 23:49 - 00173568 ____A C:WindowsSystem32xvid.ax

2012-11-24 06:58 - 2011-05-22 23:46 - 00645632 ____A C:WindowsSysWOW64xvidcore.dll

2012-11-24 06:58 - 2011-05-22 23:45 - 00696832 ____A C:WindowsSystem32xvidcore.dll

2012-11-24 06:57 - 2012-11-24 06:57 - 00000000 ____D C:UsersOwner.bitrock

2012-11-24 06:54 - 2012-11-24 06:54 - 00001550 ____A C:AdwCleaner[s2].txt

2012-11-23 17:49 - 2012-11-24 06:58 - 00000000 ____D C:Program Files (x86)Xvid

2012-11-23 14:53 - 2012-11-23 14:53 - 00051166 ____A C:UsersOwnerDocumentsAdwCleaner[s1]1.txt

2012-11-23 14:31 - 2012-11-23 14:32 - 00051166 ____A C:AdwCleaner[s1].txt

2012-11-23 14:27 - 2012-11-23 14:27 - 00543531 ____A C:UsersOwnerDesktopAdwCleaner.exe

2012-11-23 06:52 - 2012-11-23 06:52 - 00009544 ____A C:UsersOwnerDesktopbridesmaids unrated.pds

2012-11-21 11:11 - 2012-12-01 12:03 - 00025658 ____A C:UsersOwnerDesktopdds.txt

2012-11-21 11:11 - 2012-12-01 12:03 - 00010123 ____A C:UsersOwnerDesktopattach.txt

2012-11-21 10:48 - 2010-11-26 15:02 - 00017720 ____A C:WindowsSystem32DriversSmartDefragDriver.sys

2012-11-21 07:29 - 2012-11-21 07:29 - 02213976 ____A (Kaspersky Lab ZAO) C:UsersOwnerDesktoptdsskiller.exe

2012-11-21 07:26 - 2012-11-21 07:26 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.EXE

2012-11-21 06:18 - 2012-11-21 06:18 - 00169816 ____A (Microsoft Corporation) C:UsersOwnerDownloadsMeadCo_Neptune.exe

2012-11-21 06:17 - 2012-11-21 06:19 - 00000000 ____D C:Program Files (x86)MeadCo Neptune

2012-11-20 14:15 - 2012-11-20 14:15 - 00000000 ____D C:UsersOwnerAppDataRoamingCheckPoint

2012-11-20 13:46 - 2012-12-12 09:44 - 00000000 ____D C:UsersAll UsersCheckPoint

2012-11-20 13:00 - 2012-12-12 09:44 - 00054332 ____A C:WindowsPFRO.log

2012-11-20 10:23 - 2012-11-20 10:23 - 00000000 ____D C:UsersOwnerAppDataRoamingMalwarebytes

2012-11-20 10:22 - 2012-11-20 10:22 - 00000000 ____D C:UsersAll UsersMalwarebytes

2012-11-20 08:27 - 2012-11-20 08:27 - 00000000 ____D C:UsersAll UsersPCPitstop

2012-11-20 08:25 - 2012-11-21 07:57 - 00000000 ____D C:Program Files (x86)PCPitstop

2012-11-20 03:53 - 2012-11-20 03:53 - 00000000 ____D C:UsersOwnerAppDataRoamingConverterLite

2012-11-20 03:36 - 2012-11-20 03:36 - 00000000 ____D C:UsersOwnerDocumentsMy Video

2012-11-19 19:27 - 2012-11-19 19:27 - 00010486 ____A C:UsersOwnerDesktopkill bill.pds

2012-11-19 17:03 - 2012-11-19 17:03 - 00000000 ____D C:UsersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012)

2012-11-19 12:16 - 2012-11-19 12:16 - 00181636 ____A C:UsersOwnerDesktopdisk music.pds

2012-11-19 11:25 - 2012-11-19 11:25 - 00001019 ____A C:UsersUpdatusUserDesktopARWizard3.lnk

2012-11-17 18:29 - 2012-11-17 18:29 - 00157793 ____A C:UsersOwnerDesktopbeer.pds

2012-11-17 13:25 - 2012-11-17 13:25 - 00001374 ____A C:UsersOwnerAppDataLocalrecently-used.xbel

2012-11-17 13:22 - 2012-11-17 13:22 - 00000000 ____D C:UsersOwner.thumbnails

2012-11-17 13:20 - 2012-11-17 13:38 - 00000000 ____D C:UsersOwner.gimp-2.8

2012-11-17 13:20 - 2012-11-17 13:20 - 00000000 ____D C:UsersOwnerAppDataLocalgegl-0.2

2012-11-17 13:18 - 2012-11-17 13:19 - 00000000 ____D C:Program FilesGIMP 2

2012-11-17 12:01 - 2012-11-17 12:01 - 01555254 ____A C:UsersOwnerDocumentsSnapshot.bmp

2012-11-17 11:20 - 2012-11-17 11:41 - 3152334848 ____A C:UsersOwnerDesktopBottoms Up.mpg

2012-11-17 10:47 - 2012-11-17 10:47 - 00054406 ____A C:UsersOwnerDesktopbottom.pds

2012-11-17 09:59 - 2012-10-03 09:56 - 01914248 ____A (Microsoft Corporation) C:WindowsSystem32Driverstcpip.sys

2012-11-17 09:59 - 2012-10-03 09:44 - 00303104 ____A (Microsoft Corporation) C:WindowsSystem32nlasvc.dll

2012-11-17 09:59 - 2012-10-03 09:44 - 00246272 ____A (Microsoft Corporation) C:WindowsSystem32netcorehc.dll

2012-11-17 09:59 - 2012-10-03 09:44 - 00216576 ____A (Microsoft Corporation) C:WindowsSystem32ncsi.dll

2012-11-17 09:59 - 2012-10-03 09:44 - 00070656 ____A (Microsoft Corporation) C:WindowsSystem32nlaapi.dll

2012-11-17 09:59 - 2012-10-03 09:44 - 00018944 ____A (Microsoft Corporation) C:WindowsSystem32netevent.dll

2012-11-17 09:59 - 2012-10-03 09:42 - 00569344 ____A (Microsoft Corporation) C:WindowsSystem32iphlpsvc.dll

2012-11-17 09:59 - 2012-10-03 08:42 - 00175104 ____A (Microsoft Corporation) C:WindowsSysWOW64netcorehc.dll

2012-11-17 09:59 - 2012-10-03 08:42 - 00156672 ____A (Microsoft Corporation) C:WindowsSysWOW64ncsi.dll

2012-11-17 09:59 - 2012-10-03 08:42 - 00018944 ____A (Microsoft Corporation) C:WindowsSysWOW64netevent.dll

2012-11-17 09:59 - 2012-10-03 08:07 - 00045568 ____A (Microsoft Corporation) C:WindowsSystem32Driverstcpipreg.sys

2012-11-17 09:59 - 2012-01-12 23:12 - 00052224 ____A (Microsoft Corporation) C:WindowsSysWOW64nlaapi.dll

2012-11-16 15:54 - 2012-11-16 16:52 - 1609062400 ____A C:UsersOwnerDocumentsbottoms up.mpg

2012-11-16 03:37 - 2012-12-12 11:32 - 00005890 ____A C:Windowssetupact.log

2012-11-16 03:37 - 2012-11-16 03:37 - 00000000 ____A C:Windowssetuperr.log

2012-11-15 18:35 - 2012-07-25 20:55 - 00785512 ____A (Microsoft Corporation) C:WindowsSystem32DriversWdf01000.sys

2012-11-15 18:35 - 2012-07-25 20:55 - 00054376 ____A (Microsoft Corporation) C:WindowsSystem32DriversWdfLdr.sys

2012-11-15 18:35 - 2012-07-25 18:36 - 00009728 ____A (Microsoft Corporation) C:WindowsSystem32Wdfres.dll

2012-11-15 18:35 - 2012-06-02 06:35 - 00000003 ____A C:WindowsSystem32DriversMsftWdf_Kernel_01011_Inbox_Critical.Wdf

2012-11-15 18:30 - 2012-10-08 04:19 - 17811968 ____A (Microsoft Corporation) C:WindowsSystem32mshtml.dll

2012-11-15 18:30 - 2012-10-08 03:42 - 10925568 ____A (Microsoft Corporation) C:WindowsSystem32ieframe.dll

2012-11-15 18:30 - 2012-10-08 03:31 - 02312704 ____A (Microsoft Corporation) C:WindowsSystem32jscript9.dll

2012-11-15 18:30 - 2012-10-08 03:24 - 01346048 ____A (Microsoft Corporation) C:WindowsSystem32urlmon.dll

2012-11-15 18:30 - 2012-10-08 03:23 - 01392128 ____A (Microsoft Corporation) C:WindowsSystem32wininet.dll

2012-11-15 18:30 - 2012-10-08 03:22 - 01494528 ____A (Microsoft Corporation) C:WindowsSystem32inetcpl.cpl

2012-11-15 18:30 - 2012-10-08 03:22 - 00237056 ____A (Microsoft Corporation) C:WindowsSystem32url.dll

2012-11-15 18:30 - 2012-10-08 03:20 - 00085504 ____A (Microsoft Corporation) C:WindowsSystem32jsproxy.dll

2012-11-15 18:30 - 2012-10-08 03:18 - 00173056 ____A (Microsoft Corporation) C:WindowsSystem32ieUnatt.exe

2012-11-15 18:30 - 2012-10-08 03:17 - 00816640 ____A (Microsoft Corporation) C:WindowsSystem32jscript.dll

2012-11-15 18:30 - 2012-10-08 03:17 - 00599040 ____A (Microsoft Corporation) C:WindowsSystem32vbscript.dll

2012-11-15 18:30 - 2012-10-08 03:15 - 02144768 ____A (Microsoft Corporation) C:WindowsSystem32iertutil.dll

2012-11-15 18:30 - 2012-10-08 03:15 - 00729088 ____A (Microsoft Corporation) C:WindowsSystem32msfeeds.dll

2012-11-15 18:30 - 2012-10-08 03:13 - 02382848 ____A (Microsoft Corporation) C:WindowsSystem32mshtml.tlb

2012-11-15 18:30 - 2012-10-08 03:13 - 00096768 ____A (Microsoft Corporation) C:WindowsSystem32mshtmled.dll

2012-11-15 18:30 - 2012-10-08 03:09 - 00248320 ____A (Microsoft Corporation) C:WindowsSystem32ieui.dll

2012-11-15 18:30 - 2012-10-08 00:28 - 12320768 ____A (Microsoft Corporation) C:WindowsSysWOW64mshtml.dll

2012-11-15 18:30 - 2012-10-08 00:02 - 09738240 ____A (Microsoft Corporation) C:WindowsSysWOW64ieframe.dll

2012-11-15 18:30 - 2012-10-07 23:56 - 01800704 ____A (Microsoft Corporation) C:WindowsSysWOW64jscript9.dll

2012-11-15 18:30 - 2012-10-07 23:48 - 01129472 ____A (Microsoft Corporation) C:WindowsSysWOW64wininet.dll

2012-11-15 18:30 - 2012-10-07 23:48 - 01103872 ____A (Microsoft Corporation) C:WindowsSysWOW64urlmon.dll

2012-11-15 18:30 - 2012-10-07 23:47 - 01427968 ____A (Microsoft Corporation) C:WindowsSysWOW64inetcpl.cpl

2012-11-15 18:30 - 2012-10-07 23:46 - 00231936 ____A (Microsoft Corporation) C:WindowsSysWOW64url.dll

2012-11-15 18:30 - 2012-10-07 23:45 - 00065024 ____A (Microsoft Corporation) C:WindowsSysWOW64jsproxy.dll

2012-11-15 18:30 - 2012-10-07 23:44 - 00142848 ____A (Microsoft Corporation) C:WindowsSysWOW64ieUnatt.exe

2012-11-15 18:30 - 2012-10-07 23:43 - 00717824 ____A (Microsoft Corporation) C:WindowsSysWOW64jscript.dll

2012-11-15 18:30 - 2012-10-07 23:43 - 00420864 ____A (Microsoft Corporation) C:WindowsSysWOW64vbscript.dll

2012-11-15 18:30 - 2012-10-07 23:42 - 00607744 ____A (Microsoft Corporation) C:WindowsSysWOW64msfeeds.dll

2012-11-15 18:30 - 2012-10-07 23:41 - 01793024 ____A (Microsoft Corporation) C:WindowsSysWOW64iertutil.dll

2012-11-15 18:30 - 2012-10-07 23:41 - 00073216 ____A (Microsoft Corporation) C:WindowsSysWOW64mshtmled.dll

2012-11-15 18:30 - 2012-10-07 23:40 - 02382848 ____A (Microsoft Corporation) C:WindowsSysWOW64mshtml.tlb

2012-11-15 18:30 - 2012-10-07 23:37 - 00176640 ____A (Microsoft Corporation) C:WindowsSysWOW64ieui.dll

2012-11-15 18:29 - 2012-07-25 19:08 - 00744448 ____A (Microsoft Corporation) C:WindowsSystem32WUDFx.dll

2012-11-15 18:29 - 2012-07-25 19:08 - 00229888 ____A (Microsoft Corporation) C:WindowsSystem32WUDFHost.exe

2012-11-15 18:29 - 2012-07-25 19:08 - 00194048 ____A (Microsoft Corporation) C:WindowsSystem32WUDFPlatform.dll

2012-11-15 18:29 - 2012-07-25 19:08 - 00084992 ____A (Microsoft Corporation) C:WindowsSystem32WUDFSvc.dll

2012-11-15 18:29 - 2012-07-25 19:08 - 00045056 ____A (Microsoft Corporation) C:WindowsSystem32WUDFCoinstaller.dll

2012-11-15 18:29 - 2012-07-25 18:26 - 00198656 ____A (Microsoft Corporation) C:WindowsSystem32DriversWUDFRd.sys

2012-11-15 18:29 - 2012-07-25 18:26 - 00087040 ____A (Microsoft Corporation) C:WindowsSystem32DriversWUDFPf.sys

2012-11-15 18:29 - 2012-06-02 06:57 - 00000003 ____A C:WindowsSystem32DriversMsftWdf_User_01_11_00_Inbox_Critical.Wdf

2012-11-15 18:15 - 2012-11-15 18:15 - 00001845 ____A C:UsersPublicDesktopQuickTime Player.lnk

2012-11-15 18:15 - 2012-11-15 18:15 - 00000000 ____D C:Program Files (x86)QuickTime

2012-11-15 06:14 - 2012-11-15 06:14 - 44687360 ____A C:WindowsSystem32configCOMPONENTS.iobit

2012-11-15 04:36 - 2012-10-18 10:25 - 03149824 ____A (Microsoft Corporation) C:WindowsSystem32win32k.sys

2012-11-15 04:36 - 2012-10-09 10:17 - 00226816 ____A (Microsoft Corporation) C:WindowsSystem32dhcpcore6.dll

2012-11-15 04:36 - 2012-10-09 10:17 - 00055296 ____A (Microsoft Corporation) C:WindowsSystem32dhcpcsvc6.dll

2012-11-15 04:36 - 2012-10-09 09:40 - 00193536 ____A (Microsoft Corporation) C:WindowsSysWOW64dhcpcore6.dll

2012-11-15 04:36 - 2012-10-09 09:40 - 00044032 ____A (Microsoft Corporation) C:WindowsSysWOW64dhcpcsvc6.dll

2012-11-15 04:31 - 2012-09-25 14:47 - 00078336 ____A (Microsoft Corporation) C:WindowsSysWOW64synceng.dll

2012-11-15 04:31 - 2012-09-25 14:46 - 00095744 ____A (Microsoft Corporation) C:WindowsSystem32synceng.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 05773824 ____A (Microsoft Corporation) C:WindowsSystem32mstscax.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 04916224 ____A (Microsoft Corporation) C:WindowsSysWOW64mstscax.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 03174912 ____A (Microsoft Corporation) C:WindowsSystem32rdpcorets.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 01123840 ____A (Microsoft Corporation) C:WindowsSystem32mstsc.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 01048064 ____A (Microsoft Corporation) C:WindowsSysWOW64mstsc.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00384000 ____A (Microsoft Corporation) C:WindowsSystem32wksprt.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00322560 ____A (Microsoft Corporation) C:WindowsSystem32aaclient.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00269312 ____A (Microsoft Corporation) C:WindowsSysWOW64aaclient.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00243200 ____A (Microsoft Corporation) C:WindowsSystem32rdpudd.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00228864 ____A (Microsoft Corporation) C:WindowsSystem32rdpendp_winip.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00192000 ____A (Microsoft Corporation) C:WindowsSysWOW64rdpendp_winip.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00062976 ____A (Microsoft Corporation) C:WindowsSystem32TSWbPrxy.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00057856 ____A (Microsoft Corporation) C:WindowsSystem32DriversTsUsbFlt.sys

2012-11-14 17:51 - 2012-11-14 17:51 - 00054272 ____A (Microsoft Corporation) C:WindowsSystem32MsRdpWebAccess.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00046592 ____A (Microsoft Corporation) C:WindowsSysWOW64MsRdpWebAccess.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00044032 ____A (Microsoft Corporation) C:WindowsSystem32tsgqec.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00043520 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbGDCoInstaller.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00037376 ____A (Microsoft Corporation) C:WindowsSysWOW64tsgqec.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00019456 ____A (Microsoft Corporation) C:WindowsSystem32Driversrdpvideominiport.sys

2012-11-14 17:51 - 2012-11-14 17:51 - 00018432 ____A (Microsoft Corporation) C:WindowsSystem32wksprtPS.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00016896 ____A (Microsoft Corporation) C:WindowsSysWOW64wksprtPS.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00015360 ____A (Microsoft Corporation) C:WindowsSystem32RdpGroupPolicyExtension.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyExtension.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyControl.exe

2012-11-14 17:50 - 2012-11-14 17:50 - 01448448 ____A (Microsoft Corporation) C:WindowsSystem32lsasrv.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00458712 ____A (Microsoft Corporation) C:WindowsSystem32Driverscng.sys

2012-11-14 17:50 - 2012-11-14 17:50 - 00340992 ____A (Microsoft Corporation) C:WindowsSystem32schannel.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00307200 ____A (Microsoft Corporation) C:WindowsSystem32ncrypt.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00247808 ____A (Microsoft Corporation) C:WindowsSysWOW64schannel.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00220160 ____A (Microsoft Corporation) C:WindowsSysWOW64ncrypt.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00154480 ____A (Microsoft Corporation) C:WindowsSystem32Driversksecpkg.sys

2012-11-14 17:50 - 2012-11-14 17:50 - 00096768 ____A (Microsoft Corporation) C:WindowsSysWOW64sspicli.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00022016 ____A (Microsoft Corporation) C:WindowsSysWOW64secur32.dll

2012-11-14 17:49 - 2012-11-14 17:49 - 00514560 ____A (Microsoft Corporation) C:WindowsSysWOW64qdvd.dll

2012-11-14 17:49 - 2012-11-14 17:49 - 00366592 ____A (Microsoft Corporation) C:WindowsSystem32qdvd.dll

2012-11-14 17:45 - 2012-11-14 17:45 - 65363968 ____A C:WindowsSystem32configSOFTWARE.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 19095552 ____A C:WindowsSystem32configSYSTEM.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00311296 ____A C:WindowsSystem32configDEFAULT.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00061440 ____A C:WindowsSystem32configSAM.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00028672 ____A C:WindowsSystem32configSECURITY.iobit

2012-11-14 12:32 - 2012-11-14 12:32 - 00030568 ____A (AVG Technologies) C:WindowsSystem32Driversavgtpx64.sys

2012-11-14 12:30 - 2012-12-12 11:33 - 00015712 ____A C:WindowsSystem32DriversSWDUMon.sys

2012-11-14 12:30 - 2012-12-12 11:33 - 00000410 ____A C:WindowsTasksSlimDrivers Startup.job

2012-11-14 12:30 - 2012-11-14 12:30 - 00000000 ____D C:UsersOwnerAppDataLocalSlimWare Utilities Inc

2012-11-14 12:29 - 2012-11-14 12:29 - 00002467 ____A C:UsersPublicDesktopSlimDrivers.lnk

2012-11-14 12:29 - 2012-11-14 12:29 - 00000000 ____D C:UsersPublicDocumentsDownloaded Installers

2012-11-14 08:21 - 2012-11-14 08:27 - 00000359 ____A C:UsersOwnerDesktopwisconbeer.txt

2012-11-12 13:06 - 2012-11-30 09:06 - 00000000 ____D C:UsersOwnerAppDataLocalMindDabble_4p

2012-11-12 13:06 - 2012-11-12 13:06 - 00000000 ____D C:Program Files (x86)MindDabble_4p

2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:UsersOwnerAppDataLocalAPlusGamer_63

2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:Program Files (x86)APlusGamer_63

2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersUpdatusUserDesktopBrain Train Age.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersOwnerDesktopBrain Train Age.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersUpdatusUserDesktopUpdate.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersOwnerDesktopUpdate.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000000 ____D C:Program Files (x86)BrainTrainAge

2012-11-12 10:33 - 2012-11-12 10:34 - 74027949 ____A (The Code::Blocks Team) C:UsersOwnerDesktopcodeblocks-10.05mingw-setup.exe

 

==================== One Month Modified Files and Folders =======

 

2012-12-12 11:34 - 2012-12-12 11:34 - 00000024 ____A C:WindowsAE0F15C41BFB83F3.log

2012-12-12 11:33 - 2012-11-14 12:30 - 00015712 ____A C:WindowsSystem32DriversSWDUMon.sys

2012-12-12 11:33 - 2012-11-14 12:30 - 00000410 ____A C:WindowsTasksSlimDrivers Startup.job

2012-12-12 11:32 - 2012-11-16 03:37 - 00005890 ____A C:Windowssetupact.log

2012-12-12 11:32 - 2009-07-13 21:08 - 00000006 ___AH C:WindowsTasksSA.DAT

2012-12-12 11:20 - 2012-12-12 11:20 - 00001994 ____A C:UsersOwnerDesktopFSS.txt

2012-12-12 11:20 - 2011-02-20 21:12 - 01934849 ____A C:WindowsWindowsUpdate.log

2012-12-12 11:12 - 2012-12-12 11:12 - 00046663 ____A C:UsersOwnerDesktopFRST.txt

2012-12-12 11:11 - 2012-11-27 09:18 - 00000000 ____D C:FRST

2012-12-12 11:05 - 2012-12-05 09:00 - 00697869 ____A (Farbar) C:UsersOwnerDesktopFSS.exe

2012-12-12 10:56 - 2012-07-30 16:28 - 00000830 ____A C:WindowsTasksAdobe Flash Player Updater.job

2012-12-12 09:57 - 2012-07-30 16:28 - 00697272 ____A (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerApp.exe

2012-12-12 09:57 - 2012-07-30 16:28 - 00073656 ____A (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerCPLApp.cpl

2012-12-12 09:52 - 2009-07-13 20:45 - 00014144 ___AH C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2012-12-12 09:52 - 2009-07-13 20:45 - 00014144 ___AH C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2012-12-12 09:44 - 2012-12-12 09:44 - 00000000 ____D C:Program Files (x86)CheckPoint

2012-12-12 09:44 - 2012-11-20 13:46 - 00000000 ____D C:UsersAll UsersCheckPoint

2012-12-12 09:44 - 2012-11-20 13:00 - 00054332 ____A C:WindowsPFRO.log

2012-12-12 09:42 - 2012-07-30 09:16 - 00000000 ____D C:UsersOwner.umplayer

2012-12-12 09:42 - 2012-07-30 07:28 - 00000000 ____D C:UsersOwnerDownloadsVideo

2012-12-12 09:40 - 2012-07-30 09:17 - 00000000 ____D C:UsersOwnerAppDataLocalMPlayer

2012-12-12 08:22 - 2009-07-13 21:13 - 00726316 ____A C:WindowsSystem32PerfStringBackup.INI

2012-12-11 18:37 - 2012-07-19 01:29 - 00076528 ____A C:UsersOwnerAppDataLocalGDIPFONTCACHEV1.DAT

2012-12-11 18:36 - 2009-07-13 20:45 - 00305008 ____A C:WindowsSystem32FNTCACHE.DAT

2012-12-11 18:33 - 2012-10-13 17:02 - 00000000 ____D C:UsersAll UsersKESI

2012-12-11 18:33 - 2009-07-13 19:20 - 00000000 ____D C:WindowsSysWOW64Speech

2012-12-11 18:32 - 2012-10-13 17:02 - 00000000 ____D C:Program Files (x86)Kurzweil Educational Systems

2012-12-11 18:31 - 2009-07-13 18:34 - 00000457 ____A C:Windowswin.ini

2012-12-11 18:21 - 2012-12-11 18:21 - 00006130 ____A C:WirelessDiagLog.csv

2012-12-11 18:18 - 2012-08-02 19:08 - 00000582 ____A C:UsersOwnerDesktopphone.txt

2012-12-11 18:15 - 2009-07-13 19:20 - 00000000 ____D C:WindowsSystem32NDF

2012-12-11 08:16 - 2012-07-30 09:43 - 00000000 ____D C:UsersOwnerAppDataLocalCrashDumps

2012-12-11 06:17 - 2012-12-11 07:47 - 01461029 ____A (Farbar) C:UsersOwnerDesktopFRST64.exe

2012-12-10 18:41 - 2012-12-10 18:40 - 00030347 ____A C:UsersOwnerDesktopResult.txt

2012-12-10 18:31 - 2012-12-10 18:31 - 00031862 ____A C:UsersOwnerDesktop12-10-12test.txt

2012-12-10 18:26 - 2012-12-10 16:11 - 00000000 ____D C:ComboFix

2012-12-10 18:26 - 2012-12-03 08:24 - 00000000 ____D C:Qoobox

2012-12-10 16:42 - 2012-12-10 16:42 - 00031862 ____A C:ComboFix.txt

2012-12-10 16:16 - 2009-07-13 18:34 - 00000215 ____A C:Windowssystem.ini

2012-12-10 16:12 - 2012-12-10 16:12 - 00001302 ____A C:CF-Submit.htm

2012-12-10 07:12 - 2012-12-10 07:12 - 00000000 ____D C:FRACTURE EXTRAS

2012-12-09 19:55 - 2012-08-03 14:43 - 00000000 ____D C:Program Files (x86)Google

2012-12-09 06:52 - 2012-12-09 06:52 - 00000000 ____D C:UsersOwnerDesktopNew Folder

2012-12-09 06:26 - 2012-12-09 06:25 - 00000000 ____D C:UsersOwnerDesktopcf

2012-12-08 12:46 - 2012-12-10 18:38 - 00752213 ____A (Farbar) C:UsersOwnerDesktopMiniToolBox.exe

2012-12-07 15:51 - 2012-12-07 15:51 - 00089974 ____A C:UsersOwnerDesktopIce Age_ Continental Drift.pds

2012-12-07 14:17 - 2012-09-23 15:34 - 00000000 ____D C:UsersOwnerDesktoptgwi

2012-12-07 14:15 - 2012-12-07 14:15 - 00089950 ____A C:UsersOwnerDocumentsicemp4.pds

2012-12-07 14:13 - 2012-12-07 13:56 - 465468200 ____A C:UsersOwnerDocumentsProduce.mp4

2012-12-07 13:56 - 2012-12-07 13:56 - 00003539 ____A C:UsersOwnerDocumentsProduce.THM

2012-12-06 10:30 - 2012-12-06 10:30 - 00000000 ____D C:UsersOwnerDesktopSTEPPENWOLF

2012-12-06 09:49 - 2012-09-01 12:04 - 00000000 ____D C:UsersOwnerAppDataRoamingIDM

2012-12-06 09:28 - 2012-07-29 03:52 - 00000000 ____D C:Program Files (x86)Mozilla Maintenance Service

2012-12-05 17:56 - 2012-07-30 07:28 - 00000000 ____D C:UsersOwnerAppDataRoamingDMCache

2012-12-05 17:06 - 2012-11-30 06:15 - 00000000 ____D C:JRT

2012-12-05 15:42 - 2012-12-05 15:46 - 01995672 ____A (Driver Whiz) C:UsersOwnerDesktopDriverwhiz_2.exe

2012-12-05 09:06 - 2012-12-05 09:06 - 00001147 ____A C:UsersPublicDesktopMozilla Firefox.lnk

2012-12-05 09:06 - 2012-07-29 03:52 - 00000000 ____D C:Program Files (x86)Mozilla Firefox

2012-12-04 11:50 - 2012-07-19 01:29 - 00000000 ____D C:UsersOwnerAppDataLocalApps2.0

2012-12-04 09:49 - 2012-12-04 09:49 - 00000324 ____A C:UsersOwnerDesktopmessup.txt

2012-12-04 05:48 - 2012-12-04 05:48 - 00001724 ____A C:AdwCleaner[s6].txt

2012-12-04 04:28 - 2009-07-13 21:08 - 00032544 ____A C:WindowsTasksSCHEDLGU.TXT

2012-12-03 09:38 - 2012-12-03 09:38 - 00032483 ____A C:UsersOwnerDesktopx.txt

2012-12-03 09:11 - 2009-07-13 19:20 - 00000000 __RHD C:usersDefault

2012-12-03 09:06 - 2012-12-03 08:23 - 00000000 ____D C:Windowserdnt

2012-12-03 08:36 - 2009-07-13 18:34 - 67108864 ____A C:WindowsSystem32configSOFTWARE.bak

2012-12-03 08:36 - 2009-07-13 18:34 - 19922944 ____A C:WindowsSystem32configSYSTEM.bak

2012-12-03 08:36 - 2009-07-13 18:34 - 00311296 ____A C:WindowsSystem32configDEFAULT.bak

2012-12-03 08:36 - 2009-07-13 18:34 - 00061440 ____A C:WindowsSystem32configSAM.bak

2012-12-03 08:36 - 2009-07-13 18:34 - 00028672 ____A C:WindowsSystem32configSECURITY.bak

2012-12-03 05:41 - 2012-12-03 05:40 - 05009299 ____R (Swearware) C:UsersOwnerDesktopComboFix.exe

2012-12-02 18:40 - 2012-12-02 18:40 - 00000490 ____A C:UsersOwnerDesktopcomp websites.txt

2012-12-02 14:45 - 2012-12-02 18:48 - 00856731 ____A C:UsersOwnerDesktopSecurityCheck.exe

2012-12-01 12:03 - 2012-11-21 11:11 - 00025658 ____A C:UsersOwnerDesktopdds.txt

2012-12-01 12:03 - 2012-11-21 11:11 - 00010123 ____A C:UsersOwnerDesktopattach.txt

2012-12-01 11:47 - 2012-12-01 11:47 - 00011384 ____A C:UsersOwnerDesktopJRT.txt

2012-12-01 11:43 - 2012-11-30 06:15 - 00000347 ____A C:UsersOwnerDownloadsaskregvalue_x64.dat

2012-11-30 20:10 - 2012-09-22 05:42 - 00001101 ____A C:UsersPublicDesktopAnyDVD.lnk

2012-11-30 13:47 - 2012-11-30 07:39 - 00001109 ____A C:UsersPublicDesktopMalwarebytes Anti-Malware.lnk

2012-11-30 13:47 - 2012-11-30 07:39 - 00000000 ____D C:Program Files (x86)Malwarebytes' Anti-Malware

2012-11-30 09:06 - 2012-11-12 13:06 - 00000000 ____D C:UsersOwnerAppDataLocalMindDabble_4p

2012-11-30 06:16 - 2012-11-30 06:16 - 00000000 ____D C:WindowsERUNT

2012-11-30 05:53 - 2012-11-30 05:50 - 00000000 ____D C:UsersOwnerDesktopmark new comp stuff

2012-11-30 04:16 - 2012-11-30 05:50 - 10669952 ____A (Malwarebytes Corporation ) C:UsersOwnerDesktopmbam-setup-1.65.1.1000.exe

2012-11-30 04:15 - 2012-11-30 05:50 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.com

2012-11-30 04:12 - 2012-11-30 05:50 - 00912454 ____A C:UsersOwnerDesktopJRT.exe

2012-11-30 04:10 - 2012-11-30 05:50 - 00448512 ___RA (OldTimer Tools) C:UsersOwnerDesktopTFC.exe

2012-11-28 08:04 - 2012-11-25 11:14 - 00000000 ____D C:UsersOwnerDesktopfor marks computer

2012-11-28 07:51 - 2012-07-29 04:08 - 00000000 ____D C:UsersOwnerAppDataRoaminguTorrent

2012-11-28 04:31 - 2012-08-03 14:42 - 00000000 ____D C:UsersAll UsersAVAST Software

2012-11-25 11:08 - 2012-11-25 11:08 - 00000732 ____A C:UsersOwnerDesktopfor marks computer - Shortcut.lnk

2012-11-25 08:06 - 2012-11-25 11:14 - 00011464 ____A C:UsersOwnerDesktophelp1.txt

2012-11-25 07:36 - 2012-11-25 11:14 - 00027239 ____A C:UsersOwnerDesktopcomp help

2012-11-25 07:22 - 2012-11-25 12:29 - 04732416 ____A (AVAST Software) C:UsersOwnerDesktopaswMBR.exe

2012-11-25 07:18 - 2012-11-25 11:14 - 00602112 ____A C:UsersOwnerDesktopOTL.exe

2012-11-24 18:05 - 2012-11-24 14:52 - 00001181 ____A C:UsersOwnerDesktopDesinstaller_HOSTS_Anti-PUPs.lnk

2012-11-24 14:56 - 2012-11-24 14:56 - 00001236 ____A C:AdwCleaner[s5].txt

2012-11-24 14:40 - 2012-11-24 14:40 - 00001157 ____A C:AdwCleaner[s4].txt

2012-11-24 07:08 - 2012-11-24 07:07 - 00001096 ____A C:AdwCleaner[s3].txt

2012-11-24 06:58 - 2012-11-23 17:49 - 00000000 ____D C:Program Files (x86)Xvid

2012-11-24 06:57 - 2012-11-24 06:57 - 00000000 ____D C:UsersOwner.bitrock

2012-11-24 06:57 - 2012-07-19 01:23 - 00000000 ____D C:usersOwner

2012-11-24 06:54 - 2012-11-24 06:54 - 00001550 ____A C:AdwCleaner[s2].txt

2012-11-23 14:53 - 2012-11-23 14:53 - 00051166 ____A C:UsersOwnerDocumentsAdwCleaner[s1]1.txt

2012-11-23 14:32 - 2012-11-23 14:31 - 00051166 ____A C:AdwCleaner[s1].txt

2012-11-23 14:27 - 2012-11-23 14:27 - 00543531 ____A C:UsersOwnerDesktopAdwCleaner.exe

2012-11-23 13:31 - 2012-08-02 19:08 - 00001779 ____A C:UsersOwnerDesktoppremier.txt

2012-11-23 06:52 - 2012-11-23 06:52 - 00009544 ____A C:UsersOwnerDesktopbridesmaids unrated.pds

2012-11-22 16:34 - 2012-07-30 07:28 - 00000000 ____D C:UsersOwnerDownloadsCompressed

2012-11-21 08:14 - 2012-09-15 05:28 - 00000000 ____D C:New folder (2)

2012-11-21 07:59 - 2012-10-15 13:09 - 00000000 ____D C:Program Files (x86)TextAloud

2012-11-21 07:57 - 2012-11-20 08:25 - 00000000 ____D C:Program Files (x86)PCPitstop

2012-11-21 07:54 - 2012-10-14 18:14 - 00000000 ____D C:Program Files (x86)IVONA

2012-11-21 07:50 - 2012-08-09 14:42 - 00000000 ____D C:UsersOwnerAppDataRoamingAnvisoft

2012-11-21 07:50 - 2012-08-09 14:42 - 00000000 ____D C:Program Files (x86)Anvisoft

2012-11-21 07:49 - 2012-08-11 10:53 - 00000000 ____D C:UsersOwnerAppDataRoamingApple Computer

2012-11-21 07:29 - 2012-11-21 07:29 - 02213976 ____A (Kaspersky Lab ZAO) C:UsersOwnerDesktoptdsskiller.exe

2012-11-21 07:26 - 2012-11-21 07:26 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.EXE

2012-11-21 06:19 - 2012-11-21 06:17 - 00000000 ____D C:Program Files (x86)MeadCo Neptune

2012-11-21 06:18 - 2012-11-21 06:18 - 00169816 ____A (Microsoft Corporation) C:UsersOwnerDownloadsMeadCo_Neptune.exe

2012-11-21 06:16 - 2012-09-02 06:28 - 00000000 ____D C:Program Files (x86)Internet Download Manager

2012-11-20 14:15 - 2012-11-20 14:15 - 00000000 ____D C:UsersOwnerAppDataRoamingCheckPoint

2012-11-20 10:34 - 2012-08-03 15:02 - 00000000 ____D C:UsersOwnerAppDataLocalSpotify

2012-11-20 10:34 - 2012-08-03 14:53 - 00000000 ____D C:UsersOwnerAppDataRoamingSpotify

2012-11-20 10:23 - 2012-11-20 10:23 - 00000000 ____D C:UsersOwnerAppDataRoamingMalwarebytes

2012-11-20 10:22 - 2012-11-20 10:22 - 00000000 ____D C:UsersAll UsersMalwarebytes

2012-11-20 08:27 - 2012-11-20 08:27 - 00000000 ____D C:UsersAll UsersPCPitstop

2012-11-20 03:53 - 2012-11-20 03:53 - 00000000 ____D C:UsersOwnerAppDataRoamingConverterLite

2012-11-20 03:53 - 2012-10-21 17:31 - 00001947 ____A C:UsersPublicDesktopConverterLite.lnk

2012-11-20 03:36 - 2012-11-20 03:36 - 00000000 ____D C:UsersOwnerDocumentsMy Video

2012-11-19 19:27 - 2012-11-19 19:27 - 00010486 ____A C:UsersOwnerDesktopkill bill.pds

2012-11-19 17:03 - 2012-11-19 17:03 - 00000000 ____D C:UsersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012)

2012-11-19 16:15 - 2012-07-30 10:38 - 00014336 __ASH C:UsersOwnerThumbs.db

2012-11-19 12:16 - 2012-11-19 12:16 - 00181636 ____A C:UsersOwnerDesktopdisk music.pds

2012-11-19 11:25 - 2012-11-19 11:25 - 00001019 ____A C:UsersUpdatusUserDesktopARWizard3.lnk

2012-11-19 08:58 - 2012-08-02 19:07 - 00002902 ____A C:UsersOwnerDesktopkt work 608-264-9826 Your IP 71.90.87.244.odt

2012-11-18 14:50 - 2011-02-20 21:42 - 00000000 ____D C:UsersAll UsersAdobe

2012-11-18 09:55 - 2009-07-13 19:20 - 00000000 ____D C:Windowsrescache

2012-11-17 18:29 - 2012-11-17 18:29 - 00157793 ____A C:UsersOwnerDesktopbeer.pds

2012-11-17 13:38 - 2012-11-17 13:20 - 00000000 ____D C:UsersOwner.gimp-2.8

2012-11-17 13:28 - 2012-08-07 13:33 - 00000000 ____D C:UsersOwnerAppDataRoamingCyberLink

2012-11-17 13:25 - 2012-11-17 13:25 - 00001374 ____A C:UsersOwnerAppDataLocalrecently-used.xbel

2012-11-17 13:22 - 2012-11-17 13:22 - 00000000 ____D C:UsersOwner.thumbnails

2012-11-17 13:20 - 2012-11-17 13:20 - 00000000 ____D C:UsersOwnerAppDataLocalgegl-0.2

2012-11-17 13:19 - 2012-11-17 13:18 - 00000000 ____D C:Program FilesGIMP 2

2012-11-17 12:01 - 2012-11-17 12:01 - 01555254 ____A C:UsersOwnerDocumentsSnapshot.bmp

2012-11-17 11:41 - 2012-11-17 11:20 - 3152334848 ____A C:UsersOwnerDesktopBottoms Up.mpg

2012-11-17 10:47 - 2012-11-17 10:47 - 00054406 ____A C:UsersOwnerDesktopbottom.pds

2012-11-16 16:52 - 2012-11-16 15:54 - 1609062400 ____A C:UsersOwnerDocumentsbottoms up.mpg

2012-11-16 15:50 - 2012-08-07 13:35 - 00000000 ____D C:UsersOwnerDocumentsYoucam

2012-11-16 03:37 - 2012-11-16 03:37 - 00000000 ____A C:Windowssetuperr.log

2012-11-15 18:38 - 2009-07-13 19:20 - 00000000 ____D C:WindowsPolicyDefinitions

2012-11-15 18:15 - 2012-11-15 18:15 - 00001845 ____A C:UsersPublicDesktopQuickTime Player.lnk

2012-11-15 18:15 - 2012-11-15 18:15 - 00000000 ____D C:Program Files (x86)QuickTime

2012-11-15 18:15 - 2012-08-07 15:26 - 00000000 ____D C:UsersAll UsersApple Computer

2012-11-15 06:14 - 2012-11-15 06:14 - 44687360 ____A C:WindowsSystem32configCOMPONENTS.iobit

2012-11-15 04:25 - 2012-07-25 04:45 - 66395536 ____A (Microsoft Corporation) C:WindowsSystem32MRT.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 05773824 ____A (Microsoft Corporation) C:WindowsSystem32mstscax.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 04916224 ____A (Microsoft Corporation) C:WindowsSysWOW64mstscax.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 03174912 ____A (Microsoft Corporation) C:WindowsSystem32rdpcorets.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 01123840 ____A (Microsoft Corporation) C:WindowsSystem32mstsc.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 01048064 ____A (Microsoft Corporation) C:WindowsSysWOW64mstsc.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00384000 ____A (Microsoft Corporation) C:WindowsSystem32wksprt.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00322560 ____A (Microsoft Corporation) C:WindowsSystem32aaclient.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00269312 ____A (Microsoft Corporation) C:WindowsSysWOW64aaclient.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00243200 ____A (Microsoft Corporation) C:WindowsSystem32rdpudd.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00228864 ____A (Microsoft Corporation) C:WindowsSystem32rdpendp_winip.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00192000 ____A (Microsoft Corporation) C:WindowsSysWOW64rdpendp_winip.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00062976 ____A (Microsoft Corporation) C:WindowsSystem32TSWbPrxy.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00057856 ____A (Microsoft Corporation) C:WindowsSystem32DriversTsUsbFlt.sys

2012-11-14 17:51 - 2012-11-14 17:51 - 00054272 ____A (Microsoft Corporation) C:WindowsSystem32MsRdpWebAccess.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00046592 ____A (Microsoft Corporation) C:WindowsSysWOW64MsRdpWebAccess.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00044032 ____A (Microsoft Corporation) C:WindowsSystem32tsgqec.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00043520 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbGDCoInstaller.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00037376 ____A (Microsoft Corporation) C:WindowsSysWOW64tsgqec.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00019456 ____A (Microsoft Corporation) C:WindowsSystem32Driversrdpvideominiport.sys

2012-11-14 17:51 - 2012-11-14 17:51 - 00018432 ____A (Microsoft Corporation) C:WindowsSystem32wksprtPS.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00016896 ____A (Microsoft Corporation) C:WindowsSysWOW64wksprtPS.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00015360 ____A (Microsoft Corporation) C:WindowsSystem32RdpGroupPolicyExtension.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyExtension.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyControl.exe

2012-11-14 17:50 - 2012-11-14 17:50 - 01448448 ____A (Microsoft Corporation) C:WindowsSystem32lsasrv.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00458712 ____A (Microsoft Corporation) C:WindowsSystem32Driverscng.sys

2012-11-14 17:50 - 2012-11-14 17:50 - 00340992 ____A (Microsoft Corporation) C:WindowsSystem32schannel.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00307200 ____A (Microsoft Corporation) C:WindowsSystem32ncrypt.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00247808 ____A (Microsoft Corporation) C:WindowsSysWOW64schannel.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00220160 ____A (Microsoft Corporation) C:WindowsSysWOW64ncrypt.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00154480 ____A (Microsoft Corporation) C:WindowsSystem32Driversksecpkg.sys

2012-11-14 17:50 - 2012-11-14 17:50 - 00096768 ____A (Microsoft Corporation) C:WindowsSysWOW64sspicli.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00022016 ____A (Microsoft Corporation) C:WindowsSysWOW64secur32.dll

2012-11-14 17:49 - 2012-11-14 17:49 - 00514560 ____A (Microsoft Corporation) C:WindowsSysWOW64qdvd.dll

2012-11-14 17:49 - 2012-11-14 17:49 - 00366592 ____A (Microsoft Corporation) C:WindowsSystem32qdvd.dll

2012-11-14 17:45 - 2012-11-14 17:45 - 65363968 ____A C:WindowsSystem32configSOFTWARE.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 19095552 ____A C:WindowsSystem32configSYSTEM.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00311296 ____A C:WindowsSystem32configDEFAULT.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00061440 ____A C:WindowsSystem32configSAM.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00028672 ____A C:WindowsSystem32configSECURITY.iobit

2012-11-14 12:32 - 2012-11-14 12:32 - 00030568 ____A (AVG Technologies) C:WindowsSystem32Driversavgtpx64.sys

2012-11-14 12:30 - 2012-11-14 12:30 - 00000000 ____D C:UsersOwnerAppDataLocalSlimWare Utilities Inc

2012-11-14 12:29 - 2012-11-14 12:29 - 00002467 ____A C:UsersPublicDesktopSlimDrivers.lnk

2012-11-14 12:29 - 2012-11-14 12:29 - 00000000 ____D C:UsersPublicDocumentsDownloaded Installers

2012-11-14 08:27 - 2012-11-14 08:21 - 00000359 ____A C:UsersOwnerDesktopwisconbeer.txt

2012-11-12 13:06 - 2012-11-12 13:06 - 00000000 ____D C:Program Files (x86)MindDabble_4p

2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:UsersOwnerAppDataLocalAPlusGamer_63

2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:Program Files (x86)APlusGamer_63

2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersUpdatusUserDesktopBrain Train Age.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersOwnerDesktopBrain Train Age.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersUpdatusUserDesktopUpdate.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersOwnerDesktopUpdate.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000000 ____D C:Program Files (x86)BrainTrainAge

2012-11-12 10:34 - 2012-11-12 10:33 - 74027949 ____A (The Code::Blocks Team) C:UsersOwnerDesktopcodeblocks-10.05mingw-setup.exe

 

==================== Known DLLs (Whitelisted) =================

 

 

==================== Bamital & volsnap Check =================

 

C:WindowsSystem32winlogon.exe => MD5 is legit

C:WindowsSystem32wininit.exe => MD5 is legit

C:WindowsSysWOW64wininit.exe => MD5 is legit

C:Windowsexplorer.exe => MD5 is legit

C:WindowsSysWOW64explorer.exe => MD5 is legit

C:WindowsSystem32svchost.exe => MD5 is legit

C:WindowsSysWOW64svchost.exe => MD5 is legit

C:WindowsSystem32services.exe => MD5 is legit

C:WindowsSystem32User32.dll => MD5 is legit

C:WindowsSysWOW64User32.dll => MD5 is legit

C:WindowsSystem32userinit.exe => MD5 is legit

C:WindowsSysWOW64userinit.exe => MD5 is legit

C:WindowsSystem32Driversvolsnap.sys => MD5 is legit

 

==================== EXE ASSOCIATION =====================

 

HKLM....exe: exefile => OK

HKLM...exefileDefaultIcon: %1 => OK

HKLM...exefileopencommand: "%1" %* => OK

 

==================== Restore Points =========================

 

Restore point made on: 2012-11-30 06:57:43

Restore point made on: 2012-12-02 17:44:40

Restore point made on: 2012-12-10 06:33:52

Restore point made on: 2012-12-11 18:26:21

Restore point made on: 2012-12-11 18:26:42

 

==================== Memory info ===========================

 

Percentage of memory in use: 11%

Total physical RAM: 6055.2 MB

Available physical RAM: 5337.86 MB

Total Pagefile: 6053.34 MB

Available Pagefile: 5324.4 MB

Total Virtual: 8192 MB

Available Virtual: 8191.91 MB

 

==================== Partitions =============================

 

1 Drive c: () (Fixed) (Total:586.07 GB) (Free:70.35 GB) NTFS

3 Drive f: (USB20FD) (Removable) (Total:7.59 GB) (Free:7.5 GB) FAT32

4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

5 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]

 

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 596 GB 0 B

Disk 1 Online 7788 MB 0 B

 

Partitions of Disk 0:

===============

 

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 100 MB 1024 KB

Partition 2 Primary 586 GB 101 MB

Partition 3 OEM 9 GB 586 GB

 

==================================================================================

 

Disk: 0

Partition 1

Type : 07

Hidden: No

Active: Yes

 

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy

 

=========================================================

 

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: No

 

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C NTFS Partition 586 GB Healthy

 

=========================================================

 

Disk: 0

Partition 3

Type : 12

Hidden: Yes

Active: No

 

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 RECOVERY NTFS Partition 9 GB Healthy Hidden

 

=========================================================

 

Partitions of Disk 1:

===============

 

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 7782 MB 5820 KB

 

==================================================================================

 

Disk: 1

Partition 1

Type : 0C

Hidden: No

Active: Yes

 

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 F USB20FD FAT32 Removable 7782 MB Healthy

 

=========================================================

 

Last Boot: 2012-12-05 03:49

 

==================== End Of Log =============================

Share this post


Link to post
Share on other sites

Hello goofy1139

 

After uninstalling ZoneAlarm I was able to get online! Thank You so much!

Thats good news :) (A big thank you is also due to farbar and Jacee for their assistance - you guys rock).

 

Lets continue with the following:

  • CKScanner

  • Download CKScanner by askey127 from here and save it to your Desktop.
  • Right click CKScanner.exe and select "Run as Administrator", then click on Search For Files.
  • When the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved.
  • Double click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply.

Share this post


Link to post
Share on other sites

Hello JonTom

 

Here is the next log,

 

CKScanner 2.1 - Additional Security Risks - These are not necessarily bad

c:new folder (2)desktopaudio record wizard 3.99 inc crack - mast3r-.rar

c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe

c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo

c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url

c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo

c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url

c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe

c:new folder (2)desktop itemsdesktopaudio record wizard 3.99 inc crack - mast3r-.rar

c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe

c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo

c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url

c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo

c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url

c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgavsaudioeditor.exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgf4cg.nfo

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgread me.txt

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgsetup.exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]chattchitto rg.nfo

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]chattchitto rg.url

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]copyto v5.1.0.2 + crack [chattchitto rg].exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]chattchitto rg.nfo

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]chattchitto rg.url

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg].exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]digitalrescue.exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]chattchitto rg.nfo

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]chattchitto rg.url

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]dvdfab platinum v8.1.6.8 + crack [chattchitto rg].exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]chattchitto rg.nfo

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]chattchitto rg.url

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]dvdfab platinum v8.1.7.3 + crack [chattchitto rg].exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackinstall how to.txt

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackreadme.txt

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackulead videostudio plus 11.5 + keygen & dolby digital powerpack.uif

c:new folder (2)geek squad backup 07.09.2012backup continuedadobeadobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html

c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-arw3 setup.exe

c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-crack instructions.txt

c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-lucid.nfo

c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-crackarwizard3.exe

c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe

c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo

c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url

c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo

c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url

c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ].rar

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]avsinstallpack.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]instructions.txt

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsaudioeditoravsaudioeditor.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsaudiorecorderavsaudiorecorder.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsdisccreatoravsdisccreator.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsdocumentconverteravsdocumentconverter.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsdvdcopyavsdvdcopy.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsimageconverteravsexplorerextension.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsimageconverteravsimageconverter.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsphotoeditoravsphotoeditor.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsregistrycleaneravsregistrycleaner.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsringtonemakeravsringtonemaker.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsscreencaptureavsscreencapture.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsvideoconverteravsvideoconverter.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsvideoeditoravsvideoeditor.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsvideorecorderavsvideorecorder.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]avs all-in-one install package v1.3.1+crack [ kk ]crackavsvideoremakeravsvideoremaker.exe

c:new folder (2)geek squad backup 07.09.2012downloadsclonedvd 4crackconfigure.dll

c:new folder (2)geek squad backup 07.09.2012downloadsclonedvd 4crackoptionalmainapp.dll

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvpowerdvd 10 ultra 3d build 1516.51 - cracked.exe

c:new folder (2)geek squad backup 07.09.2012downloadsinternet.download.manager.v6.07.final.build.12.incl.keygen.and.patch-sndsndidman607.exe

c:new folder (2)geek squad backup 07.09.2012downloadslanguagesrosetta stone v3.3.5 for windowsrosetta stone v3.3.5 for windowscrackrosettastoneversion3.exe

c:new folder (2)geek squad backup 07.09.2012downloadsprogramsaudio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe

c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]description and installation instructions.txt

c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]globalerrors.log

c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]idman.exe

c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]idman611.exe

c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]crackidman.exe

c:program filesgimp 2sharegimp2.0patternscracked.pat

c:program files (x86)kurzweil educational systemskurzweil 3000crack.exe

c:usersowneraudio record wizard 3.99 inc crack - mast3r-.rar

c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-theta!!mreader.exe

c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaangrybirdsrioinstaller_1.4.0.exe

c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaread me.txt

c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetatheta.nfo

c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetapatchpatch.exe

c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetapatchreadme.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-theta!!mreader.exe

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaangrybirdsseasonsinstaller_2.4.1.exe

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatheta.nfo

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from 1337x.org.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from ahashare.com.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from btarena.org.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from demonoid.me.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from extratorrent.com.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from h33t.com.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from isohunt.com.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from kat.ph.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from rarbg.com.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetatorrent downloaded from thepiratebay.se.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetapatchpatch.exe

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetapatchreadme.txt

c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaangrybirdsspaceinstaller_1.3.0.exe

c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetatheta.nfo

c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetatorrent downloaded from extratorrent.com.txt

c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetapatchpatch.exe

c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetapatchreadme.txt

c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordaudio record wizard 3.99 inc crack - mast3r-arw3 setup.exe

c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordaudio record wizard 3.99 inc crack - mast3r-crack instructions.txt

c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordaudio record wizard 3.99 inc crack - mast3r-lucid.nfo

c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordaudio record wizard 3.99 inc crack - mast3r-crackarwizard3.exe

c:usersownerbad.piggies.v1.0.0.cracked-thetabadpiggiesinstaller_1.0.0.exe

c:usersownerbad.piggies.v1.0.0.cracked-thetatheta.nfo

c:usersownerbad.piggies.v1.0.0.cracked-thetatorrent downloaded from extratorrent.com.txt

c:usersownerbad.piggies.v1.0.0.cracked-thetapatchpatch.exe

c:usersownerdownloadsprogramsadobe master collection cs6 - crack only (fast & easy)_secure.exe

c:usersownerdownloadsprogramsanydvd & anydvd hd v7.0.5.0 final + crack [chattchitto rg].exe

c:usersownerdownloadsvideoyahoo! video detail for harry caray on crackerjacks.flv

c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]chattchitto rg.nfo

c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]chattchitto rg.url

c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]dvdfab platinum v8.2.1.3 + crack [chattchitto rg].exe

c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]chattchitto rg.nfo

c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]chattchitto rg.url

c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]dvdfab platinum v8.2.1.5 + crack [chattchitto rg].exe

scanner sequence 3.ZZ.11.BEAPXR

----- EOF -----

Share this post


Link to post
Share on other sites

Hello goofy1139

 

I don't think ive ever seen so many cracked and keygened files on a machine before.

 

Not only are cracked files loaded with malware, they are also completely illegal.

 

This forum does not condone or support the use of cracked/keygened material.

 

If you wish to receive continued support at this forum you must remove this material immediately.

 

  • Please work through the following steps

  • Hold down the Windows key (has the Windows symbol on it) and press the "R" key. A Run box will open. Type in Notepad and press Enter then click on "OK").
  • NOTE: Do not Use Wordpad or any other text editor except Notepad or the script will fail.
  • Copy and Paste the text in the quotebox below into the open Notepad window:

     

    File::

    c:\new folder (2)\desktop\audio record wizard 3.99 inc crack - mast3r-.rar

    c:\new folder (2)\desktop items\desktop\audio record wizard 3.99 inc crack - mast3r-.rar

    c:\new folder (2)\geek squad backup 07.09.2012\backup continued\adobe\adobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html

    c:\new folder (2)\geek squad backup 07.09.2012\downloads\programs\audio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe

    c:\program files (x86)\kurzweil educational systems\kurzweil 3000\crack.exe

    c:\users\owner\audio record wizard 3.99 inc crack - mast3r-.rar

    c:\users\owner\downloads\programs\adobe master collection cs6 - crack only (fast & easy)_secure.exe

    c:\users\owner\downloads\programs\anydvd & anydvd hd v7.0.5.0 final + crack [chattchitto rg].exe

     

    Folder::

    c:\new folder (2)\desktop\copy to dvd\anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]

    c:\new folder (2)\desktop\copy to dvd\clonedvd v2.9.2.8 + keygen [chattchitto rg]

    c:\new folder (2)\desktop items\desktop\copy to dvd\anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]

    c:\new folder (2)\desktop items\desktop\copy to dvd\clonedvd v2.9.2.8 + keygen [chattchitto rg]

    c:\new folder (2)\geek squad backup 07.09.2012\backup continued\2\mov2\anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]

    c:\new folder (2)\geek squad backup 07.09.2012\backup continued\2\mov2\avs.audio.editor.v7.1.3.444.cracked-f4cg

    c:\new folder (2)\geek squad backup 07.09.2012\backup continued\2\mov2\clonedvd v2.9.2.8 + keygen [chattchitto rg]

    c:\new folder (2)\geek squad backup 07.09.2012\backup continued\2\mov2\copyto v5.1.0.2 + crack [chattchitto rg]

    c:\new folder (2)\geek squad backup 07.09.2012\backup continued\2\mov2\digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]

    c:\new folder (2)\geek squad backup 07.09.2012\backup continued\2\mov2\dvdfab platinum v8.1.6.8 + crack [chattchitto rg]

    c:\new folder (2)\geek squad backup 07.09.2012\backup continued\2\mov2\dvdfab platinum v8.1.7.3 + crack [chattchitto rg]

    c:\new folder (2)\geek squad backup 07.09.2012\backup continued\2\mov2\ulead videostudio plus 11.5 + keygen & dolby digital powerpack

    c:\new folder (2)\geek squad backup 07.09.2012\backup continued\audio record wizard 3.99 inc crack - mast3r-

    c:\new folder (2)\geek squad backup 07.09.2012\backup continued\desktop\copy to dvd\anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]

    c:\new folder (2)\geek squad backup 07.09.2012\backup continued\desktop\copy to dvd\clonedvd v2.9.2.8 + keygen [chattchitto rg]

    c:\new folder (2)\geek squad backup 07.09.2012\downloads\avs all-in-one install package v1.3.1+crack [ kk ]

    c:\new folder (2)\geek squad backup 07.09.2012\downloads\clonedvd 4\crack

    c:\new folder (2)\geek squad backup 07.09.2012\downloads\cyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsv

    c:\new folder (2)\geek squad backup 07.09.2012\downloads\internet.download.manager.v6.07.final.build.12.incl.keygen.and.patch-snd

    c:\new folder (2)\geek squad backup 07.09.2012\downloads\languages\rosetta stone v3.3.5 for windows\rosetta stone v3.3.5 for windows\crack

    c:\new folder (2)\internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]

    c:\users\owner\angry.birds.rio.v1.4.0.cracked.read.nfo-theta

    c:\users\owner\angry.birds.seasons.v2.4.1.cracked.read.nfo-theta

    c:\users\owner\angry.birds.space.v1.3.0.cracked.read.nfo-theta

    c:\users\owner\audio record wizard 3.99 inc crack - mast3r-

    c:\users\owner\bad.piggies.v1.0.0.cracked-theta

    c:\users\owner\downloads\video\tts\dvdfab platinum v8.2.1.3 + crack [chattchitto rg]

    c:\users\owner\downloads\video\tts\dvdfab platinum v8.2.1.5 + crack [chattchitto rg]

     

     

  • Save this as "CFScript.txt" (including the quotation marks), change the "Save as type" to "All Files" and save it to your desktop.
  • Close any open browsers.
  • Disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Refering to the picture below, drag CFScript.txt into ComboFix.exe

     

    Posted Image

  • When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
  • Once the log is produced, re-engage your resident anti virus.
Post the Combofix log and a new CKScanner log in your next reply.

 

Share this post


Link to post
Share on other sites

Hello JonTom,

 

I ran the combofix and CKScanner and now nothing works. I get this message 'illegal operation attempted on a registry key that been marked for deletion' i couldn't even open notepad i had to tranfer to a flashdrive and open it on another computer to post

 

here are the logs

 

ComboFix 12-12-02.01 - Owner 12/18/2012 12:31:05.3.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6055.4279 [GMT -6:00]

Running from: c:usersOwnerDesktopComboFix.exe

Command switches used :: c:usersOwnerDesktopCFScript.txt

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:new folder (2)desktop itemsdesktopaudio record wizard 3.99 inc crack - mast3r-.rar"

"c:new folder (2)desktopaudio record wizard 3.99 inc crack - mast3r-.rar"

"c:new folder (2)geek squad backup 07.09.2012backup continuedadobeadobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html"

"c:new folder (2)geek squad backup 07.09.2012downloadsprogramsaudio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe"

"c:program files (x86)kurzweil educational systemskurzweil 3000crack.exe"

"c:usersowneraudio record wizard 3.99 inc crack - mast3r-.rar"

"c:usersownerdownloadsprogramsadobe master collection cs6 - crack only (fast & easy)_secure.exe"

"c:usersownerdownloadsprogramsanydvd & anydvd hd v7.0.5.0 final + crack [chattchitto rg].exe"

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]

c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]AnyDVD & AnyDVD HD v6.9.1.0 FINAL + Crack [ChattChitto RG].exe

c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.nfo

c:new folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.url

c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]

c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.nfo

c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.url

c:new folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]CloneDVD v2.9.2.8 + KeyGen [ChattChitto RG].exe

c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]

c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]AnyDVD & AnyDVD HD v6.9.1.0 FINAL + Crack [ChattChitto RG].exe

c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.nfo

c:new folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.url

c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]

c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.nfo

c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.url

c:new folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]CloneDVD v2.9.2.8 + KeyGen [ChattChitto RG].exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]AnyDVD & AnyDVD HD v6.9.1.0 FINAL + Crack [ChattChitto RG].exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.nfo

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.url

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cg

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgAVSAudioEditor.exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgf4cg.nfo

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgRead Me.txt

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgsetup.exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.nfo

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.url

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]CloneDVD v2.9.2.8 + KeyGen [ChattChitto RG].exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]ChattChitto RG.nfo

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]ChattChitto RG.url

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]CopyTo v5.1.0.2 + Crack [ChattChitto RG].exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]ChattChitto RG.nfo

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]ChattChitto RG.url

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]Digital Rescue 4 Premium v4.0.0.2E + Crack [ChattChitto RG].exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2digital rescue 4 premium v4.0.0.2e + crack [chattchitto rg]DigitalRescue.exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]ChattChitto RG.nfo

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]ChattChitto RG.url

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.6.8 + crack [chattchitto rg]DVDFab Platinum v8.1.6.8 + Crack [ChattChitto RG].exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]ChattChitto RG.nfo

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]ChattChitto RG.url

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2dvdfab platinum v8.1.7.3 + crack [chattchitto rg]DVDFab Platinum v8.1.7.3 + Crack [ChattChitto RG].exe

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpack

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackInstall How to.txt

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackReadme.txt

c:new folder (2)geek squad backup 07.09.2012backup continued2mov2ulead videostudio plus 11.5 + keygen & dolby digital powerpackUlead VideoStudio Plus 11.5 + Keygen & Dolby Digital PowerPack.UIF

c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-

c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-arw3 Setup.exe

c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-Crack Instructions.txt

c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-CrackARWizard3.exe

c:new folder (2)geek squad backup 07.09.2012backup continuedaudio record wizard 3.99 inc crack - mast3r-lucid.nfo

c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]

c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]AnyDVD & AnyDVD HD v6.9.1.0 FINAL + Crack [ChattChitto RG].exe

c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.nfo

c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]ChattChitto RG.url

c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]

c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.nfo

c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]ChattChitto RG.url

c:new folder (2)geek squad backup 07.09.2012backup continueddesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]CloneDVD v2.9.2.8 + KeyGen [ChattChitto RG].exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ].rar

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]AVSInstallPack.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSAudioEditorAVSAudioEditor.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSAudioRecorderAVSAudioRecorder.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSDiscCreatorAVSDiscCreator.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSDocumentConverterAVSDocumentConverter.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSDVDCopyAVSDVDCopy.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSImageConverterAVSExplorerExtension.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSImageConverterAVSImageConverter.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSPhotoEditorAVSPhotoEditor.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSRegistryCleanerAVSRegistryCleaner.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSRingtoneMakerAVSRingtoneMaker.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSScreenCaptureAVSScreenCapture.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSVideoConverterAVSVideoConverter.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSVideoEditorAVSVideoEditor.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSVideoRecorderAVSVideoRecorder.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]CrackAVSVideoReMakerAVSVideoReMaker.exe

c:new folder (2)geek squad backup 07.09.2012downloadsavs all-in-one install package v1.3.1+crack [ kk ]AVS All-In-One Install Package v1.3.1+Crack [ kk ]Instructions.txt

c:new folder (2)geek squad backup 07.09.2012downloadsclonedvd 4crack

c:new folder (2)geek squad backup 07.09.2012downloadsclonedvd 4crackConfigure.dll

c:new folder (2)geek squad backup 07.09.2012downloadsclonedvd 4crackOptionalMainApp.dll

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsv

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvPowerDVD 10 Ultra 3D Build 1516.51 - Cracked.exe

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVHow to install.txt

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVRead Me - TSV.txt

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareAdvanced SystemCare Pro - Cracked.torrent

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareDVDFab Platinum v8.0.7.3 - Cracked.torrent

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareMicrosoft Office 2010 Professional Plus - Cracked.torrent

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareRead Me - TSV.txt

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareSony Vegas Movie Studio HD Platinum - Cracked.torrent

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVSoftwareWindows 7 Ultimate - 32 Bit (Auto Activation) - Cracked.torrent

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTorrent downloaded from Demonoid.me.txt

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Productions - Read Me..docx

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Software TorrentsAdvanced SystemCare Pro - Cracked.torrent

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Software TorrentsMicrosoft Office 2010 Professional Plus - Cracked.torrent

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Software TorrentsRead Me - TSV.txt

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Software TorrentsSony Vegas Movie Studio HD Platinum - Cracked.torrent

c:new folder (2)geek squad backup 07.09.2012downloadscyberlink powerdvd 10 ultra 3d build 1516 retail - cracked tsvTSVTSV Software TorrentsWindows 7 Ultimate - 32 Bit (Auto Activation) - Cracked.torrent

c:new folder (2)geek squad backup 07.09.2012downloadsinternet.download.manager.v6.07.final.build.12.incl.keygen.and.patch-snd

c:new folder (2)geek squad backup 07.09.2012downloadsinternet.download.manager.v6.07.final.build.12.incl.keygen.and.patch-sndSNDidman607.exe

c:new folder (2)geek squad backup 07.09.2012downloadslanguagesrosetta stone v3.3.5 for windowsrosetta stone v3.3.5 for windowscrack

c:new folder (2)geek squad backup 07.09.2012downloadslanguagesrosetta stone v3.3.5 for windowsrosetta stone v3.3.5 for windowscrackRosettaStoneVersion3.exe

c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]

c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]CrackIDMan.exe

c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]Description and Installation Instructions.txt

c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]GlobalErrors.log

c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]IDMan.exe

c:new folder (2)internet download manager v6.11. 8.1 (idm) +crack + key [h33t][iahq76]idman611.exe

c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-theta

c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-theta!!Mreader.exe

c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaAngryBirdsRioInstaller_1.4.0.exe

c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaPatchPatch.exe

c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaPatchReadme.txt

c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaRead Me.txt

c:usersownerangry.birds.rio.v1.4.0.cracked.read.nfo-thetaTHETA.nfo

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-theta

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-theta!!Mreader.exe

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaAngryBirdsSeasonsInstaller_2.4.1.exe

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaPatchPatch.exe

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaPatchReadme.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTHETA.nfo

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from 1337x.org.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from Ahashare.com.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from Btarena.org.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from Demonoid.me.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from ExtraTorrent.com.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from H33t.com.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from IsoHunt.com.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from Kat.ph.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from Rarbg.com.txt

c:usersownerangry.birds.seasons.v2.4.1.cracked.read.nfo-thetaTorrent downloaded from ThePirateBay.se.txt

c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-theta

c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaAngryBirdsSpaceInstaller_1.3.0.exe

c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaPatchPatch.exe

c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaPatchReadme.txt

c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaTHETA.nfo

c:usersownerangry.birds.space.v1.3.0.cracked.read.nfo-thetaTorrent Downloaded From ExtraTorrent.com.txt

c:usersowneraudio record wizard 3.99 inc crack - mast3r-

c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordAudio Record Wizard 3.99 Inc Crack - Mast3r-arw3 Setup.exe

c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordAudio Record Wizard 3.99 Inc Crack - Mast3r-Crack Instructions.txt

c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordAudio Record Wizard 3.99 Inc Crack - Mast3r-CrackARWizard3.exe

c:usersowneraudio record wizard 3.99 inc crack - mast3r-audio recordAudio Record Wizard 3.99 Inc Crack - Mast3r-lucid.nfo

c:usersownerbad.piggies.v1.0.0.cracked-theta

c:usersownerbad.piggies.v1.0.0.cracked-thetaBadPiggiesInstaller_1.0.0.exe

c:usersownerbad.piggies.v1.0.0.cracked-thetaPatchPatch.exe

c:usersownerbad.piggies.v1.0.0.cracked-thetaTHETA.nfo

c:usersownerbad.piggies.v1.0.0.cracked-thetaTorrent Downloaded From ExtraTorrent.com.txt

c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]

c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]ChattChitto RG.nfo

c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]ChattChitto RG.url

c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.3 + crack [chattchitto rg]DVDFab Platinum v8.2.1.3 + Crack [ChattChitto RG].exe

c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]

c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]ChattChitto RG.nfo

c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]ChattChitto RG.url

c:usersownerdownloadsvideottsdvdfab platinum v8.2.1.5 + crack [chattchitto rg]DVDFab Platinum v8.2.1.5 + Crack [ChattChitto RG].exe

c:windowsSysWow64Packet.dll

c:windowsSysWow64wpcap.dll

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------Legacy_NPF

-------Service_NPF

.

.

((((((((((((((((((((((((( Files Created from 2012-11-18 to 2012-12-18 )))))))))))))))))))))))))))))))

.

.

2012-12-18 18:43 . 2012-12-18 18:43 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp

2012-12-18 18:43 . 2012-12-18 18:43 -------- d-----w- c:usersDefaultAppDataLocaltemp

2012-12-18 13:42 . 2012-11-08 17:24 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{E0C11D25-2DC5-4B71-8976-A4767590840B}mpengine.dll

2012-12-16 22:46 . 2012-10-30 23:51 370288 ----a-w- c:windowssystem32driversaswSP.sys

2012-12-16 22:46 . 2012-10-30 23:51 25232 ----a-w- c:windowssystem32driversaswFsBlk.sys

2012-12-16 22:46 . 2012-10-15 16:59 54072 ----a-w- c:windowssystem32driversaswRdr2.sys

2012-12-16 22:46 . 2012-10-30 23:51 59728 ----a-w- c:windowssystem32driversaswTdi.sys

2012-12-16 22:46 . 2012-10-30 23:51 984144 ----a-w- c:windowssystem32driversaswSnx.sys

2012-12-16 22:46 . 2012-10-30 23:51 71600 ----a-w- c:windowssystem32driversaswMonFlt.sys

2012-12-16 22:46 . 2012-10-30 23:51 41224 ----a-w- c:windowsavastSS.scr

2012-12-16 22:45 . 2012-10-30 23:50 227648 ----a-w- c:windowsSysWow64aswBoot.exe

2012-12-16 22:06 . 2012-12-16 22:07 -------- d-----w- c:usersOwnerAppDataLocalNETGEARGenie

2012-12-16 22:06 . 2012-12-16 22:06 369168 ----a-w- c:windowssystem32wpcap.dll

2012-12-16 22:06 . 2012-12-16 22:06 35344 ----a-w- c:windowssystem32driversnpf.sys

2012-12-16 22:06 . 2012-12-16 22:06 106000 ----a-w- c:windowssystem32packet.dll

2012-12-16 22:06 . 2012-12-16 22:06 -------- d-----w- c:program files (x86)NETGEAR Genie

2012-12-14 20:48 . 2012-12-14 20:48 -------- d-----w- c:program files (x86)uTorrent

2012-12-14 13:06 . 2012-11-14 07:06 17811968 ----a-w- c:windowssystem32mshtml.dll

2012-12-14 13:06 . 2012-11-14 06:32 10925568 ----a-w- c:windowssystem32ieframe.dll

2012-12-13 11:57 . 2012-11-02 05:59 478208 ----a-w- c:windowssystem32dpnet.dll

2012-12-13 11:57 . 2012-11-02 05:11 376832 ----a-w- c:windowsSysWow64dpnet.dll

2012-12-12 21:34 . 2012-12-13 00:47 -------- d-----w- c:usersOwnerAppDataRoamingatunes

2012-12-12 21:33 . 2012-12-12 21:33 -------- d-----w- c:program files (x86)aTunes

2012-12-12 17:44 . 2012-12-12 17:44 -------- d-----w- c:program files (x86)CheckPoint

2012-12-10 15:12 . 2012-12-10 15:12 -------- d-----w- C:FRACTURE EXTRAS

2012-12-05 17:06 . 2012-11-29 08:27 96224 ----a-w- c:program files (x86)Mozilla Firefoxwebapprt-stub.exe

2012-12-05 17:06 . 2012-11-29 08:27 270816 ----a-w- c:program files (x86)Mozilla Firefoxupdater.exe

2012-12-05 17:06 . 2012-11-29 08:27 157272 ----a-w- c:program files (x86)Mozilla Firefoxwebapp-uninstaller.exe

2012-12-05 17:06 . 2012-11-29 08:27 73696 ----a-w- c:program files (x86)Mozilla Firefoxbreakpadinjector.dll

2012-11-30 15:39 . 2012-11-30 21:47 -------- d-----w- c:program files (x86)Malwarebytes' Anti-Malware

2012-11-30 15:39 . 2012-09-30 01:54 25928 ----a-w- c:windowssystem32driversmbam.sys

2012-11-30 14:16 . 2012-11-30 14:16 -------- d-----w- c:windowsERUNT

2012-11-30 14:15 . 2012-12-06 01:06 -------- d-----w- C:JRT

2012-11-27 17:18 . 2012-12-12 19:11 -------- d-----w- C:FRST

2012-11-25 02:04 . 2012-12-05 19:46 -------- d-----w- c:usersOwnerAppDataLocalElevatedDiagnostics

2012-11-24 14:58 . 2011-05-30 13:42 240640 ----a-w- c:windowsSysWow64xvidvfw.dll

2012-11-24 14:58 . 2011-05-30 13:42 255488 ----a-w- c:windowssystem32xvidvfw.dll

2012-11-24 14:58 . 2011-05-23 09:52 153088 ----a-w- c:windowsSysWow64xvid.ax

2012-11-24 14:58 . 2011-05-23 07:49 173568 ----a-w- c:windowssystem32xvid.ax

2012-11-24 14:58 . 2011-05-23 07:46 645632 ----a-w- c:windowsSysWow64xvidcore.dll

2012-11-24 14:58 . 2011-05-23 07:45 696832 ----a-w- c:windowssystem32xvidcore.dll

2012-11-24 14:57 . 2012-11-24 14:57 -------- d-----w- c:usersOwner.bitrock

2012-11-24 01:49 . 2012-11-24 14:58 -------- d-----w- c:program files (x86)Xvid

2012-11-21 18:48 . 2010-11-26 23:02 17720 ----a-w- c:windowssystem32driversSmartDefragDriver.sys

2012-11-21 14:17 . 2012-11-21 14:19 -------- d-----w- c:program files (x86)MeadCo Neptune

2012-11-20 22:16 . 2012-12-12 16:25 -------- dc----w- c:windowssystem32DRVSTORE

2012-11-20 22:15 . 2012-11-20 22:15 -------- d-----w- c:usersOwnerAppDataRoamingCheckPoint

2012-11-20 21:46 . 2012-12-12 17:44 -------- d-----w- c:programdataCheckPoint

2012-11-20 18:23 . 2012-11-20 18:23 -------- d-----w- c:usersOwnerAppDataRoamingMalwarebytes

2012-11-20 18:22 . 2012-11-20 18:22 -------- d-----w- c:programdataMalwarebytes

2012-11-20 16:27 . 2012-11-20 16:27 -------- d-----w- c:programdataPCPitstop

2012-11-20 16:25 . 2012-11-21 15:57 -------- d-----w- c:program files (x86)PCPitstop

2012-11-20 11:53 . 2012-11-20 11:53 -------- d-----w- c:usersOwnerAppDataRoamingConverterLite

2012-11-20 01:03 . 2012-11-20 01:03 -------- d-----w- c:usersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012)

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-18 18:45 . 2012-11-14 20:30 15712 ----a-w- c:windowssystem32driversSWDUMon.sys

2012-12-14 13:10 . 2012-07-25 12:45 67413224 ----a-w- c:windowssystem32MRT.exe

2012-12-12 17:57 . 2012-07-31 00:28 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe

2012-12-12 17:57 . 2012-07-31 00:28 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl

2012-11-24 01:35 . 2012-10-06 20:26 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll

2012-11-15 01:51 . 2012-11-15 01:51 62976 ----a-w- c:windowssystem32TSWbPrxy.exe

2012-11-15 01:51 . 2012-11-15 01:51 57856 ----a-w- c:windowssystem32driversTsUsbFlt.sys

2012-11-15 01:51 . 2012-11-15 01:51 5773824 ----a-w- c:windowssystem32mstscax.dll

2012-11-15 01:51 . 2012-11-15 01:51 54272 ----a-w- c:windowssystem32MsRdpWebAccess.dll

2012-11-15 01:51 . 2012-11-15 01:51 4916224 ----a-w- c:windowsSysWow64mstscax.dll

2012-11-15 01:51 . 2012-11-15 01:51 46592 ----a-w- c:windowsSysWow64MsRdpWebAccess.dll

2012-11-15 01:51 . 2012-11-15 01:51 44032 ----a-w- c:windowssystem32tsgqec.dll

2012-11-15 01:51 . 2012-11-15 01:51 43520 ----a-w- c:windowssystem32TsUsbGDCoInstaller.dll

2012-11-15 01:51 . 2012-11-15 01:51 384000 ----a-w- c:windowssystem32wksprt.exe

2012-11-15 01:51 . 2012-11-15 01:51 37376 ----a-w- c:windowsSysWow64tsgqec.dll

2012-11-15 01:51 . 2012-11-15 01:51 322560 ----a-w- c:windowssystem32aaclient.dll

2012-11-15 01:51 . 2012-11-15 01:51 3174912 ----a-w- c:windowssystem32rdpcorets.dll

2012-11-15 01:51 . 2012-11-15 01:51 269312 ----a-w- c:windowsSysWow64aaclient.dll

2012-11-15 01:51 . 2012-11-15 01:51 243200 ----a-w- c:windowssystem32rdpudd.dll

2012-11-15 01:51 . 2012-11-15 01:51 228864 ----a-w- c:windowssystem32rdpendp_winip.dll

2012-11-15 01:51 . 2012-11-15 01:51 19456 ----a-w- c:windowssystem32driversrdpvideominiport.sys

2012-11-15 01:51 . 2012-11-15 01:51 192000 ----a-w- c:windowsSysWow64rdpendp_winip.dll

2012-11-15 01:51 . 2012-11-15 01:51 18432 ----a-w- c:windowssystem32wksprtPS.dll

2012-11-15 01:51 . 2012-11-15 01:51 16896 ----a-w- c:windowsSysWow64wksprtPS.dll

2012-11-15 01:51 . 2012-11-15 01:51 15360 ----a-w- c:windowssystem32RdpGroupPolicyExtension.dll

2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyExtension.dll

2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyControl.exe

2012-11-15 01:51 . 2012-11-15 01:51 1123840 ----a-w- c:windowssystem32mstsc.exe

2012-11-15 01:51 . 2012-11-15 01:51 1048064 ----a-w- c:windowsSysWow64mstsc.exe

2012-11-15 01:50 . 2012-11-15 01:50 96768 ----a-w- c:windowsSysWow64sspicli.dll

2012-11-15 01:50 . 2012-11-15 01:50 458712 ----a-w- c:windowssystem32driverscng.sys

2012-11-15 01:50 . 2012-11-15 01:50 340992 ----a-w- c:windowssystem32schannel.dll

2012-11-15 01:50 . 2012-11-15 01:50 307200 ----a-w- c:windowssystem32ncrypt.dll

2012-11-15 01:50 . 2012-11-15 01:50 247808 ----a-w- c:windowsSysWow64schannel.dll

2012-11-15 01:50 . 2012-11-15 01:50 220160 ----a-w- c:windowsSysWow64ncrypt.dll

2012-11-15 01:50 . 2012-11-15 01:50 22016 ----a-w- c:windowsSysWow64secur32.dll

2012-11-15 01:50 . 2012-11-15 01:50 154480 ----a-w- c:windowssystem32driversksecpkg.sys

2012-11-15 01:50 . 2012-11-15 01:50 1448448 ----a-w- c:windowssystem32lsasrv.dll

2012-11-15 01:49 . 2012-11-15 01:49 514560 ----a-w- c:windowsSysWow64qdvd.dll

2012-11-15 01:49 . 2012-11-15 01:49 366592 ----a-w- c:windowssystem32qdvd.dll

2012-11-14 20:32 . 2012-11-14 20:32 30568 ----a-w- c:windowssystem32driversavgtpx64.sys

2012-11-01 18:31 . 2012-11-01 18:31 40712 ----a-w- c:windowssystem32driverstaphss6.sys

2012-11-01 18:25 . 2012-11-01 18:25 42248 ----a-w- c:windowssystem32drivershssdrv6.sys

2012-10-30 23:50 . 2012-08-03 22:43 285328 ----a-w- c:windowssystem32aswBoot.exe

2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:windowsSysWow64QuickTimeVR.qtx

2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:windowsSysWow64QuickTime.qts

2012-10-22 22:34 . 2012-10-22 22:34 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll

2012-10-22 22:34 . 2012-10-22 22:35 821736 ----a-w- c:windowsSysWow64npDeployJava1.dll

2012-10-22 22:34 . 2012-10-22 22:35 746984 ----a-w- c:windowsSysWow64deployJava1.dll

2012-10-17 13:39 . 2012-10-17 13:39 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCore-2Microsoft.MediaCenter.Sports.UI.dll

2012-10-17 13:39 . 2012-10-17 13:39 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkup-2markup.dll

2012-10-17 13:37 . 2012-10-17 13:37 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSM-2StartResources.dll

2012-10-16 08:38 . 2012-12-13 11:57 135168 ----a-w- c:windowsapppatchAppPatch64AcXtrnal.dll

2012-10-16 08:38 . 2012-12-13 11:57 350208 ----a-w- c:windowsapppatchAppPatch64AcLayers.dll

2012-10-16 07:39 . 2012-12-13 11:57 561664 ----a-w- c:windowsapppatchAcLayers.dll

2012-10-09 18:17 . 2012-11-15 12:36 55296 ----a-w- c:windowssystem32dhcpcsvc6.dll

2012-10-09 18:17 . 2012-11-15 12:36 226816 ----a-w- c:windowssystem32dhcpcore6.dll

2012-10-09 17:40 . 2012-11-15 12:36 44032 ----a-w- c:windowsSysWow64dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-15 12:36 193536 ----a-w- c:windowsSysWow64dhcpcore6.dll

2012-10-06 20:26 . 2012-10-06 20:26 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkupmarkup.dll

2012-10-06 20:26 . 2012-10-06 20:26 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSMStartResources.dll

2012-10-06 20:26 . 2012-10-06 20:26 539984 ----a-w- c:programdataMicrosofteHomePackagesMCESpotlightMCESpotlightSpotlightResources.dll

2012-10-04 16:40 . 2012-12-13 11:58 44032 ----a-w- c:windowsapppatchacwow64.dll

2012-10-03 17:56 . 2012-11-17 17:59 1914248 ----a-w- c:windowssystem32driverstcpip.sys

2012-10-03 17:44 . 2012-11-17 17:59 70656 ----a-w- c:windowssystem32nlaapi.dll

2012-10-03 17:44 . 2012-11-17 17:59 303104 ----a-w- c:windowssystem32nlasvc.dll

2012-10-03 17:44 . 2012-11-17 17:59 246272 ----a-w- c:windowssystem32netcorehc.dll

2012-10-03 17:44 . 2012-11-17 17:59 18944 ----a-w- c:windowssystem32netevent.dll

2012-10-03 17:44 . 2012-11-17 17:59 216576 ----a-w- c:windowssystem32ncsi.dll

2012-10-03 17:42 . 2012-11-17 17:59 569344 ----a-w- c:windowssystem32iphlpsvc.dll

2012-10-03 16:42 . 2012-11-17 17:59 18944 ----a-w- c:windowsSysWow64netevent.dll

2012-10-03 16:42 . 2012-11-17 17:59 175104 ----a-w- c:windowsSysWow64netcorehc.dll

2012-10-03 16:42 . 2012-11-17 17:59 156672 ----a-w- c:windowsSysWow64ncsi.dll

2012-10-03 16:07 . 2012-11-17 17:59 45568 ----a-w- c:windowssystem32driverstcpipreg.sys

2012-09-25 22:47 . 2012-11-15 12:31 78336 ----a-w- c:windowsSysWow64synceng.dll

2012-09-25 22:46 . 2012-11-15 12:31 95744 ----a-w- c:windowssystem32synceng.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{30C456C5-0E73-2343-38F0-D9F9CF8B0F52}]

2012-10-28 14:44 129024 ----a-w- c:programdataVaudix508d44c452574.ocx

.

[HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE}]

2012-10-28 14:36 129024 ----a-w- c:programdataVaudix508d42f54b62d.ocx

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar]

"{8945176c-2823-4272-9735-873e75bfe1b4}"= "c:program files (x86)APlusGamer_63bar1.bin63bar.dll" [bU]

.

[HKEY_CLASSES_ROOTclsid{8945176c-2823-4272-9735-873e75bfe1b4}]

.

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"IDMan"="c:program files (x86)Internet Download ManagerIDMan.exe" [2012-09-01 3528128]

"Xvid"="c:program files (x86)XvidCheckUpdate.exe" [2011-01-17 8192]

"AnyDVD"="c:program files (x86)SlySoftAnyDVDAnyDVDtray.exe" [2012-11-23 6663840]

"Spotify Web Helper"="c:usersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe" [2012-10-28 1199576]

"NETGEARGenie"="c:program files (x86)NETGEAR GeniebinNETGEARGenie.exe" [2012-10-16 1041736]

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]

"CLMLServer"="c:program files (x86)CyberLinkPower2GoCLMLSvc.exe" [2009-11-02 103720]

"Samsung PanelMgr"="c:windowsSamsungPanelMgrSSMMgr.exe" [2010-06-08 618496]

"UVS10 Preload"="c:program files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe" [2006-03-07 36864]

"UpdatePPShortCut"="c:program files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" [2009-05-20 222504]

"Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-27 919008]

"SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848]

"APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-10-12 59280]

"PowerDVD12DMREngine"="c:program files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [2012-09-19 505872]

"PowerDVD12Agent"="c:program files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [2012-09-19 374560]

"QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-10-25 421888]

"avast"="c:program filesAVAST SoftwareAvastavastUI.exe" [2012-10-30 4297136]

.

c:usersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

MagicDisc.lnk - c:program files (x86)MagicDiscMagicDisc.exe [2012-9-15 576000]

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:windowsSysWOW64nvinit.dll

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32]

"wave6"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576]

R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944]

R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:windowssystem32DRIVERSAVerPola.sys [2011-01-04 534144]

R3 BBUpdate;BBUpdate;c:program files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe [2012-02-10 240408]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:program filesIntelWiFibinPanDhcpDns.exe [2011-01-05 340240]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2012-11-15 19456]

R3 Samsung UPD Service;Samsung UPD Service;c:windowsSystem32SUPDSvc.exe [2010-08-09 166704]

R3 StkCMini;Syntek AVStream USB2.0 ATV;c:windowssystem32DriversStkCMini.sys [2010-04-16 1816968]

R3 SWDUMon;SWDUMon;c:windowssystem32DRIVERSSWDUMon.sys [2012-12-18 15712]

R3 taphss6;Anchorfree HSS VPN Adapter;c:windowssystem32DRIVERStaphss6.sys [2012-11-01 40712]

R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2012-11-15 57856]

R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2012-07-25 1255736]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32DRIVERSwdcsam64.sys [2008-05-06 14464]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 57184]

S0 nvpciflt;nvpciflt;c:windowssystem32DRIVERSnvpciflt.sys [2010-12-14 25576]

S0 SmartDefragDriver;SmartDefragDriver;c:windowsSystem32DriversSmartDefragDriver.sys [2010-11-26 17720]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-14 30568]

S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:windowssystem32DriversSABI.sys [2009-05-28 13824]

S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34];c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-09-19 22:12 147704]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2012-10-30 71600]

S2 BBSvc;BingBar Service;c:program files (x86)MicrosoftBingBar7.1.361.0BBSvc.exe [2012-02-10 193816]

S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-09-19 90640]

S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-09-19 78352]

S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-09-19 295440]

S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:program filesIntelWiMAXBinDMAgent.exe [2011-06-06 498688]

S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.sys [2012-08-02 158944]

S2 MBAMScheduler;MBAMScheduler;c:program files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [2012-09-30 399432]

S2 MBAMService;MBAMService;c:program files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2012-09-30 676936]

S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:program files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe [2012-09-25 231752]

S2 nlsX86cc;Nalpeiron Licensing Service;c:windowsSysWOW64nlssrv32.exe [2010-11-22 66560]

S2 ntk_PowerDVD12;ntk_PowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-06-20 83704]

S2 UNS;Intel® Management and Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-10-06 2655768]

S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:program filesIntelWiMAXBinAppSrv.exe [2011-06-06 986112]

S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:windowssystem32DRIVERSbpenum.sys [2011-05-19 84480]

S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:windowssystem32DRIVERSbpmp.sys [2011-05-19 182272]

S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:windowssystem32Driversbpusb.sys [2011-05-19 83968]

S3 clwvd;CyberLink WebCam Virtual Driver;c:windowssystem32DRIVERSclwvd.sys [2010-11-10 31088]

S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys [2010-11-12 138024]

S3 IntcDAud;Intel® Display Audio;c:windowssystem32DRIVERSIntcDAud.sys [2010-10-15 317440]

S3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [2012-09-30 25928]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:windowssystem32DRIVERSnusb3hub.sys [2010-10-11 80384]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:windowssystem32DRIVERSnusb3xhc.sys [2010-10-11 180736]

S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2011-06-10 539240]

S3 wdkmd;Intel WiDi KMD;c:windowssystem32DRIVERSWDKMD.sys [2010-11-30 42392]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - NPF

.

Contents of the 'Scheduled Tasks' folder

.

2012-12-18 c:windowsTasksAdobe Flash Player Updater.job

- c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-31 17:57]

.

2012-12-18 c:windowsTasksSlimDrivers Startup.job

- c:program files (x86)SlimDriversSlimDrivers.exe [2012-10-14 21:29]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}]

2012-10-30 23:50 133400 ----a-w- c:program filesAVAST SoftwareAvastashShA64.dll

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersIDM Shell Extension]

@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"

[HKEY_CLASSES_ROOTCLSID{CDC95B92-E27C-4745-A8C5-64A52A78855D}]

2012-02-08 00:49 23432 ----a-w- c:program files (x86)Internet Download ManagerIDMShellExt64.dll

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"IgfxTray"="c:windowssystem32igfxtray.exe" [2011-01-04 167960]

"HotKeysCmds"="c:windowssystem32hkcmd.exe" [2011-01-04 391704]

"Persistence"="c:windowssystem32igfxpers.exe" [2011-01-04 417304]

"RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2010-11-30 11660904]

"IntelWireless"="c:program filesCommon FilesIntelWirelessCommoniFrmewrk.exe" [2011-01-05 1933584]

"ETDCtrl"="c:program files (x86)ElantechETDCtrl.exe" [bU]

"IntelWirelessWiMAX"="c:program filesIntelWiMAXBinWiMAXCU.exe" [2011-06-02 1622016]

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]

"AppInit_DLLs"=c:windowsSystem32nvinitx.dll

.

------- Supplementary Scan -------

.

uLocal Page = c:windowssystem32blank.htm

mStart Page = hxxp://samsung.msn.com

mLocal Page = c:windowsSysWOW64blank.htm

IE: Download all links with IDM - c:program files (x86)Internet Download ManagerIEGetAll.htm

IE: Download with IDM - c:program files (x86)Internet Download ManagerIEExt.htm

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default

FF - ExtSQL: 2012-11-04 18:39; 50970cb9d50ba@50970cb9d50f3.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions50970cb9d50ba@50970cb9d50f3.com.xpi

FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com

FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com

FF - ExtSQL: 2012-12-16 16:53; wrc@avast.com; c:program filesAVAST SoftwareAvastWebRepFF

FF - ExtSQL: !HIDDEN! 2012-11-12 13:26; 63ffxtbr@APlusGamer_63.com; c:program files (x86)APlusGamer_63bar1.bin

FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:program files (x86)MindDabble_4pbar1.bin

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

.

.

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001services{73526619-C24F-470B-9BED-53D455FBB5C6}]

"ImagePath"="??c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"scansk"=hex(0):c5,88,12,3d,a1,66,02,aa,b6,69,27,77,2a,36,ce,6b,62,5d,c5,5b,dd,

32,c3,0e,3c,fd,35,14,a9,f8,c3,8a,76,15,a2,42,fb,fb,4e,66,00,00,00,00,00,00,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]

@Denied: (Full) (Everyone)

"scansk"=hex(0):92,20,a6,2c,ac,da,97,ad,d1,24,a3,f8,5b,7f,d7,fc,ab,59,6e,1b,bf,

51,95,0a,ae,4d,7b,37,63,5b,fa,ad,73,d0,1a,32,83,42,de,9e,00,00,00,00,00,00,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{b5572adb-f71b-41a1-ad6e-0832b120e9ea}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"Model"=dword:000000f0

"Therad"=dword:0000001e

"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,

38,95,44,85,b1,12,f9,90,dd,23,a1,46,8f,3c,f2,5c,68,ee,21,c4,91,5d,38,fc,54,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{c9fa1039-b2b9-4ecb-85ad-32f7d18bc0ed}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"Model"=dword:0000012c

"Therad"=dword:00000001

"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,

1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32]

@="c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32]

@="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:program filesAVAST SoftwareAvastAvastSvc.exe

c:program files (x86)Common FilesAdobeARM1.0armsvc.exe

c:program files (x86)Malwarebytes' Anti-Malwarembamgui.exe

c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe

c:program files (x86)CyberLinkShared filesRichVideo.exe

c:program files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe

c:program files (x86)SamsungEasy Display ManagerWifiManager.exe

c:program files (x86)CyberLinkYouCamYCMMirage.exe

c:program files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe

c:program files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe

c:program files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe

c:program files (x86)SamsungSamsung Support CenterSSCKbdHk.exe

c:program files (x86)SamsungSamsung Update PlusSUPBackground.exe

.

**************************************************************************

.

Completion time: 2012-12-18 12:54:06 - machine was rebooted

ComboFix-quarantined-files.txt 2012-12-18 18:54

ComboFix2.txt 2012-12-11 00:42

ComboFix3.txt 2012-12-03 17:11

.

Pre-Run: 70,461,120,512 bytes free

Post-Run: 69,844,963,328 bytes free

.

- - End Of File - - 5AA7B7A2BCB6992362D1694C17AC39A4

 

 

CKScanner 2.1 - Additional Security Risks - These are not necessarily bad

c:new folder (2)desktopaudio record wizard 3.99 inc crack - mast3r-.rar

c:new folder (2)desktop itemsdesktopaudio record wizard 3.99 inc crack - mast3r-.rar

c:new folder (2)geek squad backup 07.09.2012backup continuedadobeadobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html

c:new folder (2)geek squad backup 07.09.2012downloadsprogramsaudio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe

c:program filesgimp 2sharegimp2.0patternscracked.pat

c:program files (x86)kurzweil educational systemskurzweil 3000crack.exe

c:qooboxquarantinecnew folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe.vir

c:qooboxquarantinecnew folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo.vir

c:qooboxquarantinecnew folder (2)desktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url.vir

c:qooboxquarantinecnew folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo.vir

c:qooboxquarantinecnew folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url.vir

c:qooboxquarantinecnew folder (2)desktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe.vir

c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe.vir

c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo.vir

c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdanydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url.vir

c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo.vir

c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url.vir

c:qooboxquarantinecnew folder (2)desktop itemsdesktopcopy to dvdclonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe.vir

c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg].exe.vir

c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.nfo.vir

c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2anydvd & anydvd hd v6.9.1.0 final + crack [chattchitto rg]chattchitto rg.url.vir

c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgavsaudioeditor.exe.vir

c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgf4cg.nfo.vir

c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgread me.txt.vir

c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2avs.audio.editor.v7.1.3.444.cracked-f4cgsetup.exe.vir

c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.nfo.vir

c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]chattchitto rg.url.vir

c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2clonedvd v2.9.2.8 + keygen [chattchitto rg]clonedvd v2.9.2.8 + keygen [chattchitto rg].exe.vir

c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]chattchitto rg.nfo.vir

c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]chattchitto rg.url.vir

c:qooboxquarantinecnew folder (2)geek squad backup 07.09.2012backup continued2mov2copyto v5.1.0.2 + crack [chattchitto rg]copyto v5.1.0.2 + crack [ch

Share this post


Link to post
Share on other sites

Hello goofy1139

 

I get this message 'illegal operation attempted on a registry key that been marked for deletion'

Reboot your machine and the message will go away. This is a known (harmless) issue with Combofix and a reboot solves the problem.

 

It looks like we missed some of those cracked and keygened entries:

  • Please work through the following steps

  • Hold down the Windows key (has the Windows symbol on it) and press the "R" key. A Run box will open. Type in Notepad and press Enter then click on "OK").
  • NOTE: Do not Use Wordpad or any other text editor except Notepad or the script will fail.
  • Copy and Paste the text in the quotebox below into the open Notepad window:

     

    File::

    c:\new folder (2)\desktop\audio record wizard 3.99 inc crack - mast3r-.rar

    c:\new folder (2)\desktop items\desktop\audio record wizard 3.99 inc crack - mast3r-.rar

    c:\new folder (2)\geek squad backup 07.09.2012\backup continued\adobe\adobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html

    c:\new folder (2)\geek squad backup 07.09.2012\downloads\programs\audio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe

    c:\program files (x86)\kurzweil educational systems\kurzweil 3000\crack.exe

     

     

  • Save this as "CFScript.txt" (including the quotation marks), change the "Save as type" to "All Files" and save it to your desktop.
  • Close any open browsers.
  • Disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Refering to the picture below, drag CFScript.txt into ComboFix.exe

     

    Posted Image

  • When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
  • Once the log is produced, re-engage your resident anti virus.
Post the Combofix log in your next reply.

 

Share this post


Link to post
Share on other sites

Hello JonTom,

 

Here is the log

 

ComboFix 12-12-19.02 - Owner 12/19/2012 12:37:13.4.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6056.4369 [GMT -6:00]

Running from: c:usersOwnerDesktopComboFix.exe

Command switches used :: c:usersOwnerDesktopCFScript.txt

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:new folder (2)desktop itemsdesktopaudio record wizard 3.99 inc crack - mast3r-.rar"

"c:new folder (2)desktopaudio record wizard 3.99 inc crack - mast3r-.rar"

"c:new folder (2)geek squad backup 07.09.2012backup continuedadobeadobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html"

"c:new folder (2)geek squad backup 07.09.2012downloadsprogramsaudio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe"

"c:program files (x86)kurzweil educational systemskurzweil 3000crack.exe"

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:new folder (2)desktop itemsdesktopaudio record wizard 3.99 inc crack - mast3r-.rar

c:new folder (2)desktopaudio record wizard 3.99 inc crack - mast3r-.rar

c:new folder (2)geek squad backup 07.09.2012backup continuedadobeadobe-creative-suite-5-production-premium-retail-keygen-wl-t4065705.html

c:new folder (2)geek squad backup 07.09.2012downloadsprogramsaudio_record_wizard_3_99_inc_crack_mast3r_downloader_348.exe

c:program files (x86)kurzweil educational systemskurzweil 3000crack.exe

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------Legacy_NPF

-------Service_NPF

.

.

((((((((((((((((((((((((( Files Created from 2012-11-19 to 2012-12-19 )))))))))))))))))))))))))))))))

.

.

2012-12-19 19:14 . 2012-12-19 19:14 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp

2012-12-19 19:14 . 2012-12-19 19:14 -------- d-----w- c:usersDefaultAppDataLocaltemp

2012-12-18 13:42 . 2012-11-08 17:24 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{E0C11D25-2DC5-4B71-8976-A4767590840B}mpengine.dll

2012-12-16 22:46 . 2012-10-30 23:51 370288 ----a-w- c:windowssystem32driversaswSP.sys

2012-12-16 22:46 . 2012-10-30 23:51 25232 ----a-w- c:windowssystem32driversaswFsBlk.sys

2012-12-16 22:46 . 2012-10-15 16:59 54072 ----a-w- c:windowssystem32driversaswRdr2.sys

2012-12-16 22:46 . 2012-10-30 23:51 59728 ----a-w- c:windowssystem32driversaswTdi.sys

2012-12-16 22:46 . 2012-10-30 23:51 984144 ----a-w- c:windowssystem32driversaswSnx.sys

2012-12-16 22:46 . 2012-10-30 23:51 71600 ----a-w- c:windowssystem32driversaswMonFlt.sys

2012-12-16 22:46 . 2012-10-30 23:51 41224 ----a-w- c:windowsavastSS.scr

2012-12-16 22:45 . 2012-10-30 23:50 227648 ----a-w- c:windowsSysWow64aswBoot.exe

2012-12-16 22:06 . 2012-12-16 22:07 -------- d-----w- c:usersOwnerAppDataLocalNETGEARGenie

2012-12-16 22:06 . 2012-12-16 22:06 369168 ----a-w- c:windowssystem32wpcap.dll

2012-12-16 22:06 . 2012-12-16 22:06 35344 ----a-w- c:windowssystem32driversnpf.sys

2012-12-16 22:06 . 2012-12-16 22:06 106000 ----a-w- c:windowssystem32packet.dll

2012-12-16 22:06 . 2012-12-16 22:06 -------- d-----w- c:program files (x86)NETGEAR Genie

2012-12-14 20:48 . 2012-12-14 20:48 -------- d-----w- c:program files (x86)uTorrent

2012-12-14 13:06 . 2012-11-14 07:06 17811968 ----a-w- c:windowssystem32mshtml.dll

2012-12-14 13:06 . 2012-11-14 06:32 10925568 ----a-w- c:windowssystem32ieframe.dll

2012-12-13 11:57 . 2012-11-02 05:59 478208 ----a-w- c:windowssystem32dpnet.dll

2012-12-13 11:57 . 2012-11-02 05:11 376832 ----a-w- c:windowsSysWow64dpnet.dll

2012-12-12 21:34 . 2012-12-13 00:47 -------- d-----w- c:usersOwnerAppDataRoamingatunes

2012-12-12 21:33 . 2012-12-12 21:33 -------- d-----w- c:program files (x86)aTunes

2012-12-12 17:44 . 2012-12-12 17:44 -------- d-----w- c:program files (x86)CheckPoint

2012-12-10 15:12 . 2012-12-10 15:12 -------- d-----w- C:FRACTURE EXTRAS

2012-12-05 17:06 . 2012-11-29 08:27 96224 ----a-w- c:program files (x86)Mozilla Firefoxwebapprt-stub.exe

2012-12-05 17:06 . 2012-11-29 08:27 270816 ----a-w- c:program files (x86)Mozilla Firefoxupdater.exe

2012-12-05 17:06 . 2012-11-29 08:27 157272 ----a-w- c:program files (x86)Mozilla Firefoxwebapp-uninstaller.exe

2012-12-05 17:06 . 2012-11-29 08:27 73696 ----a-w- c:program files (x86)Mozilla Firefoxbreakpadinjector.dll

2012-11-30 15:39 . 2012-11-30 21:47 -------- d-----w- c:program files (x86)Malwarebytes' Anti-Malware

2012-11-30 15:39 . 2012-09-30 01:54 25928 ----a-w- c:windowssystem32driversmbam.sys

2012-11-30 14:16 . 2012-11-30 14:16 -------- d-----w- c:windowsERUNT

2012-11-30 14:15 . 2012-12-06 01:06 -------- d-----w- C:JRT

2012-11-27 17:18 . 2012-12-12 19:11 -------- d-----w- C:FRST

2012-11-25 02:04 . 2012-12-05 19:46 -------- d-----w- c:usersOwnerAppDataLocalElevatedDiagnostics

2012-11-24 14:58 . 2011-05-30 13:42 240640 ----a-w- c:windowsSysWow64xvidvfw.dll

2012-11-24 14:58 . 2011-05-30 13:42 255488 ----a-w- c:windowssystem32xvidvfw.dll

2012-11-24 14:58 . 2011-05-23 09:52 153088 ----a-w- c:windowsSysWow64xvid.ax

2012-11-24 14:58 . 2011-05-23 07:49 173568 ----a-w- c:windowssystem32xvid.ax

2012-11-24 14:58 . 2011-05-23 07:46 645632 ----a-w- c:windowsSysWow64xvidcore.dll

2012-11-24 14:58 . 2011-05-23 07:45 696832 ----a-w- c:windowssystem32xvidcore.dll

2012-11-24 14:57 . 2012-11-24 14:57 -------- d-----w- c:usersOwner.bitrock

2012-11-24 01:49 . 2012-11-24 14:58 -------- d-----w- c:program files (x86)Xvid

2012-11-21 18:48 . 2010-11-26 23:02 17720 ----a-w- c:windowssystem32driversSmartDefragDriver.sys

2012-11-21 14:17 . 2012-11-21 14:19 -------- d-----w- c:program files (x86)MeadCo Neptune

2012-11-20 22:16 . 2012-12-12 16:25 -------- dc----w- c:windowssystem32DRVSTORE

2012-11-20 22:15 . 2012-11-20 22:15 -------- d-----w- c:usersOwnerAppDataRoamingCheckPoint

2012-11-20 21:46 . 2012-12-12 17:44 -------- d-----w- c:programdataCheckPoint

2012-11-20 18:23 . 2012-11-20 18:23 -------- d-----w- c:usersOwnerAppDataRoamingMalwarebytes

2012-11-20 18:22 . 2012-11-20 18:22 -------- d-----w- c:programdataMalwarebytes

2012-11-20 16:27 . 2012-11-20 16:27 -------- d-----w- c:programdataPCPitstop

2012-11-20 16:25 . 2012-11-21 15:57 -------- d-----w- c:program files (x86)PCPitstop

2012-11-20 11:53 . 2012-11-20 11:53 -------- d-----w- c:usersOwnerAppDataRoamingConverterLite

2012-11-20 01:03 . 2012-11-20 01:03 -------- d-----w- c:usersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012)

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-14 13:10 . 2012-07-25 12:45 67413224 ----a-w- c:windowssystem32MRT.exe

2012-12-12 17:57 . 2012-07-31 00:28 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe

2012-12-12 17:57 . 2012-07-31 00:28 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl

2012-11-24 01:35 . 2012-10-06 20:26 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll

2012-11-15 01:51 . 2012-11-15 01:51 62976 ----a-w- c:windowssystem32TSWbPrxy.exe

2012-11-15 01:51 . 2012-11-15 01:51 57856 ----a-w- c:windowssystem32driversTsUsbFlt.sys

2012-11-15 01:51 . 2012-11-15 01:51 5773824 ----a-w- c:windowssystem32mstscax.dll

2012-11-15 01:51 . 2012-11-15 01:51 54272 ----a-w- c:windowssystem32MsRdpWebAccess.dll

2012-11-15 01:51 . 2012-11-15 01:51 4916224 ----a-w- c:windowsSysWow64mstscax.dll

2012-11-15 01:51 . 2012-11-15 01:51 46592 ----a-w- c:windowsSysWow64MsRdpWebAccess.dll

2012-11-15 01:51 . 2012-11-15 01:51 44032 ----a-w- c:windowssystem32tsgqec.dll

2012-11-15 01:51 . 2012-11-15 01:51 43520 ----a-w- c:windowssystem32TsUsbGDCoInstaller.dll

2012-11-15 01:51 . 2012-11-15 01:51 384000 ----a-w- c:windowssystem32wksprt.exe

2012-11-15 01:51 . 2012-11-15 01:51 37376 ----a-w- c:windowsSysWow64tsgqec.dll

2012-11-15 01:51 . 2012-11-15 01:51 322560 ----a-w- c:windowssystem32aaclient.dll

2012-11-15 01:51 . 2012-11-15 01:51 3174912 ----a-w- c:windowssystem32rdpcorets.dll

2012-11-15 01:51 . 2012-11-15 01:51 269312 ----a-w- c:windowsSysWow64aaclient.dll

2012-11-15 01:51 . 2012-11-15 01:51 243200 ----a-w- c:windowssystem32rdpudd.dll

2012-11-15 01:51 . 2012-11-15 01:51 228864 ----a-w- c:windowssystem32rdpendp_winip.dll

2012-11-15 01:51 . 2012-11-15 01:51 19456 ----a-w- c:windowssystem32driversrdpvideominiport.sys

2012-11-15 01:51 . 2012-11-15 01:51 192000 ----a-w- c:windowsSysWow64rdpendp_winip.dll

2012-11-15 01:51 . 2012-11-15 01:51 18432 ----a-w- c:windowssystem32wksprtPS.dll

2012-11-15 01:51 . 2012-11-15 01:51 16896 ----a-w- c:windowsSysWow64wksprtPS.dll

2012-11-15 01:51 . 2012-11-15 01:51 15360 ----a-w- c:windowssystem32RdpGroupPolicyExtension.dll

2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyExtension.dll

2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyControl.exe

2012-11-15 01:51 . 2012-11-15 01:51 1123840 ----a-w- c:windowssystem32mstsc.exe

2012-11-15 01:51 . 2012-11-15 01:51 1048064 ----a-w- c:windowsSysWow64mstsc.exe

2012-11-15 01:50 . 2012-11-15 01:50 96768 ----a-w- c:windowsSysWow64sspicli.dll

2012-11-15 01:50 . 2012-11-15 01:50 458712 ----a-w- c:windowssystem32driverscng.sys

2012-11-15 01:50 . 2012-11-15 01:50 340992 ----a-w- c:windowssystem32schannel.dll

2012-11-15 01:50 . 2012-11-15 01:50 307200 ----a-w- c:windowssystem32ncrypt.dll

2012-11-15 01:50 . 2012-11-15 01:50 247808 ----a-w- c:windowsSysWow64schannel.dll

2012-11-15 01:50 . 2012-11-15 01:50 220160 ----a-w- c:windowsSysWow64ncrypt.dll

2012-11-15 01:50 . 2012-11-15 01:50 22016 ----a-w- c:windowsSysWow64secur32.dll

2012-11-15 01:50 . 2012-11-15 01:50 154480 ----a-w- c:windowssystem32driversksecpkg.sys

2012-11-15 01:50 . 2012-11-15 01:50 1448448 ----a-w- c:windowssystem32lsasrv.dll

2012-11-15 01:49 . 2012-11-15 01:49 514560 ----a-w- c:windowsSysWow64qdvd.dll

2012-11-15 01:49 . 2012-11-15 01:49 366592 ----a-w- c:windowssystem32qdvd.dll

2012-11-14 20:32 . 2012-11-14 20:32 30568 ----a-w- c:windowssystem32driversavgtpx64.sys

2012-11-01 18:31 . 2012-11-01 18:31 40712 ----a-w- c:windowssystem32driverstaphss6.sys

2012-11-01 18:25 . 2012-11-01 18:25 42248 ----a-w- c:windowssystem32drivershssdrv6.sys

2012-10-30 23:50 . 2012-08-03 22:43 285328 ----a-w- c:windowssystem32aswBoot.exe

2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:windowsSysWow64QuickTimeVR.qtx

2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:windowsSysWow64QuickTime.qts

2012-10-22 22:34 . 2012-10-22 22:34 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll

2012-10-22 22:34 . 2012-10-22 22:35 821736 ----a-w- c:windowsSysWow64npDeployJava1.dll

2012-10-22 22:34 . 2012-10-22 22:35 746984 ----a-w- c:windowsSysWow64deployJava1.dll

2012-10-17 13:39 . 2012-10-17 13:39 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCore-2Microsoft.MediaCenter.Sports.UI.dll

2012-10-17 13:39 . 2012-10-17 13:39 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkup-2markup.dll

2012-10-17 13:37 . 2012-10-17 13:37 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSM-2StartResources.dll

2012-10-16 08:38 . 2012-12-13 11:57 135168 ----a-w- c:windowsapppatchAppPatch64AcXtrnal.dll

2012-10-16 08:38 . 2012-12-13 11:57 350208 ----a-w- c:windowsapppatchAppPatch64AcLayers.dll

2012-10-16 07:39 . 2012-12-13 11:57 561664 ----a-w- c:windowsapppatchAcLayers.dll

2012-10-09 18:17 . 2012-11-15 12:36 55296 ----a-w- c:windowssystem32dhcpcsvc6.dll

2012-10-09 18:17 . 2012-11-15 12:36 226816 ----a-w- c:windowssystem32dhcpcore6.dll

2012-10-09 17:40 . 2012-11-15 12:36 44032 ----a-w- c:windowsSysWow64dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-15 12:36 193536 ----a-w- c:windowsSysWow64dhcpcore6.dll

2012-10-06 20:26 . 2012-10-06 20:26 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkupmarkup.dll

2012-10-06 20:26 . 2012-10-06 20:26 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSMStartResources.dll

2012-10-06 20:26 . 2012-10-06 20:26 539984 ----a-w- c:programdataMicrosofteHomePackagesMCESpotlightMCESpotlightSpotlightResources.dll

2012-10-04 16:40 . 2012-12-13 11:58 44032 ----a-w- c:windowsapppatchacwow64.dll

2012-10-03 17:56 . 2012-11-17 17:59 1914248 ----a-w- c:windowssystem32driverstcpip.sys

2012-10-03 17:44 . 2012-11-17 17:59 70656 ----a-w- c:windowssystem32nlaapi.dll

2012-10-03 17:44 . 2012-11-17 17:59 303104 ----a-w- c:windowssystem32nlasvc.dll

2012-10-03 17:44 . 2012-11-17 17:59 246272 ----a-w- c:windowssystem32netcorehc.dll

2012-10-03 17:44 . 2012-11-17 17:59 18944 ----a-w- c:windowssystem32netevent.dll

2012-10-03 17:44 . 2012-11-17 17:59 216576 ----a-w- c:windowssystem32ncsi.dll

2012-10-03 17:42 . 2012-11-17 17:59 569344 ----a-w- c:windowssystem32iphlpsvc.dll

2012-10-03 16:42 . 2012-11-17 17:59 18944 ----a-w- c:windowsSysWow64netevent.dll

2012-10-03 16:42 . 2012-11-17 17:59 175104 ----a-w- c:windowsSysWow64netcorehc.dll

2012-10-03 16:42 . 2012-11-17 17:59 156672 ----a-w- c:windowsSysWow64ncsi.dll

2012-10-03 16:07 . 2012-11-17 17:59 45568 ----a-w- c:windowssystem32driverstcpipreg.sys

2012-09-25 22:47 . 2012-11-15 12:31 78336 ----a-w- c:windowsSysWow64synceng.dll

2012-09-25 22:46 . 2012-11-15 12:31 95744 ----a-w- c:windowssystem32synceng.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{30C456C5-0E73-2343-38F0-D9F9CF8B0F52}]

2012-10-28 14:44 129024 ----a-w- c:programdataVaudix508d44c452574.ocx

.

[HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE}]

2012-10-28 14:36 129024 ----a-w- c:programdataVaudix508d42f54b62d.ocx

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar]

"{8945176c-2823-4272-9735-873e75bfe1b4}"= "c:program files (x86)APlusGamer_63bar1.bin63bar.dll" [bU]

.

[HKEY_CLASSES_ROOTclsid{8945176c-2823-4272-9735-873e75bfe1b4}]

.

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"IDMan"="c:program files (x86)Internet Download ManagerIDMan.exe" [2012-09-01 3528128]

"Xvid"="c:program files (x86)XvidCheckUpdate.exe" [2011-01-17 8192]

"Spotify Web Helper"="c:usersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe" [2012-10-28 1199576]

"NETGEARGenie"="c:program files (x86)NETGEAR GeniebinNETGEARGenie.exe" [2012-10-16 1041736]

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]

"CLMLServer"="c:program files (x86)CyberLinkPower2GoCLMLSvc.exe" [2009-11-02 103720]

"Samsung PanelMgr"="c:windowsSamsungPanelMgrSSMMgr.exe" [2010-06-08 618496]

"UVS10 Preload"="c:program files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe" [2006-03-07 36864]

"UpdatePPShortCut"="c:program files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" [2009-05-20 222504]

"Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-27 919008]

"SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848]

"APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-10-12 59280]

"PowerDVD12DMREngine"="c:program files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [2012-09-19 505872]

"PowerDVD12Agent"="c:program files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [2012-09-19 374560]

"QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-10-25 421888]

"avast"="c:program filesAVAST SoftwareAvastavastUI.exe" [2012-10-30 4297136]

.

c:usersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

MagicDisc.lnk - c:program files (x86)MagicDiscMagicDisc.exe [2012-9-15 576000]

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:windowsSysWOW64nvinit.dll

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32]

"wave6"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576]

R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944]

R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:windowssystem32DRIVERSAVerPola.sys [2011-01-04 534144]

R3 BBUpdate;BBUpdate;c:program files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe [2012-02-10 240408]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:program filesIntelWiFibinPanDhcpDns.exe [2011-01-05 340240]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2012-11-15 19456]

R3 Samsung UPD Service;Samsung UPD Service;c:windowsSystem32SUPDSvc.exe [2010-08-09 166704]

R3 StkCMini;Syntek AVStream USB2.0 ATV;c:windowssystem32DriversStkCMini.sys [2010-04-16 1816968]

R3 taphss6;Anchorfree HSS VPN Adapter;c:windowssystem32DRIVERStaphss6.sys [2012-11-01 40712]

R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2012-11-15 57856]

R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2012-07-25 1255736]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32DRIVERSwdcsam64.sys [2008-05-06 14464]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 57184]

S0 nvpciflt;nvpciflt;c:windowssystem32DRIVERSnvpciflt.sys [2010-12-14 25576]

S0 SmartDefragDriver;SmartDefragDriver;c:windowsSystem32DriversSmartDefragDriver.sys [2010-11-26 17720]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-14 30568]

S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:windowssystem32DriversSABI.sys [2009-05-28 13824]

S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34];c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-09-19 22:12 147704]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2012-10-30 71600]

S2 BBSvc;BingBar Service;c:program files (x86)MicrosoftBingBar7.1.361.0BBSvc.exe [2012-02-10 193816]

S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-09-19 90640]

S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-09-19 78352]

S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-09-19 295440]

S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:program filesIntelWiMAXBinDMAgent.exe [2011-06-06 498688]

S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.sys [2012-08-02 158944]

S2 MBAMScheduler;MBAMScheduler;c:program files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [2012-09-30 399432]

S2 MBAMService;MBAMService;c:program files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2012-09-30 676936]

S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:program files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe [2012-09-25 231752]

S2 nlsX86cc;Nalpeiron Licensing Service;c:windowsSysWOW64nlssrv32.exe [2010-11-22 66560]

S2 ntk_PowerDVD12;ntk_PowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-06-20 83704]

S2 UNS;Intel® Management and Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-10-06 2655768]

S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:program filesIntelWiMAXBinAppSrv.exe [2011-06-06 986112]

S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:windowssystem32DRIVERSbpenum.sys [2011-05-19 84480]

S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:windowssystem32DRIVERSbpmp.sys [2011-05-19 182272]

S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:windowssystem32Driversbpusb.sys [2011-05-19 83968]

S3 clwvd;CyberLink WebCam Virtual Driver;c:windowssystem32DRIVERSclwvd.sys [2010-11-10 31088]

S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys [2010-11-12 138024]

S3 IntcDAud;Intel® Display Audio;c:windowssystem32DRIVERSIntcDAud.sys [2010-10-15 317440]

S3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [2012-09-30 25928]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:windowssystem32DRIVERSnusb3hub.sys [2010-10-11 80384]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:windowssystem32DRIVERSnusb3xhc.sys [2010-10-11 180736]

S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2011-06-10 539240]

S3 wdkmd;Intel WiDi KMD;c:windowssystem32DRIVERSWDKMD.sys [2010-11-30 42392]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - NPF

.

Contents of the 'Scheduled Tasks' folder

.

2012-12-19 c:windowsTasksAdobe Flash Player Updater.job

- c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-31 17:57]

.

2012-12-19 c:windowsTasksSlimDrivers Startup.job

- c:program files (x86)SlimDriversSlimDrivers.exe [2012-10-14 21:29]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}]

2012-10-30 23:50 133400 ----a-w- c:program filesAVAST SoftwareAvastashShA64.dll

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersIDM Shell Extension]

@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"

[HKEY_CLASSES_ROOTCLSID{CDC95B92-E27C-4745-A8C5-64A52A78855D}]

2012-02-08 00:49 23432 ----a-w- c:program files (x86)Internet Download ManagerIDMShellExt64.dll

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"IgfxTray"="c:windowssystem32igfxtray.exe" [2011-01-04 167960]

"HotKeysCmds"="c:windowssystem32hkcmd.exe" [2011-01-04 391704]

"Persistence"="c:windowssystem32igfxpers.exe" [2011-01-04 417304]

"RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2010-11-30 11660904]

"IntelWireless"="c:program filesCommon FilesIntelWirelessCommoniFrmewrk.exe" [2011-01-05 1933584]

"ETDCtrl"="c:program files (x86)ElantechETDCtrl.exe" [bU]

"IntelWirelessWiMAX"="c:program filesIntelWiMAXBinWiMAXCU.exe" [2011-06-02 1622016]

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]

"AppInit_DLLs"=c:windowsSystem32nvinitx.dll

.

------- Supplementary Scan -------

.

uLocal Page = c:windowssystem32blank.htm

mStart Page = hxxp://samsung.msn.com

mLocal Page = c:windowsSysWOW64blank.htm

IE: Download all links with IDM - c:program files (x86)Internet Download ManagerIEGetAll.htm

IE: Download with IDM - c:program files (x86)Internet Download ManagerIEExt.htm

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default

FF - ExtSQL: 2012-11-04 18:39; 50970cb9d50ba@50970cb9d50f3.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions50970cb9d50ba@50970cb9d50f3.com.xpi

FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com

FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com

FF - ExtSQL: 2012-12-16 16:53; wrc@avast.com; c:program filesAVAST SoftwareAvastWebRepFF

FF - ExtSQL: !HIDDEN! 2012-11-12 13:26; 63ffxtbr@APlusGamer_63.com; c:program files (x86)APlusGamer_63bar1.bin

FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:program files (x86)MindDabble_4pbar1.bin

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

.

.

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001services{73526619-C24F-470B-9BED-53D455FBB5C6}]

"ImagePath"="??c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"scansk"=hex(0):c5,88,12,3d,a1,66,02,aa,b6,69,27,77,2a,36,ce,6b,62,5d,c5,5b,dd,

32,c3,0e,3c,fd,35,14,a9,f8,c3,8a,76,15,a2,42,fb,fb,4e,66,00,00,00,00,00,00,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]

@Denied: (Full) (Everyone)

"scansk"=hex(0):92,20,a6,2c,ac,da,97,ad,d1,24,a3,f8,5b,7f,d7,fc,ab,59,6e,1b,bf,

51,95,0a,ae,4d,7b,37,63,5b,fa,ad,73,d0,1a,32,83,42,de,9e,00,00,00,00,00,00,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{b5572adb-f71b-41a1-ad6e-0832b120e9ea}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"Model"=dword:000000f0

"Therad"=dword:0000001e

"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,

38,95,44,85,b1,12,f9,90,dd,23,a1,46,8f,3c,f2,5c,68,ee,21,c4,91,5d,38,fc,54,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{c9fa1039-b2b9-4ecb-85ad-32f7d18bc0ed}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"Model"=dword:0000012c

"Therad"=dword:00000001

"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,

1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32]

@="c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32]

@="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:program filesAVAST SoftwareAvastAvastSvc.exe

c:program files (x86)Common FilesAdobeARM1.0armsvc.exe

c:program files (x86)IObitSmart Defrag 2SmartDefrag.exe

c:program files (x86)Malwarebytes' Anti-Malwarembamgui.exe

c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe

c:program files (x86)CyberLinkShared filesRichVideo.exe

c:program files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe

c:program files (x86)SamsungEasy Display ManagerWifiManager.exe

c:program files (x86)CyberLinkYouCamYCMMirage.exe

c:program files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe

c:program files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe

c:program files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe

c:program files (x86)SamsungSamsung Support CenterSSCKbdHk.exe

c:program files (x86)SamsungSamsung Update PlusSUPBackground.exe

.

**************************************************************************

.

Completion time: 2012-12-19 13:30:59 - machine was rebooted

ComboFix-quarantined-files.txt 2012-12-19 19:30

ComboFix2.txt 2012-12-18 18:54

ComboFix3.txt 2012-12-11 00:42

ComboFix4.txt 2012-12-03 17:11

.

Pre-Run: 69,682,040,832 bytes free

Post-Run: 68,463,153,152 bytes free

.

- - End Of File - - 0481626A4B6A61C9577CD2CEFC3C58FB

Share this post


Link to post
Share on other sites

Hello goofy1139

 

Thank you for the log.

  • Please work through the following steps

    • Hold down the Windows key (has the Windows symbol on it) and press the "R" key. A Run box will open. Type in Notepad and press Enter then click on "OK").
    • NOTE: Do not Use Wordpad or any other text editor except Notepad or the script will fail.
    • Copy and Paste the text in the quotebox below into the open Notepad window:

       

      File::

      c:\programdata\Vaudix\508d44c452574.ocx

      c:\programdata\Vaudix\508d42f54b62d.ocx

      c:\program files (x86)\APlusGamer_63\bar\1.bin\63bar.dll

       

      Folder::

      c:\programdata\Vaudix

      c:\program files (x86)\APlusGamer_63

       

      Registry::

      [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30C456C5-0E73-2343-38F0-D9F9CF8B0F52}]

      [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE}]

      [-HKEY_CLASSES_ROOT\clsid\{8945176c-2823-4272-9735-873e75bfe1b4}]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

      "{8945176c-2823-4272-9735-873e75bfe1b4}"=-

       

      Firefox::

      FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\nww68hdh.default\

      FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\nww68hdh.default\extensions\63ffxtbr@APlusGamer_63.com

      FF - ExtSQL: !HIDDEN! 2012-11-12 13:26; 63ffxtbr@APlusGamer_63.com; c:\program files (x86)\APlusGamer_63\bar\1.bin

       

       

       

    • Save this as "CFScript.txt" (including the quotation marks), change the "Save as type" to "All Files" and save it to your desktop.
    • Close any open browsers.
    • Disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Refering to the picture below, drag CFScript.txt into ComboFix.exe

       

      Posted Image

    • When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
    • Once the log is produced, re-engage your resident anti virus.
  • Temporary File Cleaner

    • Download TFC to your desktop.
    • Close any open windows.
    • Right click the TFC icon and select "Run as Administrator" to run the program.
    • TFC will close all open programs itself in order to run.
    • Click the Start button to begin the process.
    • Allow TFC to run uninterrupted.
    • The program should not take long to finish.
    • Once complete it should automatically reboot your machine.
    • If your machine does not reboot automatically, manually reboot to ensure a complete clean.
    • Note: After running TFC your machine may take slightly longer to boot the first time. This is normal.
  • MalwareBytes AntiMalware:

    • I can see that you have MBAM installed.
    • Double click on your MalwareBytes AntiMalware icon to launch the program.
    • Click on the "Update" tab and then on "Check for Updates".
    • The program will now install the latest Malware definition files.
    • Once complete, click on the "Scanner" tab, select "Perform Quick Scan"and then click on "Scan".
    • Once the program has scanned your computer, a log file will be created in Notepad.
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • If the scan detects any Malware-related objects, make sure that everything is checked, and click "Remove Selected" <– Very Important.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to restart your computer.
    • The log is automatically saved by MBAM and can be viewed by clicking the "Logs" tab.
    • Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart your computer, please do so immediately.
    • Come back here to this thread and Paste the log in your next reply.
    Please post the Combofix log and the MBAM log in your next reply and let me know how the machine is running.

Share this post


Link to post
Share on other sites

Hello JonTom

 

Here are some more logs

 

ComboFix 12-12-19.02 - Owner 12/19/2012 18:01:35.5.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6056.4263 [GMT -6:00]

Running from: c:usersOwnerDesktopComboFix.exe

Command switches used :: c:usersOwnerDesktopCFScript.txt

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

FILE ::

"c:program files (x86)APlusGamer_63bar1.bin63bar.dll"

"c:programdataVaudix508d42f54b62d.ocx"

"c:programdataVaudix508d44c452574.ocx"

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:program files (x86)APlusGamer_63

c:program files (x86)APlusGamer_63bar1.bin63sknlcr.dll

c:program files (x86)APlusGamer_63bar1.binBOOTSTRAP.JS

c:program files (x86)APlusGamer_63bar1.binCHROME.MANIFEST

c:program files (x86)APlusGamer_63bar1.binchrome63ffxtbr.jar

c:program files (x86)APlusGamer_63bar1.binCREXT.DLL

c:program files (x86)APlusGamer_63bar1.binCrExtP63.exe

c:program files (x86)APlusGamer_63bar1.binINSTALL.RDF

c:program files (x86)APlusGamer_63bar1.bininstallKeys.js

c:program files (x86)APlusGamer_63bar1.binLOGO.BMP

c:program files (x86)APlusGamer_63bar1.binT8EXTEX.DLL

c:program files (x86)APlusGamer_63bar1.binT8EXTPEX.DLL

c:program files (x86)APlusGamer_63bar1.binT8RES.DLL

c:program files (x86)APlusGamer_63bar1.binT8TICKER.DLL

c:program files (x86)APlusGamer_63bargen1COMMON.T8S

c:program files (x86)APlusGamer_63barIE9MesgCOMMON.T8S

c:program files (x86)APlusGamer_63barMessageCOMMON.T8S

c:program files (x86)APlusGamer_63barSettingss_pid.dat

c:programdataVaudix

c:programdataVaudix508d42f54b62d.ocx

c:programdataVaudix508d42f54b665.html

c:programdataVaudix508d42f54b69e.js

c:programdataVaudix508d44c452574.ocx

c:programdataVaudix508d44c452586.html

c:programdataVaudix508d44c4525bf.js

c:programdataVaudixdata508d44c4525bf.js

c:programdataVaudixdatajsondb.js

c:programdataVaudixhgbabfgaggnigfjbbpofjcilobgblhfe.crx

c:programdataVaudixmhbmcdlkpglhfnacbbdomfcikpkkhgkb.crx

c:programdataVaudixsettings.ini

c:programdataVaudixuninstall.exe

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------Legacy_NPF

-------Service_NPF

.

.

((((((((((((((((((((((((( Files Created from 2012-11-20 to 2012-12-20 )))))))))))))))))))))))))))))))

.

.

2012-12-20 00:37 . 2012-12-20 00:37 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp

2012-12-20 00:37 . 2012-12-20 00:37 -------- d-----w- c:usersDefaultAppDataLocaltemp

2012-12-18 13:42 . 2012-11-08 17:24 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{E0C11D25-2DC5-4B71-8976-A4767590840B}mpengine.dll

2012-12-16 22:46 . 2012-10-30 23:51 370288 ----a-w- c:windowssystem32driversaswSP.sys

2012-12-16 22:46 . 2012-10-30 23:51 25232 ----a-w- c:windowssystem32driversaswFsBlk.sys

2012-12-16 22:46 . 2012-10-15 16:59 54072 ----a-w- c:windowssystem32driversaswRdr2.sys

2012-12-16 22:46 . 2012-10-30 23:51 59728 ----a-w- c:windowssystem32driversaswTdi.sys

2012-12-16 22:46 . 2012-10-30 23:51 984144 ----a-w- c:windowssystem32driversaswSnx.sys

2012-12-16 22:46 . 2012-10-30 23:51 71600 ----a-w- c:windowssystem32driversaswMonFlt.sys

2012-12-16 22:46 . 2012-10-30 23:51 41224 ----a-w- c:windowsavastSS.scr

2012-12-16 22:45 . 2012-10-30 23:50 227648 ----a-w- c:windowsSysWow64aswBoot.exe

2012-12-16 22:06 . 2012-12-16 22:07 -------- d-----w- c:usersOwnerAppDataLocalNETGEARGenie

2012-12-16 22:06 . 2012-12-16 22:06 369168 ----a-w- c:windowssystem32wpcap.dll

2012-12-16 22:06 . 2012-12-16 22:06 35344 ----a-w- c:windowssystem32driversnpf.sys

2012-12-16 22:06 . 2012-12-16 22:06 106000 ----a-w- c:windowssystem32packet.dll

2012-12-16 22:06 . 2012-12-16 22:06 -------- d-----w- c:program files (x86)NETGEAR Genie

2012-12-14 20:48 . 2012-12-14 20:48 -------- d-----w- c:program files (x86)uTorrent

2012-12-14 13:06 . 2012-11-14 07:06 17811968 ----a-w- c:windowssystem32mshtml.dll

2012-12-14 13:06 . 2012-11-14 06:32 10925568 ----a-w- c:windowssystem32ieframe.dll

2012-12-13 11:57 . 2012-11-02 05:59 478208 ----a-w- c:windowssystem32dpnet.dll

2012-12-13 11:57 . 2012-11-02 05:11 376832 ----a-w- c:windowsSysWow64dpnet.dll

2012-12-12 21:34 . 2012-12-13 00:47 -------- d-----w- c:usersOwnerAppDataRoamingatunes

2012-12-12 21:33 . 2012-12-12 21:33 -------- d-----w- c:program files (x86)aTunes

2012-12-12 17:44 . 2012-12-12 17:44 -------- d-----w- c:program files (x86)CheckPoint

2012-12-10 15:12 . 2012-12-10 15:12 -------- d-----w- C:FRACTURE EXTRAS

2012-12-05 17:06 . 2012-11-29 08:27 96224 ----a-w- c:program files (x86)Mozilla Firefoxwebapprt-stub.exe

2012-12-05 17:06 . 2012-11-29 08:27 270816 ----a-w- c:program files (x86)Mozilla Firefoxupdater.exe

2012-12-05 17:06 . 2012-11-29 08:27 157272 ----a-w- c:program files (x86)Mozilla Firefoxwebapp-uninstaller.exe

2012-12-05 17:06 . 2012-11-29 08:27 73696 ----a-w- c:program files (x86)Mozilla Firefoxbreakpadinjector.dll

2012-11-30 15:39 . 2012-11-30 21:47 -------- d-----w- c:program files (x86)Malwarebytes' Anti-Malware

2012-11-30 15:39 . 2012-09-30 01:54 25928 ----a-w- c:windowssystem32driversmbam.sys

2012-11-30 14:16 . 2012-11-30 14:16 -------- d-----w- c:windowsERUNT

2012-11-30 14:15 . 2012-12-06 01:06 -------- d-----w- C:JRT

2012-11-27 17:18 . 2012-12-12 19:11 -------- d-----w- C:FRST

2012-11-25 02:04 . 2012-12-05 19:46 -------- d-----w- c:usersOwnerAppDataLocalElevatedDiagnostics

2012-11-24 14:58 . 2011-05-30 13:42 240640 ----a-w- c:windowsSysWow64xvidvfw.dll

2012-11-24 14:58 . 2011-05-30 13:42 255488 ----a-w- c:windowssystem32xvidvfw.dll

2012-11-24 14:58 . 2011-05-23 09:52 153088 ----a-w- c:windowsSysWow64xvid.ax

2012-11-24 14:58 . 2011-05-23 07:49 173568 ----a-w- c:windowssystem32xvid.ax

2012-11-24 14:58 . 2011-05-23 07:46 645632 ----a-w- c:windowsSysWow64xvidcore.dll

2012-11-24 14:58 . 2011-05-23 07:45 696832 ----a-w- c:windowssystem32xvidcore.dll

2012-11-24 14:57 . 2012-11-24 14:57 -------- d-----w- c:usersOwner.bitrock

2012-11-24 01:49 . 2012-11-24 14:58 -------- d-----w- c:program files (x86)Xvid

2012-11-21 18:48 . 2010-11-26 23:02 17720 ----a-w- c:windowssystem32driversSmartDefragDriver.sys

2012-11-21 14:17 . 2012-11-21 14:19 -------- d-----w- c:program files (x86)MeadCo Neptune

2012-11-20 22:16 . 2012-12-12 16:25 -------- dc----w- c:windowssystem32DRVSTORE

2012-11-20 22:15 . 2012-11-20 22:15 -------- d-----w- c:usersOwnerAppDataRoamingCheckPoint

2012-11-20 21:46 . 2012-12-12 17:44 -------- d-----w- c:programdataCheckPoint

2012-11-20 18:23 . 2012-11-20 18:23 -------- d-----w- c:usersOwnerAppDataRoamingMalwarebytes

2012-11-20 18:22 . 2012-11-20 18:22 -------- d-----w- c:programdataMalwarebytes

2012-11-20 16:27 . 2012-11-20 16:27 -------- d-----w- c:programdataPCPitstop

2012-11-20 16:25 . 2012-11-21 15:57 -------- d-----w- c:program files (x86)PCPitstop

2012-11-20 11:53 . 2012-11-20 11:53 -------- d-----w- c:usersOwnerAppDataRoamingConverterLite

2012-11-20 01:03 . 2012-11-20 01:03 -------- d-----w- c:usersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012)

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-14 13:10 . 2012-07-25 12:45 67413224 ----a-w- c:windowssystem32MRT.exe

2012-12-12 17:57 . 2012-07-31 00:28 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe

2012-12-12 17:57 . 2012-07-31 00:28 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl

2012-11-24 01:35 . 2012-10-06 20:26 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll

2012-11-15 01:51 . 2012-11-15 01:51 62976 ----a-w- c:windowssystem32TSWbPrxy.exe

2012-11-15 01:51 . 2012-11-15 01:51 57856 ----a-w- c:windowssystem32driversTsUsbFlt.sys

2012-11-15 01:51 . 2012-11-15 01:51 5773824 ----a-w- c:windowssystem32mstscax.dll

2012-11-15 01:51 . 2012-11-15 01:51 54272 ----a-w- c:windowssystem32MsRdpWebAccess.dll

2012-11-15 01:51 . 2012-11-15 01:51 4916224 ----a-w- c:windowsSysWow64mstscax.dll

2012-11-15 01:51 . 2012-11-15 01:51 46592 ----a-w- c:windowsSysWow64MsRdpWebAccess.dll

2012-11-15 01:51 . 2012-11-15 01:51 44032 ----a-w- c:windowssystem32tsgqec.dll

2012-11-15 01:51 . 2012-11-15 01:51 43520 ----a-w- c:windowssystem32TsUsbGDCoInstaller.dll

2012-11-15 01:51 . 2012-11-15 01:51 384000 ----a-w- c:windowssystem32wksprt.exe

2012-11-15 01:51 . 2012-11-15 01:51 37376 ----a-w- c:windowsSysWow64tsgqec.dll

2012-11-15 01:51 . 2012-11-15 01:51 322560 ----a-w- c:windowssystem32aaclient.dll

2012-11-15 01:51 . 2012-11-15 01:51 3174912 ----a-w- c:windowssystem32rdpcorets.dll

2012-11-15 01:51 . 2012-11-15 01:51 269312 ----a-w- c:windowsSysWow64aaclient.dll

2012-11-15 01:51 . 2012-11-15 01:51 243200 ----a-w- c:windowssystem32rdpudd.dll

2012-11-15 01:51 . 2012-11-15 01:51 228864 ----a-w- c:windowssystem32rdpendp_winip.dll

2012-11-15 01:51 . 2012-11-15 01:51 19456 ----a-w- c:windowssystem32driversrdpvideominiport.sys

2012-11-15 01:51 . 2012-11-15 01:51 192000 ----a-w- c:windowsSysWow64rdpendp_winip.dll

2012-11-15 01:51 . 2012-11-15 01:51 18432 ----a-w- c:windowssystem32wksprtPS.dll

2012-11-15 01:51 . 2012-11-15 01:51 16896 ----a-w- c:windowsSysWow64wksprtPS.dll

2012-11-15 01:51 . 2012-11-15 01:51 15360 ----a-w- c:windowssystem32RdpGroupPolicyExtension.dll

2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyExtension.dll

2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyControl.exe

2012-11-15 01:51 . 2012-11-15 01:51 1123840 ----a-w- c:windowssystem32mstsc.exe

2012-11-15 01:51 . 2012-11-15 01:51 1048064 ----a-w- c:windowsSysWow64mstsc.exe

2012-11-15 01:50 . 2012-11-15 01:50 96768 ----a-w- c:windowsSysWow64sspicli.dll

2012-11-15 01:50 . 2012-11-15 01:50 458712 ----a-w- c:windowssystem32driverscng.sys

2012-11-15 01:50 . 2012-11-15 01:50 340992 ----a-w- c:windowssystem32schannel.dll

2012-11-15 01:50 . 2012-11-15 01:50 307200 ----a-w- c:windowssystem32ncrypt.dll

2012-11-15 01:50 . 2012-11-15 01:50 247808 ----a-w- c:windowsSysWow64schannel.dll

2012-11-15 01:50 . 2012-11-15 01:50 220160 ----a-w- c:windowsSysWow64ncrypt.dll

2012-11-15 01:50 . 2012-11-15 01:50 22016 ----a-w- c:windowsSysWow64secur32.dll

2012-11-15 01:50 . 2012-11-15 01:50 154480 ----a-w- c:windowssystem32driversksecpkg.sys

2012-11-15 01:50 . 2012-11-15 01:50 1448448 ----a-w- c:windowssystem32lsasrv.dll

2012-11-15 01:49 . 2012-11-15 01:49 514560 ----a-w- c:windowsSysWow64qdvd.dll

2012-11-15 01:49 . 2012-11-15 01:49 366592 ----a-w- c:windowssystem32qdvd.dll

2012-11-14 20:32 . 2012-11-14 20:32 30568 ----a-w- c:windowssystem32driversavgtpx64.sys

2012-11-01 18:31 . 2012-11-01 18:31 40712 ----a-w- c:windowssystem32driverstaphss6.sys

2012-11-01 18:25 . 2012-11-01 18:25 42248 ----a-w- c:windowssystem32drivershssdrv6.sys

2012-10-30 23:50 . 2012-08-03 22:43 285328 ----a-w- c:windowssystem32aswBoot.exe

2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:windowsSysWow64QuickTimeVR.qtx

2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:windowsSysWow64QuickTime.qts

2012-10-22 22:34 . 2012-10-22 22:34 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll

2012-10-22 22:34 . 2012-10-22 22:35 821736 ----a-w- c:windowsSysWow64npDeployJava1.dll

2012-10-22 22:34 . 2012-10-22 22:35 746984 ----a-w- c:windowsSysWow64deployJava1.dll

2012-10-17 13:39 . 2012-10-17 13:39 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCore-2Microsoft.MediaCenter.Sports.UI.dll

2012-10-17 13:39 . 2012-10-17 13:39 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkup-2markup.dll

2012-10-17 13:37 . 2012-10-17 13:37 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSM-2StartResources.dll

2012-10-16 08:38 . 2012-12-13 11:57 135168 ----a-w- c:windowsapppatchAppPatch64AcXtrnal.dll

2012-10-16 08:38 . 2012-12-13 11:57 350208 ----a-w- c:windowsapppatchAppPatch64AcLayers.dll

2012-10-16 07:39 . 2012-12-13 11:57 561664 ----a-w- c:windowsapppatchAcLayers.dll

2012-10-09 18:17 . 2012-11-15 12:36 55296 ----a-w- c:windowssystem32dhcpcsvc6.dll

2012-10-09 18:17 . 2012-11-15 12:36 226816 ----a-w- c:windowssystem32dhcpcore6.dll

2012-10-09 17:40 . 2012-11-15 12:36 44032 ----a-w- c:windowsSysWow64dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-15 12:36 193536 ----a-w- c:windowsSysWow64dhcpcore6.dll

2012-10-06 20:26 . 2012-10-06 20:26 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkupmarkup.dll

2012-10-06 20:26 . 2012-10-06 20:26 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSMStartResources.dll

2012-10-06 20:26 . 2012-10-06 20:26 539984 ----a-w- c:programdataMicrosofteHomePackagesMCESpotlightMCESpotlightSpotlightResources.dll

2012-10-04 16:40 . 2012-12-13 11:58 44032 ----a-w- c:windowsapppatchacwow64.dll

2012-10-03 17:56 . 2012-11-17 17:59 1914248 ----a-w- c:windowssystem32driverstcpip.sys

2012-10-03 17:44 . 2012-11-17 17:59 70656 ----a-w- c:windowssystem32nlaapi.dll

2012-10-03 17:44 . 2012-11-17 17:59 303104 ----a-w- c:windowssystem32nlasvc.dll

2012-10-03 17:44 . 2012-11-17 17:59 246272 ----a-w- c:windowssystem32netcorehc.dll

2012-10-03 17:44 . 2012-11-17 17:59 18944 ----a-w- c:windowssystem32netevent.dll

2012-10-03 17:44 . 2012-11-17 17:59 216576 ----a-w- c:windowssystem32ncsi.dll

2012-10-03 17:42 . 2012-11-17 17:59 569344 ----a-w- c:windowssystem32iphlpsvc.dll

2012-10-03 16:42 . 2012-11-17 17:59 18944 ----a-w- c:windowsSysWow64netevent.dll

2012-10-03 16:42 . 2012-11-17 17:59 175104 ----a-w- c:windowsSysWow64netcorehc.dll

2012-10-03 16:42 . 2012-11-17 17:59 156672 ----a-w- c:windowsSysWow64ncsi.dll

2012-10-03 16:07 . 2012-11-17 17:59 45568 ----a-w- c:windowssystem32driverstcpipreg.sys

2012-09-25 22:47 . 2012-11-15 12:31 78336 ----a-w- c:windowsSysWow64synceng.dll

2012-09-25 22:46 . 2012-11-15 12:31 95744 ----a-w- c:windowssystem32synceng.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"IDMan"="c:program files (x86)Internet Download ManagerIDMan.exe" [2012-09-01 3528128]

"Xvid"="c:program files (x86)XvidCheckUpdate.exe" [2011-01-17 8192]

"Spotify Web Helper"="c:usersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe" [2012-10-28 1199576]

"NETGEARGenie"="c:program files (x86)NETGEAR GeniebinNETGEARGenie.exe" [2012-10-16 1041736]

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]

"CLMLServer"="c:program files (x86)CyberLinkPower2GoCLMLSvc.exe" [2009-11-02 103720]

"Samsung PanelMgr"="c:windowsSamsungPanelMgrSSMMgr.exe" [2010-06-08 618496]

"UVS10 Preload"="c:program files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe" [2006-03-07 36864]

"UpdatePPShortCut"="c:program files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" [2009-05-20 222504]

"Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-27 919008]

"SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848]

"APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-10-12 59280]

"PowerDVD12DMREngine"="c:program files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [2012-09-19 505872]

"PowerDVD12Agent"="c:program files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [2012-09-19 374560]

"QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-10-25 421888]

"avast"="c:program filesAVAST SoftwareAvastavastUI.exe" [2012-10-30 4297136]

.

c:usersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

MagicDisc.lnk - c:program files (x86)MagicDiscMagicDisc.exe [2012-9-15 576000]

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:windowsSysWOW64nvinit.dll

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32]

"wave6"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576]

R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944]

R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:windowssystem32DRIVERSAVerPola.sys [2011-01-04 534144]

R3 BBUpdate;BBUpdate;c:program files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe [2012-02-10 240408]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:program filesIntelWiFibinPanDhcpDns.exe [2011-01-05 340240]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2012-11-15 19456]

R3 Samsung UPD Service;Samsung UPD Service;c:windowsSystem32SUPDSvc.exe [2010-08-09 166704]

R3 StkCMini;Syntek AVStream USB2.0 ATV;c:windowssystem32DriversStkCMini.sys [2010-04-16 1816968]

R3 taphss6;Anchorfree HSS VPN Adapter;c:windowssystem32DRIVERStaphss6.sys [2012-11-01 40712]

R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2012-11-15 57856]

R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2012-07-25 1255736]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32DRIVERSwdcsam64.sys [2008-05-06 14464]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 57184]

S0 nvpciflt;nvpciflt;c:windowssystem32DRIVERSnvpciflt.sys [2010-12-14 25576]

S0 SmartDefragDriver;SmartDefragDriver;c:windowsSystem32DriversSmartDefragDriver.sys [2010-11-26 17720]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-14 30568]

S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:windowssystem32DriversSABI.sys [2009-05-28 13824]

S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34];c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-09-19 22:12 147704]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2012-10-30 71600]

S2 BBSvc;BingBar Service;c:program files (x86)MicrosoftBingBar7.1.361.0BBSvc.exe [2012-02-10 193816]

S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-09-19 90640]

S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-09-19 78352]

S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-09-19 295440]

S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:program filesIntelWiMAXBinDMAgent.exe [2011-06-06 498688]

S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.sys [2012-08-02 158944]

S2 MBAMScheduler;MBAMScheduler;c:program files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [2012-09-30 399432]

S2 MBAMService;MBAMService;c:program files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2012-09-30 676936]

S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:program files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe [2012-09-25 231752]

S2 nlsX86cc;Nalpeiron Licensing Service;c:windowsSysWOW64nlssrv32.exe [2010-11-22 66560]

S2 ntk_PowerDVD12;ntk_PowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-06-20 83704]

S2 UNS;Intel® Management and Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-10-06 2655768]

S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:program filesIntelWiMAXBinAppSrv.exe [2011-06-06 986112]

S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:windowssystem32DRIVERSbpenum.sys [2011-05-19 84480]

S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:windowssystem32DRIVERSbpmp.sys [2011-05-19 182272]

S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:windowssystem32Driversbpusb.sys [2011-05-19 83968]

S3 clwvd;CyberLink WebCam Virtual Driver;c:windowssystem32DRIVERSclwvd.sys [2010-11-10 31088]

S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys [2010-11-12 138024]

S3 IntcDAud;Intel® Display Audio;c:windowssystem32DRIVERSIntcDAud.sys [2010-10-15 317440]

S3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [2012-09-30 25928]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:windowssystem32DRIVERSnusb3hub.sys [2010-10-11 80384]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:windowssystem32DRIVERSnusb3xhc.sys [2010-10-11 180736]

S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2011-06-10 539240]

S3 wdkmd;Intel WiDi KMD;c:windowssystem32DRIVERSWDKMD.sys [2010-11-30 42392]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - NPF

.

Contents of the 'Scheduled Tasks' folder

.

2012-12-19 c:windowsTasksAdobe Flash Player Updater.job

- c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-31 17:57]

.

2012-12-20 c:windowsTasksSlimDrivers Startup.job

- c:program files (x86)SlimDriversSlimDrivers.exe [2012-10-14 21:29]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}]

2012-10-30 23:50 133400 ----a-w- c:program filesAVAST SoftwareAvastashShA64.dll

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersIDM Shell Extension]

@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"

[HKEY_CLASSES_ROOTCLSID{CDC95B92-E27C-4745-A8C5-64A52A78855D}]

2012-02-08 00:49 23432 ----a-w- c:program files (x86)Internet Download ManagerIDMShellExt64.dll

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"IgfxTray"="c:windowssystem32igfxtray.exe" [2011-01-04 167960]

"HotKeysCmds"="c:windowssystem32hkcmd.exe" [2011-01-04 391704]

"Persistence"="c:windowssystem32igfxpers.exe" [2011-01-04 417304]

"RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2010-11-30 11660904]

"IntelWireless"="c:program filesCommon FilesIntelWirelessCommoniFrmewrk.exe" [2011-01-05 1933584]

"ETDCtrl"="c:program files (x86)ElantechETDCtrl.exe" [bU]

"IntelWirelessWiMAX"="c:program filesIntelWiMAXBinWiMAXCU.exe" [2011-06-02 1622016]

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]

"AppInit_DLLs"=c:windowsSystem32nvinitx.dll

.

------- Supplementary Scan -------

.

uLocal Page = c:windowssystem32blank.htm

mStart Page = hxxp://samsung.msn.com

mLocal Page = c:windowsSysWOW64blank.htm

IE: Download all links with IDM - c:program files (x86)Internet Download ManagerIEGetAll.htm

IE: Download with IDM - c:program files (x86)Internet Download ManagerIEExt.htm

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default

FF - ExtSQL: 2012-11-04 18:39; 50970cb9d50ba@50970cb9d50f3.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions50970cb9d50ba@50970cb9d50f3.com.xpi

FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com

FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com

FF - ExtSQL: 2012-12-16 16:53; wrc@avast.com; c:program filesAVAST SoftwareAvastWebRepFF

FF - ExtSQL: !HIDDEN! 2012-11-12 13:26; 63ffxtbr@APlusGamer_63.com; c:program files (x86)APlusGamer_63bar1.bin

FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:program files (x86)MindDabble_4pbar1.bin

.

- - - - ORPHANS REMOVED - - - -

.

BHO-{30C456C5-0E73-2343-38F0-D9F9CF8B0F52} - c:programdataVaudix508d44c452574.ocx

BHO-{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE} - c:programdataVaudix508d42f54b62d.ocx

Toolbar-Locked - (no file)

AddRemove-{681002C6-5019-81A2-7871-A43754F71E56} - c:programdataVaudixuninstall.exe

.

.

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001services{73526619-C24F-470B-9BED-53D455FBB5C6}]

"ImagePath"="??c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"scansk"=hex(0):c5,88,12,3d,a1,66,02,aa,b6,69,27,77,2a,36,ce,6b,62,5d,c5,5b,dd,

32,c3,0e,3c,fd,35,14,a9,f8,c3,8a,76,15,a2,42,fb,fb,4e,66,00,00,00,00,00,00,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]

@Denied: (Full) (Everyone)

"scansk"=hex(0):92,20,a6,2c,ac,da,97,ad,d1,24,a3,f8,5b,7f,d7,fc,ab,59,6e,1b,bf,

51,95,0a,ae,4d,7b,37,63,5b,fa,ad,73,d0,1a,32,83,42,de,9e,00,00,00,00,00,00,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{b5572adb-f71b-41a1-ad6e-0832b120e9ea}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"Model"=dword:000000f0

"Therad"=dword:0000001e

"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,

38,95,44,85,b1,12,f9,90,dd,23,a1,46,8f,3c,f2,5c,68,ee,21,c4,91,5d,38,fc,54,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{c9fa1039-b2b9-4ecb-85ad-32f7d18bc0ed}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"Model"=dword:0000012c

"Therad"=dword:00000001

"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,

1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32]

@="c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32]

@="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:program filesAVAST SoftwareAvastAvastSvc.exe

c:program files (x86)Common FilesAdobeARM1.0armsvc.exe

c:program files (x86)IObitSmart Defrag 2SmartDefrag.exe

c:program files (x86)Malwarebytes' Anti-Malwarembamgui.exe

c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe

c:program files (x86)CyberLinkShared filesRichVideo.exe

c:program files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe

c:program files (x86)SamsungEasy Display ManagerWifiManager.exe

c:program files (x86)CyberLinkYouCamYCMMirage.exe

c:program files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe

c:program files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe

c:program files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe

c:program files (x86)SamsungSamsung Support CenterSSCKbdHk.exe

c:program files (x86)SamsungSamsung Update PlusSUPBackground.exe

.

**************************************************************************

.

Completion time: 2012-12-19 18:52:59 - machine was rebooted

ComboFix-quarantined-files.txt 2012-12-20 00:52

ComboFix2.txt 2012-12-19 19:31

ComboFix3.txt 2012-12-18 18:54

ComboFix4.txt 2012-12-11 00:42

ComboFix5.txt 2012-12-19 23:59

.

Pre-Run: 70,492,712,960 bytes free

Post-Run: 70,425,374,720 bytes free

.

- - End Of File - - 4C1BBF0C55D7FDB11EDE1024F9B8F043

 

 

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

 

Database version: v2012.12.20.01

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Owner :: OWNER-PC [administrator]

 

12/19/2012 7:57:26 PM

mbam-log-2012-12-19 (19-57-26).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 238507

Time elapsed: 4 minute(s), 31 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 2

HKCRCLSID{30C456C5-0E73-2343-38F0-D9F9CF8B0F52} (Adware.KorAd) -> Quarantined and deleted successfully.

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{30C456C5-0E73-2343-38F0-D9F9CF8B0F52} (Adware.KorAd) -> Quarantined and deleted successfully.

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

Share this post


Link to post
Share on other sites

Hello goofy1139

 

Thank you for the logs.

 

How is the machine running now?

 

Lets run an online scan to check for anything that may have been missed:

  • Please run the following scan

  • Note: You will need to use Internet Explorer for this scan.
  • Note for Vista/Windows 7 Users: ESET is compatible but Internet Explorer must be run as Administrator. To do this, right-click on your Internet Explorer icon and select "Run as Administrator".
  • Please disable your real time security programs before performing the scan.
  • Scan your system with Eset Online Scanner
  • Place a check mark in the box YES, I accept the Terms Of Use.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps).
  • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option to "Remove Found Threats" is UN checked.
  • Push the "Start" button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image
Once the ESET scan has completed, please save the log then scan your machine with either DDS or OTL and post the logs in your next reply.

 

Share this post


Link to post
Share on other sites

Due to lack of response, this topic is now closed.

 

If you are the topic starter and need this topic reopened, please PM a staff member (include the address of this thread in your request).

 

Everyone else please start a new topic.

Share this post


Link to post
Share on other sites

C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDownloadSetup.exe Win32/Adware.1ClickDownload.C application

C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDropDownDealsSmartSetup.exe multiple threats

C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDropDownDealsSmartSetup_2.exe multiple threats

C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsPageRageSetupAff.exe multiple threats

C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsxvidsetup.exe a variant of Win32/Obfuscated.NER trojan

C:New folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsxvidsetup_2.exe a variant of Win32/Obfuscated.NER trojan

C:Program Files (x86)ZuxxezBattle vs. ChessSKIDROW.dll a variant of Win32/Packed.VMProtect.AAA trojan

C:QooboxQuarantineCNew folder (2)Geek Squad Backup 07.09.2012BACKUP CONTINUEDAudio Record Wizard 3.99 Inc Crack - Mast3r-CrackARWizard3.exe.vir probably a variant of Win32/TrojanDropper.Agent.NHZIJQ trojan

C:QooboxQuarantineCProgramDataVaudix508d42f54b62d.ocx.vir Win32/Adware.MultiPlug.D application

C:QooboxQuarantineCProgramDataVaudix508d44c452574.ocx.vir Win32/Adware.MultiPlug.D application

C:QooboxQuarantineCUsersOwnerAudio Record Wizard 3.99 Inc Crack - Mast3r-audio recordAudio Record Wizard 3.99 Inc Crack - Mast3r-CrackARWizard3.exe.vir probably a variant of Win32/TrojanDropper.Agent.NHZIJQ trojan

C:UsersOwnerAudio Record Wizard 3.99 Inc Crack - Mast3r-.rar probably a variant of Win32/TrojanDropper.Agent.NHZIJQ trojan

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2

Run by Owner at 18:32:59 on 2013-01-02

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6055.3566 [GMT -6:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:Windowssystem32lsm.exe

C:Windowssystem32svchost.exe -k DcomLaunch

C:Windowssystem32nvvsvc.exe

C:Windowssystem32svchost.exe -k RPCSS

C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted

C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted

C:Windowssystem32svchost.exe -k netsvcs

C:Windowssystem32svchost.exe -k GPSvcGroup

C:Windowssystem32svchost.exe -k LocalService

C:Windowssystem32svchost.exe -k NetworkService

C:Program FilesNVIDIA CorporationDisplayNvXDSync.exe

C:Windowssystem32WLANExt.exe

C:Program FilesAVAST SoftwareAvastAvastSvc.exe

C:Windowssystem32Dwm.exe

C:WindowsExplorer.EXE

C:WindowsSystem32spoolsv.exe

C:Windowssystem32svchost.exe -k LocalServiceNoNetwork

C:Windowssystem32taskhost.exe

C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe

C:Windowssystem32taskeng.exe

C:WindowsSystem32hkcmd.exe

C:WindowsSystem32igfxpers.exe

C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe

C:Program FilesIntelWiFibinEvtEng.exe

C:PROGRA~2MINDDA~2bar2.bin4pbarsvc.exe

C:Program Files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe

C:Program FilesRealtekAudioHDARAVCpl64.exe

C:WindowsSysWOW64nlssrv32.exe

C:Program Files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe

C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe

C:Program Files (x86)CyberLinkShared filesRichVideo.exe

C:Windowssystem32svchost.exe -k imgsvc

C:Program Files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe

C:Program FilesIntelWiMAXBinAppSrv.exe

C:WindowsSystem32svchost.exe -k secsvcs

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE

C:Program FilesIntelWiMAXBinDMAgent.exe

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe

C:Windowssystem32wbemunsecapp.exe

C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted

C:Windowssystem32wbemwmiprvse.exe

C:Windowssystem32taskeng.exe

C:Program Files (x86)SamsungEasy Display ManagerWifiManager.exe

C:Program Files (x86)CyberLinkYouCamYCMMirage.exe

C:Program FilesSRS LabsSRS Premium Sound Control Panelsrspremiumpanel_64.exe

C:Program Files (x86)SamsungEasy Display Managerdmhkcore.exe

C:Windowssystem32SearchIndexer.exe

C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe

C:Program FilesElantechETDCtrl.exe

C:Program FilesIntelWiMAXBinWiMAXCU.exe

C:Program FilesWindows Media Playerwmpnetwk.exe

C:Windowssystem32wbemunsecapp.exe

C:Program Files (x86)SAMSUNGEasySpeedUpManagerEasySpeedUpManager.exe

C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation

C:UsersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe

C:Program Files (x86)NETGEAR GeniebinNETGEARGenie.exe

C:Program FilesElantechETDCtrlHelper.exe

C:Program Files (x86)Internet Download ManagerIEMonitor.exe

C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe

C:Program Files (x86)MagicDiscMagicDisc.exe

C:Windowssystem32igfxext.exe

C:Windowssystem32igfxsrvc.exe

C:Program Files (x86)Common FilesJavaJava Updatejusched.exe

C:Program Files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe

C:Program Files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe

C:Program Files (x86)QuickTimeQTTask.exe

C:Program FilesAVAST SoftwareAvastAvastUI.exe

C:Program Files (x86)Search Results ToolbarDatamngrdatamngrUI.exe

C:Program Files (x86)NETGEAR Geniebingenie2_tray.exe

C:WindowsSystem32svchost.exe -k LocalServicePeerNet

C:Windowssplwow64.exe

C:Program Files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe

C:Program FilesSamsungSamsungFastStartSmartRestarter.exe

C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe

C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe

C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe

C:Program Files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe

C:Program Files (x86)SamsungSamsung Support CenterSSCKbdHk.exe

C:Program Files (x86)SamsungSamsung Update PlusSUPBackground.exe

C:Program Files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe

C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe

C:WindowsSysWOW64ctfmon.exe

C:Program Files (x86)Mozilla Firefoxfirefox.exe

C:Program Files (x86)Mozilla Firefoxplugin-container.exe

C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_5_502_135.exe

C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_5_502_135.exe

C:Windowssystem32wbemwmiprvse.exe

C:WindowsSystem32cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.searchnu.com/406

mStart Page = hxxp://samsung.msn.com

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:Program Files (x86)Windows LiveCompanioncompanioncore.dll

BHO: W2PBrowser Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:Program FilesSamsung AnyWeb PrintW2PBrowser.dll

BHO: DataMngr: {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:Program Files (x86)Search Results ToolbarDatamngrBrowserConnection.dll

BHO: Vaudix Class: {D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE} -

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:Program Files (x86)MicrosoftBingBar7.1.361.0BingExt.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll

BHO: Search-Results Toolbar: {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:Program Files (x86)Search Results ToolbarDatamngrSRTOOL~1searchresultsDx.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll

TB: Search-Results Toolbar: {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:Program Files (x86)Search Results ToolbarDatamngrSRTOOL~1searchresultsDx.dll

uRun: [iDMan] C:Program Files (x86)Internet Download ManagerIDMan.exe /onboot

uRun: [Xvid] C:Program Files (x86)XvidCheckUpdate.exe

uRun: [spotify Web Helper] "C:UsersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe"

uRun: [NETGEARGenie] "C:Program Files (x86)NETGEAR GeniebinNETGEARGenie.exe" -mini -redirect

uRun: [AnyDVD] C:Program Files (x86)SlySoftAnyDVDAnyDVDtray.exe

mRun: [CLMLServer] "C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe"

mRun: [samsung PanelMgr] C:WindowsSamsungPanelMgrSSMMgr.exe /autorun

mRun: [uVS10 Preload] C:Program Files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe

mRun: [updatePPShortCut] "C:Program Files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" "C:Program Files (x86)CyberLinkPowerProducer" UpdateWithCreateOnce "SoftwareCyberLinkPowerProducer5.0"

mRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"

mRun: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"

mRun: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe"

mRun: [PowerDVD12DMREngine] "C:Program Files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe"

mRun: [PowerDVD12Agent] "C:Program Files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe"

mRun: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime

mRun: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /nogui

mRun: [DATAMNGR] C:PROGRA~2SEARCH~1DatamngrDATAMN~1.EXE

mRun: [MindDabble Search Scope Monitor] "C:PROGRA~2MINDDA~2bar2.bin4psrchmn.exe" /m=2 /w /h

StartupFolder: C:UsersOwnerAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupMAGICD~1.LNK - C:Program Files (x86)MagicDiscMagicDisc.exe

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Download all links with IDM - C:Program Files (x86)Internet Download ManagerIEGetAll.htm

IE: Download with IDM - C:Program Files (x86)Internet Download ManagerIEExt.htm

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:Program Files (x86)Windows LiveCompanioncompanioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll

IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:Program FilesSamsung AnyWeb PrintW2PBrowser.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB

DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} - hxxp://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll

TCP: NameServer = 192.168.1.1

TCP: Interfaces{EF589019-EF09-4585-8068-B38719BE845F} : DHCPNameServer = 192.168.1.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll

AppInit_DLLs= C:PROGRA~3WincertWIN32C~1.DLL C:PROGRA~2SEARCH~1Datamngrdatamngr.dll C:PROGRA~2SEARCH~1DatamngrIEBHO.dll C:WindowsSysWOW64nvinit.dll

SSODL: WebCheck - <orphaned>

x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program Files (x86)Internet Download ManagerIDMIECC64.dll

x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

x64-BHO: DataMngr: {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:Program Files (x86)Search Results ToolbarDatamngrx64BrowserConnection.dll

x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll

x64-Run: [igfxTray] C:WindowsSystem32igfxtray.exe

x64-Run: [HotKeysCmds] C:WindowsSystem32hkcmd.exe

x64-Run: [Persistence] C:WindowsSystem32igfxpers.exe

x64-Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s

x64-Run: [intelWireless] "C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe" /tf Intel Wireless Tray

x64-Run: [ETDCtrl] C:Program Files (x86)ElantechETDCtrl.exe

x64-Run: [intelWirelessWiMAX] "C:Program FilesIntelWiMAXBinWiMAXCU.exe" /tasktray /nosplash

x64-DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default

FF - prefs.js: browser.startup.homepage - hxxp://www.searchnu.com/406

FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=287&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=5893014922044063&o=APN10645&q=

FF - plugin: C:PROGRA~2MEADCO~1npmeadax.dll

FF - plugin: C:Program Files (x86)AdobeReader 10.0ReaderAIRnppdf32.dll

FF - plugin: C:Program Files (x86)Javajre7binplugin2npjp2.dll

FF - plugin: c:Program Files (x86)Microsoft Silverlight5.1.10411.0npctrlui.dll

FF - plugin: C:Program Files (x86)MindDabble_4pbar2.binNP4pStub.dll

FF - plugin: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll

FF - plugin: C:WindowsSysWOW64MacromedFlashNPSWF32_11_5_502_135.dll

FF - plugin: C:WindowsSysWOW64npDeployJava1.dll

FF - plugin: C:WindowsSysWOW64npmproxy.dll

FF - ExtSQL: 2012-11-04 18:39; 50970cb9d50ba@50970cb9d50f3.com; C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions50970cb9d50ba@50970cb9d50f3.com.xpi

FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com

FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com

FF - ExtSQL: 2012-12-16 16:53; wrc@avast.com; C:Program FilesAVAST SoftwareAvastWebRepFF

FF - ExtSQL: 2012-12-25 11:28; {f34c9277-6577-4dff-b2d7-7d58092f272f}; C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions{f34c9277-6577-4dff-b2d7-7d58092f272f}

FF - ExtSQL: 2012-12-25 11:28; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; C:Program Files (x86)Search Results ToolbarDatamngrFirefoxExtension

FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; C:Program Files (x86)MindDabble_4pbar2.bin

FF - ExtSQL: !HIDDEN! 2012-12-25 11:28; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; C:Program Files (x86)Search Results ToolbarDatamngrFirefoxExtension

.

============= SERVICES / DRIVERS ===============

.

R0 nvpciflt;nvpciflt;C:WindowsSystem32driversnvpciflt.sys [2011-2-20 25576]

R0 SmartDefragDriver;SmartDefragDriver;C:WindowsSystem32driversSmartDefragDriver.sys [2012-11-21 17720]

R1 aswSnx;aswSnx;C:WindowsSystem32driversaswSnx.sys [2012-12-16 984144]

R1 aswSP;aswSP;C:WindowsSystem32driversaswSP.sys [2012-12-16 370288]

R1 avgtp;avgtp;C:WindowsSystem32driversavgtpx64.sys [2012-11-14 30568]

R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:WindowsSystem32driversSABI.sys [2011-2-20 13824]

R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34:12];C:Program Files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-9-19 147704]

R2 aswFsBlk;aswFsBlk;C:WindowsSystem32driversaswFsBlk.sys [2012-12-16 25232]

R2 aswMonFlt;aswMonFlt;C:WindowsSystem32driversaswMonFlt.sys [2012-12-16 71600]

R2 avast! Antivirus;avast! Antivirus;C:Program FilesAVAST SoftwareAvastAvastSvc.exe [2012-12-16 44808]

R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-11-9 90640]

R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-11-9 78352]

R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-11-9 295440]

R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:Program FilesIntelWiMAXBinDMAgent.exe [2011-6-6 498688]

R2 IDMWFP;IDMWFP;C:WindowsSystem32driversidmwfp.sys [2012-8-31 158944]

R2 MindDabble_4pService;MindDabbleService;C:PROGRA~2MINDDA~2bar2.bin4pbarsvc.exe [2012-12-26 42504]

R2 NETGEARGenieDaemon;NETGEARGenieDaemon;C:Program Files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe [2012-9-25 231752]

R2 nlsX86cc;Nalpeiron Licensing Service;C:WindowsSysWOW64nlssrv32.exe [2012-9-11 66560]

R2 ntk_PowerDVD12;ntk_PowerDVD12;C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-11-9 83704]

R2 UNS;Intel® Management and Security Application User Notification Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2011-2-20 2655768]

R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:Program FilesIntelWiMAXBinAppSrv.exe [2011-6-6 986112]

R3 BBUpdate;BBUpdate;C:Program Files (x86)MicrosoftBingBar7.1.361.0SeaPort.EXE [2012-2-10 240408]

R3 bpenum;Intel® Centrino® WiMAX Enumerator;C:WindowsSystem32driversbpenum.sys [2011-5-19 84480]

R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:WindowsSystem32driversbpmp.sys [2011-5-19 182272]

R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;C:WindowsSystem32driversbpusb.sys [2011-5-19 83968]

R3 clwvd;CyberLink WebCam Virtual Driver;C:WindowsSystem32driversclwvd.sys [2010-11-10 31088]

R3 ETD;ELAN PS/2 Port Input Device;C:WindowsSystem32driversETD.sys [2011-2-21 138024]

R3 IntcDAud;Intel® Display Audio;C:WindowsSystem32driversIntcDAud.sys [2011-2-21 317440]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:WindowsSystem32driversnusb3hub.sys [2010-10-11 80384]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:WindowsSystem32driversnusb3xhc.sys [2010-10-11 180736]

R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2012-8-6 539240]

R3 wdkmd;Intel WiDi KMD;C:WindowsSystem32driversWDKMD.sys [2010-11-30 42392]

S2 BBSvc;BingBar Service;C:Program Files (x86)MicrosoftBingBar7.1.361.0BBSvc.EXE [2012-2-10 193816]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2012-7-13 160944]

S3 AVerPola;AVerMedia USB Polaris Series Capture Service;C:WindowsSystem32driversAVerPola.sys [2012-9-20 534144]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:Program FilesIntelWiFibinPanDhcpDns.exe [2011-1-4 340240]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:WindowsSystem32driversrdpvideominiport.sys [2012-11-14 19456]

S3 Samsung UPD Service;Samsung UPD Service;C:WindowsSystem32SUPDSvc.exe [2011-2-20 166704]

S3 StkCMini;Syntek AVStream USB2.0 ATV;C:WindowsSystem32driversStkCMini.sys [2012-8-9 1816968]

S3 taphss6;Anchorfree HSS VPN Adapter;C:WindowsSystem32driverstaphss6.sys [2012-11-1 40712]

S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2012-11-14 57856]

S3 WatAdminSvc;Windows Activation Technologies Service;C:WindowsSystem32WatWatAdminSvc.exe [2012-7-25 1255736]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:WindowsSystem32driverswdcsam64.sys [2008-5-6 14464]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:Program FilesWindows LiveMeshwlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-01-02 19:47:18 -------- d-----w- C:Program Files (x86)ESET

2013-01-02 17:17:07 76232 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{9177B41E-E962-4833-8513-3DF4D9FED774}offreg.dll

2013-01-01 17:37:46 9125352 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{9177B41E-E962-4833-8513-3DF4D9FED774}mpengine.dll

2012-12-28 15:33:46 -------- d-----w- C:Hugo extras

2012-12-28 15:33:23 -------- d-----w- C:Hugo

2012-12-26 14:13:18 -------- d-----w- C:ProgramDataboost_interprocess

2012-12-26 02:31:41 -------- d-----w- C:UsersOwnerAppDataRoamingMedia Player Lite

2012-12-26 02:28:05 -------- d-----w- C:UsersOwnerAppDataRoamingFileAssociationManager

2012-12-26 02:28:01 -------- d-----w- C:Program Files (x86)FileAssociationManager

2012-12-26 02:27:58 -------- d-----w- C:Program Files (x86)MediaPlayerLite

2012-12-26 00:57:17 -------- d-----w- C:toolbarImages

2012-12-26 00:56:31 -------- d-----w- C:UsersOwnerAppDataLocalTorch

2012-12-25 19:54:23 -------- d-----w- C:ProgramDataBrowser Manager

2012-12-25 17:28:45 773968 ----a-w- C:WindowsSystem32msvcr100.dll

2012-12-25 17:28:12 -------- d-----w- C:ProgramDataWincert

2012-12-25 17:27:59 -------- d-----w- C:Program Files (x86)Search Results Toolbar

2012-12-25 17:27:39 -------- d-----w- C:UsersOwnerAppDataLocaliLivid

2012-12-23 17:43:36 -------- d-----w- C:ted dvd files

2012-12-21 09:00:35 46080 ----a-w- C:WindowsSystem32atmlib.dll

2012-12-21 09:00:35 367616 ----a-w- C:WindowsSystem32atmfd.dll

2012-12-21 09:00:35 34304 ----a-w- C:WindowsSysWow64atmlib.dll

2012-12-21 09:00:35 295424 ----a-w- C:WindowsSysWow64atmfd.dll

2012-12-20 00:39:31 -------- d-----w- C:$RECYCLE.BIN

2012-12-16 22:46:33 54072 ----a-w- C:WindowsSystem32driversaswRdr2.sys

2012-12-16 22:46:32 984144 ----a-w- C:WindowsSystem32driversaswSnx.sys

2012-12-16 22:46:29 71600 ----a-w- C:WindowsSystem32driversaswMonFlt.sys

2012-12-16 22:46:00 41224 ----a-w- C:WindowsavastSS.scr

2012-12-16 22:06:49 -------- d-----w- C:UsersOwnerAppDataLocalNETGEARGenie

2012-12-16 22:06:40 369168 ----a-w- C:WindowsSystem32wpcap.dll

2012-12-16 22:06:40 35344 ----a-w- C:WindowsSystem32driversnpf.sys

2012-12-16 22:06:40 106000 ----a-w- C:WindowsSystem32packet.dll

2012-12-16 22:06:32 -------- d-----w- C:Program Files (x86)NETGEAR Genie

2012-12-14 20:48:35 -------- d-----w- C:Program Files (x86)uTorrent

2012-12-13 11:57:59 478208 ----a-w- C:WindowsSystem32dpnet.dll

2012-12-13 11:57:59 376832 ----a-w- C:WindowsSysWow64dpnet.dll

2012-12-12 21:34:58 -------- d-----w- C:UsersOwnerAppDataRoamingatunes

2012-12-12 21:33:11 -------- d-----w- C:Program Files (x86)aTunes

2012-12-12 17:44:07 -------- d-----w- C:Program Files (x86)CheckPoint

2012-12-10 15:12:05 -------- d-----w- C:FRACTURE EXTRAS

2012-12-05 17:06:24 96224 ----a-w- C:Program Files (x86)Mozilla Firefoxwebapprt-stub.exe

2012-12-05 17:06:24 270816 ----a-w- C:Program Files (x86)Mozilla Firefoxupdater.exe

2012-12-05 17:06:24 157272 ----a-w- C:Program Files (x86)Mozilla Firefoxwebapp-uninstaller.exe

2012-12-05 17:06:23 73696 ----a-w- C:Program Files (x86)Mozilla Firefoxbreakpadinjector.dll

.

==================== Find3M ====================

.

2012-12-12 17:57:05 697272 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe

2012-12-12 17:57:04 73656 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl

2012-11-22 03:26:40 3149824 ----a-w- C:WindowsSystem32win32k.sys

2012-11-15 01:50:36 96768 ----a-w- C:WindowsSysWow64sspicli.dll

2012-11-15 01:50:36 458712 ----a-w- C:WindowsSystem32driverscng.sys

2012-11-15 01:50:36 340992 ----a-w- C:WindowsSystem32schannel.dll

2012-11-15 01:50:36 307200 ----a-w- C:WindowsSystem32ncrypt.dll

2012-11-15 01:50:36 247808 ----a-w- C:WindowsSysWow64schannel.dll

2012-11-15 01:50:36 220160 ----a-w- C:WindowsSysWow64ncrypt.dll

2012-11-15 01:50:36 22016 ----a-w- C:WindowsSysWow64secur32.dll

2012-11-15 01:50:36 154480 ----a-w- C:WindowsSystem32driversksecpkg.sys

2012-11-15 01:50:36 1448448 ----a-w- C:WindowsSystem32lsasrv.dll

2012-11-15 01:49:36 514560 ----a-w- C:WindowsSysWow64qdvd.dll

2012-11-15 01:49:36 366592 ----a-w- C:WindowsSystem32qdvd.dll

2012-11-14 20:32:45 30568 ----a-w- C:WindowsSystem32driversavgtpx64.sys

2012-11-14 06:11:44 2312704 ----a-w- C:WindowsSystem32jscript9.dll

2012-11-14 06:04:11 1392128 ----a-w- C:WindowsSystem32wininet.dll

2012-11-14 06:02:49 1494528 ----a-w- C:WindowsSystem32inetcpl.cpl

2012-11-14 05:57:46 599040 ----a-w- C:WindowsSystem32vbscript.dll

2012-11-14 05:57:35 173056 ----a-w- C:WindowsSystem32ieUnatt.exe

2012-11-14 05:52:40 2382848 ----a-w- C:WindowsSystem32mshtml.tlb

2012-11-14 02:09:22 1800704 ----a-w- C:WindowsSysWow64jscript9.dll

2012-11-14 01:58:15 1427968 ----a-w- C:WindowsSysWow64inetcpl.cpl

2012-11-14 01:57:37 1129472 ----a-w- C:WindowsSysWow64wininet.dll

2012-11-14 01:49:25 142848 ----a-w- C:WindowsSysWow64ieUnatt.exe

2012-11-14 01:48:27 420864 ----a-w- C:WindowsSysWow64vbscript.dll

2012-11-14 01:44:42 2382848 ----a-w- C:WindowsSysWow64mshtml.tlb

2012-11-09 05:45:09 2048 ----a-w- C:WindowsSystem32tzres.dll

2012-11-09 04:42:49 2048 ----a-w- C:WindowsSysWow64tzres.dll

2012-11-01 18:31:08 40712 ----a-w- C:WindowsSystem32driverstaphss6.sys

2012-11-01 18:25:26 42248 ----a-w- C:WindowsSystem32drivershssdrv6.sys

2012-10-25 09:12:26 94208 ----a-w- C:WindowsSysWow64QuickTimeVR.qtx

2012-10-25 09:12:26 69632 ----a-w- C:WindowsSysWow64QuickTime.qts

2012-10-22 22:34:45 95208 ----a-w- C:WindowsSysWow64WindowsAccessBridge-32.dll

2012-10-22 22:34:35 821736 ----a-w- C:WindowsSysWow64npDeployJava1.dll

2012-10-22 22:34:35 746984 ----a-w- C:WindowsSysWow64deployJava1.dll

2012-10-16 08:38:37 135168 ----a-w- C:WindowsapppatchAppPatch64AcXtrnal.dll

2012-10-16 08:38:34 350208 ----a-w- C:WindowsapppatchAppPatch64AcLayers.dll

2012-10-16 07:39:52 561664 ----a-w- C:WindowsapppatchAcLayers.dll

2012-10-09 18:17:13 55296 ----a-w- C:WindowsSystem32dhcpcsvc6.dll

2012-10-09 18:17:13 226816 ----a-w- C:WindowsSystem32dhcpcore6.dll

2012-10-09 17:40:31 44032 ----a-w- C:WindowsSysWow64dhcpcsvc6.dll

2012-10-09 17:40:31 193536 ----a-w- C:WindowsSysWow64dhcpcore6.dll

.

============= FINISH: 18:33:30.25 ===============

 

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: DeviceHarddiskVolume1

Install Date: 7/19/2012 4:23:32 AM

System Uptime: 1/2/2013 1:04:52 AM (17 hours ago)

.

Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | RC512

Processor: Intel® Core i3-2310M CPU @ 2.10GHz | CPU 1 | 2100/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 586 GiB total, 52.694 GiB free.

D: is CDROM ()

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP146: 12/29/2012 12:00:02 AM - Scheduled Checkpoint

RP147: 1/1/2013 11:36:55 AM - Windows Update

.

==== Installed Programs ======================

.

???? ??? Windows Live

???? Windows Live

????? Messenger

????? Windows Live

?????? ??????? ?? Windows Live

???????? ?? Messenger

???????? ?????????? Windows Live

????????? Messenger

?????????? Windows Live

??????????? ?? Windows Live

µTorrent

Adobe AIR

Adobe Download Assistant

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.4)

Agatha Christie - Death on the Nile

All Sound Recorder 1.78

„Messenger“ pagalbine priemone

Angry Birds Space

AnyDVD

Apple Application Support

Apple Software Update

ASPCA Reminder by We-Care.com v4.1.17.1

Audacity 2.0

avast! Free Antivirus

AVerMedia C039 USB Capture Card 10.2.64.51

AVS Update Manager 1.0

AVS Video Converter 8

AVS4YOU Software Navigator 1.4

„Windows Live Essentials“

„Windows Live Mail“

„Windows Live Messenger“

„Windows Live“ fotogalerija

Bad Piggies

BatteryLifeExtender

Battle vs. Chess

Bejeweled 2 Deluxe

Best Buy pc app

Bing Bar

Bing Rewards Client Installer

Brain Train Age V3.91

Brutal Chess

Build-a-lot

ChargeableUSB

Chessmaster 9000

Chessmaster Grandmaster Edition

Chuzzle Deluxe

CloneDVD2

Codec

Complemento Messenger

Complément Messenger

ConverterLite 1.6.1

CyberLink MediaShow

CyberLink PhotoNow

CyberLink Power2Go

CyberLink PowerDirector

CyberLink PowerDVD 12

CyberLink PowerProducer

CyberLink YouCam

D3DX10

Diner Dash 2 Restaurant Rescue

Doplnok programu Messenger

DVD Shrink 3.2

DVD Shrink version 4.1

DVDFab 8.2.1.5 (10/10/2012) Qt

DVDneXtCOPYneXtTech

DVDStyler v2.3

Easy Content Share

Easy Display Manager

Easy Migration

Easy Network Manager

Easy SpeedUp Manager

EasyBatteryManager

EasyFileShare

ESET Online Scanner v3

ETDWare PS/2-X64 8.0.7.2_WHQL

Farm Frenzy

Fast Start

File Association Manager 0.1

Fotogalerija Windows Live

Free Sound Recorder v9.3.1

Galeria de Fotografias do Windows Live

Galeria fotografii uslugi Windows Live

Galerie de photos Windows Live

Galerie foto Windows Live

Galería fotográfica de Windows Live

GIMP 2.8.2

Graboid Video 3.28

iLivid

Insaniquarium Deluxe

Intel PROSet Wireless

Intel WiMAX Tutorial

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® PROSet/Wireless WiFi Software

Intel® Rapid Storage Technology

Intel® Wireless Display

Intel® PROSet/Wireless WiMAX Software

Internet Download Manager

Java 7 Update 9

Java Auto Updater

John Deere Drive Green

Junk Mail filter update

Magic ISO Maker v5.4 (build 0239)

MagicDisc 2.7.106

Malwarebytes Anti-Malware version 1.65.1.1000

MediaPlayerLite 0.4.1

Mesh Runtime

Messenger-kumppani

Messenger ??? ??

Messenger ????

Messenger ?????

Messenger Assistent

Messenger Companion

Messenger kíséro

Messenger Pratilac

Messenger Suradnik

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Games for Windows - LIVE

Microsoft Games for Windows - LIVE Redistributable

Microsoft Office 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Text-to-Speech Engine 4.0 (English)

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MindDabble Toolbar

Movie Color Enhancer

Mozilla Firefox 17.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Multimedia POP

NaturalReaderFree

NETGEAR Genie

NVIDIA Control Panel 266.10

NVIDIA Graphics Driver 266.10

NVIDIA Install Application

NVIDIA Optimus 1.0.11

NVIDIA Update Components

Peggle

Penguins!

Pirate101

Plants vs. Zombies

Poczta uslugi Windows Live

Podstawowe programy Windows Live

Polar Golfer

Pomocnik Messenger

Pošta Windows Live

QuickTime

Raccolta foto di Windows Live

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Renesas Electronics USB 3.0 Host Controller Driver

S?????? f?t???af??? t?? Windows Live

Samsung AnyWeb Print

Samsung Recovery Solution 5

Samsung Support Center

Samsung Universal Print Driver

Samsung Universal Scan Driver

Samsung Update Plus

Search-Results Toolbar

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Skype™ 5.10

SlimDrivers

Smart Defrag 2

Smart Driver Updater v3.0

SmartSound Quicktracks Plugin

Spotify

Spremljevalec Messenger

SRS Premium Sound Control Panel

The Ringtone Maker v5.2.9

Torch

Ulead VideoStudio 10

Ulead VideoStudio SE DVD

UMPlayer 0.98 [P4]

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

USB2.0 Grabber

User Guide

Vaudix

VIO Player version 1.2

VLC media player 1.0.1

WildTangent Games

WildTangent ORB Game Console

Windows Live

Windows Live ??

Windows Live ?? ???

Windows Live ???

Windows Live ????

Windows Live Communications Platform

Windows Live Essentials

Windows Live Fotótár

Windows Live Foto-galerija

Windows Live fotoattelu galerija

Windows Live Fotogalerie

Windows Live Fotogalleri

Windows Live Fotogaléria

Windows Live Fotograf Galerisi

Windows Live Galeria de Fotos

Windows Live Galerija fotografija

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Pošta

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Temel Parçalar

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Liven asennustyökalu

Windows Liven sähköposti

Windows Liven valokuvavalikoima

WinPalace

WinRAR 4.20 (64-bit)

WinZip Driver Updater

Xvid Video Codec

ZoneAlarm LTD Toolbar

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

12/31/2012 7:02:15 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

12/28/2012 7:41:55 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

12/28/2012 6:27:23 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x000000000000002c, 0x0000000000000002, 0x0000000000000001, 0xfffff88005a8cbfe). A dump was saved in: C:WindowsMEMORY.DMP. Report Id: 122812-16645-01.

12/27/2012 3:24:49 PM, Error: volsnap [35] - The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.

1/1/2013 3:48:08 PM, Error: Service Control Manager [7034] - The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 2 time(s).

1/1/2013 11:45:58 AM, Error: Service Control Manager [7034] - The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 1 time(s).

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites

Hello goofy1139

 

Thank you for the logs.

 

It looks like there have been a number of infected programs downloaded onto this machine.

  • Please work through the following steps

  • Hold down the Windows key (has the Windows symbol on it) and press the "R" key. A Run box will open. Type in Notepad and press Enter then click on "OK").
  • NOTE: Do not Use Wordpad or any other text editor except Notepad or the script will fail.
  • Copy and Paste the text in the quotebox below into the open Notepad window:

     

    File::

    C:\New folder (2)\Geek Squad Backup 07.09.2012\Downloads\Programs\DownloadSetup.exe

    C:\New folder (2)\Geek Squad Backup 07.09.2012\Downloads\Programs\DropDownDealsSmartSetup.exe

    C:\New folder (2)\Geek Squad Backup 07.09.2012\Downloads\Programs\DropDownDealsSmartSetup_2.exe

    C:\New folder (2)\Geek Squad Backup 07.09.2012\Downloads\Programs\PageRageSetupAff.exe

    C:\New folder (2)\Geek Squad Backup 07.09.2012\Downloads\Programs\xvidsetup.exe

    C:\New folder (2)\Geek Squad Backup 07.09.2012\Downloads\Programs\xvidsetup_2.exe

    C:\Program Files (x86)\Zuxxez\Battle vs. Chess\SKIDROW.dll

    C:\Users\Owner\Audio Record Wizard 3.99 Inc Crack - Mast3r-.rar

     

     

  • Save this as "CFScript.txt" (including the quotation marks), change the "Save as type" to "All Files" and save it to your desktop.
  • Close any open browsers.
  • Disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Refering to the picture below, drag CFScript.txt into ComboFix.exe

     

    Posted Image

  • When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
  • Once the log is produced, re-engage your resident anti virus.

Share this post


Link to post
Share on other sites

ComboFix 12-12-19.02 - Owner 01/06/2013 18:33:42.6.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6055.4282 [GMT -6:00]

Running from: c:usersOwnerDesktopComboFix.exe

Command switches used :: c:usersOwnerDesktopCFScript.txt

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDownloadSetup.exe"

"c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDropDownDealsSmartSetup.exe"

"c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDropDownDealsSmartSetup_2.exe"

"c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsPageRageSetupAff.exe"

"c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsxvidsetup.exe"

"c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsxvidsetup_2.exe"

"c:program files (x86)ZuxxezBattle vs. ChessSKIDROW.dll"

"c:usersOwnerAudio Record Wizard 3.99 Inc Crack - Mast3r-.rar"

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDownloadSetup.exe

c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDropDownDealsSmartSetup.exe

c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsDropDownDealsSmartSetup_2.exe

c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsPageRageSetupAff.exe

c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsxvidsetup.exe

c:new folder (2)Geek Squad Backup 07.09.2012DownloadsProgramsxvidsetup_2.exe

c:program files (x86)ZuxxezBattle vs. ChessSKIDROW.dll

c:usersOwnerAudio Record Wizard 3.99 Inc Crack - Mast3r-.rar

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------Legacy_NPF

-------Service_NPF

.

.

((((((((((((((((((((((((( Files Created from 2012-12-07 to 2013-01-07 )))))))))))))))))))))))))))))))

.

.

2013-01-07 00:46 . 2013-01-07 00:46 -------- d-----w- c:usersPublicAppDataLocaltemp

2013-01-07 00:46 . 2013-01-07 00:46 -------- d-----w- c:usersDefaultAppDataLocaltemp

2013-01-07 00:46 . 2013-01-07 00:46 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp

2013-01-05 17:43 . 2013-01-05 17:43 -------- d-----w- c:program files (x86)WBFS to ISO

2013-01-05 17:41 . 2013-01-05 17:41 -------- d-----w- c:usersOwnerAppDataLocalCoupon Companion Plugin

2013-01-05 17:41 . 2013-01-05 17:41 -------- d-----w- c:program files (x86)OApps

2013-01-05 17:41 . 2013-01-05 17:41 -------- d-----w- c:program files (x86)Coupon Companion Plugin

2013-01-05 17:41 . 2013-01-05 17:41 -------- d-----w- c:usersOwnerAppDataLocalWajam

2013-01-05 17:40 . 2013-01-05 17:41 -------- d-----w- c:program files (x86)Wajam

2013-01-04 17:34 . 2013-01-04 17:34 -------- d-----w- c:usersOwnerAppDataRoamingYahoo!

2013-01-04 17:34 . 2013-01-04 17:34 -------- d-----w- c:programdataYahoo! Companion

2013-01-04 17:34 . 2013-01-04 17:34 -------- d-----w- c:program files (x86)Yahoo!

2013-01-04 17:33 . 2013-01-04 17:33 -------- d-----w- c:programdataHP Product Assistant

2013-01-04 17:33 . 2013-01-04 17:33 -------- d-----w- c:windowsSysWow64spool

2013-01-04 17:32 . 2013-01-04 17:32 -------- d-----w- c:program files (x86)Common FilesHP

2013-01-04 17:32 . 2013-01-04 17:32 -------- d-----w- c:program files (x86)Common FilesHewlett-Packard

2013-01-04 17:32 . 2013-01-04 17:32 -------- d-----w- c:windowshpoj4500g510a-f

2013-01-04 17:31 . 2013-01-04 17:34 -------- d-----w- c:program files (x86)HP

2013-01-04 17:29 . 2013-01-04 17:33 -------- d-----w- c:programdataHP

2013-01-04 12:36 . 2012-11-08 17:24 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{815A6954-172D-4B27-BDA6-DD421375ECF9}mpengine.dll

2013-01-02 19:47 . 2013-01-02 19:47 -------- d-----w- c:program files (x86)ESET

2012-12-28 15:33 . 2012-12-28 15:33 -------- d-----w- C:Hugo extras

2012-12-28 15:33 . 2012-12-28 15:33 -------- d-----w- C:Hugo

2012-12-26 14:13 . 2012-12-26 14:13 -------- d-----w- c:programdataboost_interprocess

2012-12-26 02:31 . 2012-12-31 16:16 -------- d-----w- c:usersOwnerAppDataRoamingMedia Player Lite

2012-12-26 02:28 . 2012-12-30 03:04 -------- d-----w- c:usersOwnerAppDataRoamingFileAssociationManager

2012-12-26 02:28 . 2012-12-26 02:28 -------- d-----w- c:program files (x86)FileAssociationManager

2012-12-26 02:27 . 2012-12-26 02:27 -------- d-----w- c:program files (x86)MediaPlayerLite

2012-12-26 00:57 . 2012-12-26 00:57 -------- d-----w- C:toolbarImages

2012-12-26 00:56 . 2012-12-26 00:57 -------- d-----w- c:usersOwnerAppDataLocalTorch

2012-12-25 19:54 . 2012-12-25 19:54 -------- d-----w- c:programdataBrowser Manager

2012-12-25 17:28 . 2012-06-27 19:26 773968 ----a-w- c:windowssystem32msvcr100.dll

2012-12-25 17:28 . 2012-12-25 17:28 -------- d-----w- c:programdataWincert

2012-12-25 17:27 . 2012-12-25 17:28 -------- d-----w- c:program files (x86)Search Results Toolbar

2012-12-25 17:27 . 2012-12-26 00:56 -------- d-----w- c:usersOwnerAppDataLocaliLivid

2012-12-23 17:43 . 2012-12-23 17:43 -------- d-----w- C:ted dvd files

2012-12-21 18:33 . 2012-12-29 21:41 -------- d-----w- c:usersOwnerAppDataRoamingdvdcss

2012-12-21 09:00 . 2012-12-16 17:11 46080 ----a-w- c:windowssystem32atmlib.dll

2012-12-21 09:00 . 2012-12-16 14:45 367616 ----a-w- c:windowssystem32atmfd.dll

2012-12-21 09:00 . 2012-12-16 14:13 295424 ----a-w- c:windowsSysWow64atmfd.dll

2012-12-21 09:00 . 2012-12-16 14:13 34304 ----a-w- c:windowsSysWow64atmlib.dll

2012-12-16 22:46 . 2012-10-30 23:51 370288 ----a-w- c:windowssystem32driversaswSP.sys

2012-12-16 22:46 . 2012-10-30 23:51 25232 ----a-w- c:windowssystem32driversaswFsBlk.sys

2012-12-16 22:46 . 2012-10-15 16:59 54072 ----a-w- c:windowssystem32driversaswRdr2.sys

2012-12-16 22:46 . 2012-10-30 23:51 59728 ----a-w- c:windowssystem32driversaswTdi.sys

2012-12-16 22:46 . 2012-10-30 23:51 984144 ----a-w- c:windowssystem32driversaswSnx.sys

2012-12-16 22:46 . 2012-10-30 23:51 71600 ----a-w- c:windowssystem32driversaswMonFlt.sys

2012-12-16 22:46 . 2012-10-30 23:51 41224 ----a-w- c:windowsavastSS.scr

2012-12-16 22:45 . 2012-10-30 23:50 227648 ----a-w- c:windowsSysWow64aswBoot.exe

2012-12-16 22:06 . 2012-12-16 22:07 -------- d-----w- c:usersOwnerAppDataLocalNETGEARGenie

2012-12-16 22:06 . 2012-12-16 22:06 369168 ----a-w- c:windowssystem32wpcap.dll

2012-12-16 22:06 . 2012-12-16 22:06 35344 ----a-w- c:windowssystem32driversnpf.sys

2012-12-16 22:06 . 2012-12-16 22:06 106000 ----a-w- c:windowssystem32packet.dll

2012-12-16 22:06 . 2012-12-16 22:06 -------- d-----w- c:program files (x86)NETGEAR Genie

2012-12-14 20:48 . 2012-12-14 20:48 -------- d-----w- c:program files (x86)uTorrent

2012-12-14 13:06 . 2012-11-14 07:06 17811968 ----a-w- c:windowssystem32mshtml.dll

2012-12-14 13:06 . 2012-11-14 06:32 10925568 ----a-w- c:windowssystem32ieframe.dll

2012-12-13 11:57 . 2012-11-02 05:59 478208 ----a-w- c:windowssystem32dpnet.dll

2012-12-13 11:57 . 2012-11-02 05:11 376832 ----a-w- c:windowsSysWow64dpnet.dll

2012-12-12 21:34 . 2012-12-13 00:47 -------- d-----w- c:usersOwnerAppDataRoamingatunes

2012-12-12 21:33 . 2012-12-12 21:33 -------- d-----w- c:program files (x86)aTunes

2012-12-12 17:44 . 2012-12-12 17:44 -------- d-----w- c:program files (x86)CheckPoint

2012-12-10 15:12 . 2012-12-10 15:12 -------- d-----w- C:FRACTURE EXTRAS

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-01-07 00:50 . 2012-11-14 20:30 15712 ----a-w- c:windowssystem32driversSWDUMon.sys

2012-12-26 01:25 . 2012-10-17 13:39 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCore-2Microsoft.MediaCenter.Sports.UI.dll

2012-12-26 01:25 . 2012-10-06 20:26 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkupmarkup.dll

2012-12-26 01:25 . 2012-10-06 20:26 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSMStartResources.dll

2012-12-14 13:10 . 2012-07-25 12:45 67413224 ----a-w- c:windowssystem32MRT.exe

2012-12-12 17:57 . 2012-07-31 00:28 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe

2012-12-12 17:57 . 2012-07-31 00:28 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl

2012-11-24 01:35 . 2012-10-06 20:26 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll

2012-11-15 01:51 . 2012-11-15 01:51 62976 ----a-w- c:windowssystem32TSWbPrxy.exe

2012-11-15 01:51 . 2012-11-15 01:51 57856 ----a-w- c:windowssystem32driversTsUsbFlt.sys

2012-11-15 01:51 . 2012-11-15 01:51 5773824 ----a-w- c:windowssystem32mstscax.dll

2012-11-15 01:51 . 2012-11-15 01:51 54272 ----a-w- c:windowssystem32MsRdpWebAccess.dll

2012-11-15 01:51 . 2012-11-15 01:51 4916224 ----a-w- c:windowsSysWow64mstscax.dll

2012-11-15 01:51 . 2012-11-15 01:51 46592 ----a-w- c:windowsSysWow64MsRdpWebAccess.dll

2012-11-15 01:51 . 2012-11-15 01:51 44032 ----a-w- c:windowssystem32tsgqec.dll

2012-11-15 01:51 . 2012-11-15 01:51 43520 ----a-w- c:windowssystem32TsUsbGDCoInstaller.dll

2012-11-15 01:51 . 2012-11-15 01:51 384000 ----a-w- c:windowssystem32wksprt.exe

2012-11-15 01:51 . 2012-11-15 01:51 37376 ----a-w- c:windowsSysWow64tsgqec.dll

2012-11-15 01:51 . 2012-11-15 01:51 322560 ----a-w- c:windowssystem32aaclient.dll

2012-11-15 01:51 . 2012-11-15 01:51 3174912 ----a-w- c:windowssystem32rdpcorets.dll

2012-11-15 01:51 . 2012-11-15 01:51 269312 ----a-w- c:windowsSysWow64aaclient.dll

2012-11-15 01:51 . 2012-11-15 01:51 243200 ----a-w- c:windowssystem32rdpudd.dll

2012-11-15 01:51 . 2012-11-15 01:51 228864 ----a-w- c:windowssystem32rdpendp_winip.dll

2012-11-15 01:51 . 2012-11-15 01:51 19456 ----a-w- c:windowssystem32driversrdpvideominiport.sys

2012-11-15 01:51 . 2012-11-15 01:51 192000 ----a-w- c:windowsSysWow64rdpendp_winip.dll

2012-11-15 01:51 . 2012-11-15 01:51 18432 ----a-w- c:windowssystem32wksprtPS.dll

2012-11-15 01:51 . 2012-11-15 01:51 16896 ----a-w- c:windowsSysWow64wksprtPS.dll

2012-11-15 01:51 . 2012-11-15 01:51 15360 ----a-w- c:windowssystem32RdpGroupPolicyExtension.dll

2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyExtension.dll

2012-11-15 01:51 . 2012-11-15 01:51 13312 ----a-w- c:windowssystem32TsUsbRedirectionGroupPolicyControl.exe

2012-11-15 01:51 . 2012-11-15 01:51 1123840 ----a-w- c:windowssystem32mstsc.exe

2012-11-15 01:51 . 2012-11-15 01:51 1048064 ----a-w- c:windowsSysWow64mstsc.exe

2012-11-15 01:50 . 2012-11-15 01:50 96768 ----a-w- c:windowsSysWow64sspicli.dll

2012-11-15 01:50 . 2012-11-15 01:50 458712 ----a-w- c:windowssystem32driverscng.sys

2012-11-15 01:50 . 2012-11-15 01:50 340992 ----a-w- c:windowssystem32schannel.dll

2012-11-15 01:50 . 2012-11-15 01:50 307200 ----a-w- c:windowssystem32ncrypt.dll

2012-11-15 01:50 . 2012-11-15 01:50 247808 ----a-w- c:windowsSysWow64schannel.dll

2012-11-15 01:50 . 2012-11-15 01:50 220160 ----a-w- c:windowsSysWow64ncrypt.dll

2012-11-15 01:50 . 2012-11-15 01:50 22016 ----a-w- c:windowsSysWow64secur32.dll

2012-11-15 01:50 . 2012-11-15 01:50 154480 ----a-w- c:windowssystem32driversksecpkg.sys

2012-11-15 01:50 . 2012-11-15 01:50 1448448 ----a-w- c:windowssystem32lsasrv.dll

2012-11-15 01:49 . 2012-11-15 01:49 514560 ----a-w- c:windowsSysWow64qdvd.dll

2012-11-15 01:49 . 2012-11-15 01:49 366592 ----a-w- c:windowssystem32qdvd.dll

2012-11-14 20:32 . 2012-11-14 20:32 30568 ----a-w- c:windowssystem32driversavgtpx64.sys

2012-11-01 18:31 . 2012-11-01 18:31 40712 ----a-w- c:windowssystem32driverstaphss6.sys

2012-11-01 18:25 . 2012-11-01 18:25 42248 ----a-w- c:windowssystem32drivershssdrv6.sys

2012-10-30 23:50 . 2012-08-03 22:43 285328 ----a-w- c:windowssystem32aswBoot.exe

2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:windowsSysWow64QuickTimeVR.qtx

2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:windowsSysWow64QuickTime.qts

2012-10-22 22:34 . 2012-10-22 22:34 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll

2012-10-22 22:34 . 2012-10-22 22:35 821736 ----a-w- c:windowsSysWow64npDeployJava1.dll

2012-10-22 22:34 . 2012-10-22 22:35 746984 ----a-w- c:windowsSysWow64deployJava1.dll

2012-10-17 13:39 . 2012-10-17 13:39 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkup-2markup.dll

2012-10-17 13:37 . 2012-10-17 13:37 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSM-2StartResources.dll

2012-10-16 08:38 . 2012-12-13 11:57 135168 ----a-w- c:windowsapppatchAppPatch64AcXtrnal.dll

2012-10-16 08:38 . 2012-12-13 11:57 350208 ----a-w- c:windowsapppatchAppPatch64AcLayers.dll

2012-10-16 07:39 . 2012-12-13 11:57 561664 ----a-w- c:windowsapppatchAcLayers.dll

2012-10-09 18:17 . 2012-11-15 12:36 55296 ----a-w- c:windowssystem32dhcpcsvc6.dll

2012-10-09 18:17 . 2012-11-15 12:36 226816 ----a-w- c:windowssystem32dhcpcore6.dll

2012-10-09 17:40 . 2012-11-15 12:36 44032 ----a-w- c:windowsSysWow64dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-15 12:36 193536 ----a-w- c:windowsSysWow64dhcpcore6.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{11111111-1111-1111-1111-110211181104}]

2013-01-05 17:41 613376 ----a-w- c:program files (x86)Coupon Companion PluginCoupon Companion Plugin.dll

.

[HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{300BEC06-B743-4D19-86B9-11DC711D7FFB}]

2013-01-05 17:41 483328 ----a-w- c:program files (x86)OAppsSelectionLinks.dll

.

[HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}]

.

[HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE}]

c:programdataVaudix508d42f54b62d.ocx [bU]

.

[HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{f34c9277-6577-4dff-b2d7-7d58092f272f}]

2012-09-24 23:01 89288 ----a-w- c:progra~2SEARCH~1DatamngrSRTOOL~1searchresultsDx.dll

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar]

"{f34c9277-6577-4dff-b2d7-7d58092f272f}"= "c:progra~2SEARCH~1DatamngrSRTOOL~1searchresultsDx.dll" [2012-09-24 89288]

.

[HKEY_CLASSES_ROOTclsid{f34c9277-6577-4dff-b2d7-7d58092f272f}]

.

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"IDMan"="c:program files (x86)Internet Download ManagerIDMan.exe" [2012-09-01 3528128]

"Xvid"="c:program files (x86)XvidCheckUpdate.exe" [2011-01-17 8192]

"Spotify Web Helper"="c:usersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe" [2012-10-28 1199576]

"NETGEARGenie"="c:program files (x86)NETGEAR GeniebinNETGEARGenie.exe" [2012-10-16 1041736]

"AnyDVD"="c:program files (x86)SlySoftAnyDVDAnyDVDtray.exe" [2012-12-20 6750448]

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]

"CLMLServer"="c:program files (x86)CyberLinkPower2GoCLMLSvc.exe" [2009-11-02 103720]

"Samsung PanelMgr"="c:windowsSamsungPanelMgrSSMMgr.exe" [2010-06-08 618496]

"UVS10 Preload"="c:program files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe" [2006-03-07 36864]

"UpdatePPShortCut"="c:program files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" [2009-05-20 222504]

"Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-27 919008]

"SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848]

"APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-10-12 59280]

"PowerDVD12DMREngine"="c:program files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [2012-09-19 505872]

"PowerDVD12Agent"="c:program files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [2012-09-19 374560]

"QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-10-25 421888]

"avast"="c:program filesAVAST SoftwareAvastavastUI.exe" [2012-10-30 4297136]

"MindDabble Search Scope Monitor"="c:progra~2MINDDA~2bar2.bin4psrchmn.exe" [2012-12-26 42536]

"HP Software Update"="c:program files (x86)HPHP Software UpdateHPWuSchd2.exe" [2007-05-08 54840]

.

c:usersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

MagicDisc.lnk - c:program files (x86)MagicDiscMagicDisc.exe [2012-9-15 576000]

.

c:programdataMicrosoftWindowsStart MenuProgramsStartup

HP Digital Imaging Monitor.lnk - c:program files (x86)HPDigital Imagingbinhpqtra08.exe [2009-5-21 275768]

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:progra~2SEARCH~1Datamngrdatamngr.dll c:progra~2SEARCH~1DatamngrIEBHO.dll c:windowsSysWOW64nvinit.dll

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32]

"wave6"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576]

R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944]

R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:windowssystem32DRIVERSAVerPola.sys [2011-01-04 534144]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:program filesIntelWiFibinPanDhcpDns.exe [2011-01-05 340240]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2012-11-15 19456]

R3 Samsung UPD Service;Samsung UPD Service;c:windowsSystem32SUPDSvc.exe [2010-08-09 166704]

R3 StkCMini;Syntek AVStream USB2.0 ATV;c:windowssystem32DriversStkCMini.sys [2010-04-16 1816968]

R3 taphss6;Anchorfree HSS VPN Adapter;c:windowssystem32DRIVERStaphss6.sys [2012-11-01 40712]

R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2012-11-15 57856]

R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2012-07-25 1255736]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32DRIVERSwdcsam64.sys [2008-05-06 14464]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 57184]

S0 nvpciflt;nvpciflt;c:windowssystem32DRIVERSnvpciflt.sys [2010-12-14 25576]

S0 SmartDefragDriver;SmartDefragDriver;c:windowsSystem32DriversSmartDefragDriver.sys [2010-11-26 17720]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-14 30568]

S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:windowssystem32DriversSABI.sys [2009-05-28 13824]

S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34];c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-09-19 22:12 147704]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2012-10-30 71600]

S2 BBSvc;BingBar Service;c:program files (x86)MicrosoftBingBar7.1.361.0BBSvc.exe [2012-02-10 193816]

S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-09-19 90640]

S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-09-19 78352]

S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-09-19 295440]

S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:program filesIntelWiMAXBinDMAgent.exe [2011-06-06 498688]

S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.sys [2012-08-02 158944]

S2 MindDabble_4pService;MindDabbleService;c:progra~2MINDDA~2bar2.bin4pbarsvc.exe [2012-12-26 42504]

S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:program files (x86)NETGEAR GeniebinNETGEARGenieDaemon64.exe [2012-09-25 231752]

S2 nlsX86cc;Nalpeiron Licensing Service;c:windowsSysWOW64nlssrv32.exe [2010-11-22 66560]

S2 ntk_PowerDVD12;ntk_PowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-06-20 83704]

S2 UNS;Intel® Management and Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-10-06 2655768]

S2 WajamUpdater;WajamUpdater;c:program files (x86)WajamUpdaterWajamUpdater.exe [2012-10-05 109064]

S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:program filesIntelWiMAXBinAppSrv.exe [2011-06-06 986112]

S3 BBUpdate;BBUpdate;c:program files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe [2012-02-10 240408]

S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:windowssystem32DRIVERSbpenum.sys [2011-05-19 84480]

S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:windowssystem32DRIVERSbpmp.sys [2011-05-19 182272]

S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:windowssystem32Driversbpusb.sys [2011-05-19 83968]

S3 clwvd;CyberLink WebCam Virtual Driver;c:windowssystem32DRIVERSclwvd.sys [2010-11-10 31088]

S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys [2010-11-12 138024]

S3 IntcDAud;Intel® Display Audio;c:windowssystem32DRIVERSIntcDAud.sys [2010-10-15 317440]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:windowssystem32DRIVERSnusb3hub.sys [2010-10-11 80384]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:windowssystem32DRIVERSnusb3xhc.sys [2010-10-11 180736]

S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2011-06-10 539240]

S3 wdkmd;Intel WiDi KMD;c:windowssystem32DRIVERSWDKMD.sys [2010-11-30 42392]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - NPF

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionsvchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

.

2013-01-07 c:windowsTasksAdobe Flash Player Updater.job

- c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-31 17:57]

.

2013-01-07 c:windowsTasksSlimDrivers Startup.job

- c:program files (x86)SlimDriversSlimDrivers.exe [2012-10-14 21:29]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}]

2012-10-30 23:50 133400 ----a-w- c:program filesAVAST SoftwareAvastashShA64.dll

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersIDM Shell Extension]

@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"

[HKEY_CLASSES_ROOTCLSID{CDC95B92-E27C-4745-A8C5-64A52A78855D}]

2012-02-08 00:49 23432 ----a-w- c:program files (x86)Internet Download ManagerIDMShellExt64.dll

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"IgfxTray"="c:windowssystem32igfxtray.exe" [2011-01-04 167960]

"HotKeysCmds"="c:windowssystem32hkcmd.exe" [2011-01-04 391704]

"Persistence"="c:windowssystem32igfxpers.exe" [2011-01-04 417304]

"RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2010-11-30 11660904]

"IntelWireless"="c:program filesCommon FilesIntelWirelessCommoniFrmewrk.exe" [2011-01-05 1933584]

"ETDCtrl"="c:program files (x86)ElantechETDCtrl.exe" [bU]

"IntelWirelessWiMAX"="c:program filesIntelWiMAXBinWiMAXCU.exe" [2011-06-02 1622016]

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]

"AppInit_DLLs"=c:progra~2SEARCH~1Datamngrx64datamngr.dll c:progra~2SEARCH~1Datamngrx64IEBHO.dll c:windowsSystem32nvinitx.dll

.

------- Supplementary Scan -------

.

uLocal Page = c:windowssystem32blank.htm

uStart Page = hxxp://www.searchnu.com/406

mStart Page = hxxp://samsung.msn.com

mLocal Page = c:windowsSysWOW64blank.htm

IE: Download all links with IDM - c:program files (x86)Internet Download ManagerIEGetAll.htm

IE: Download with IDM - c:program files (x86)Internet Download ManagerIEExt.htm

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default

FF - prefs.js: browser.startup.homepage - hxxp://www.searchnu.com/406

FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=287&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=5893014922044063&o=APN10645&q=

FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com

FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com

FF - ExtSQL: 2012-12-16 16:53; wrc@avast.com; c:program filesAVAST SoftwareAvastWebRepFF

FF - ExtSQL: 2012-12-25 11:28; {f34c9277-6577-4dff-b2d7-7d58092f272f}; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions{f34c9277-6577-4dff-b2d7-7d58092f272f}

FF - ExtSQL: 2012-12-25 11:28; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:program files (x86)Search Results ToolbarDatamngrFirefoxExtension

FF - ExtSQL: 2013-01-04 11:34; smartwebprinting@hp.com; c:program files (x86)HPDigital ImagingSmart Web PrintingMozillaAddOn3

FF - ExtSQL: 2013-01-05 11:41; plugin@selectionlinks.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensionsplugin@selectionlinks.com

FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:program files (x86)MindDabble_4pbar2.bin

FF - ExtSQL: !HIDDEN! 2012-12-25 11:28; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:program files (x86)Search Results ToolbarDatamngrFirefoxExtension

FF - ExtSQL: !HIDDEN! 2013-01-04 11:34; smartwebprinting@hp.com; c:program files (x86)HPDigital ImagingSmart Web PrintingMozillaAddOn3

user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Toolbar-10 - (no file)

Toolbar-10 - (no file)

AddRemove-{681002C6-5019-81A2-7871-A43754F71E56} - c:programdataVaudixuninstall.exe

.

.

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001services{73526619-C24F-470B-9BED-53D455FBB5C6}]

"ImagePath"="??c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"scansk"=hex(0):c5,88,12,3d,a1,66,02,aa,b6,69,27,77,2a,36,ce,6b,62,5d,c5,5b,dd,

32,c3,0e,3c,fd,35,14,a9,f8,c3,8a,76,15,a2,42,fb,fb,4e,66,00,00,00,00,00,00,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]

@Denied: (Full) (Everyone)

"scansk"=hex(0):92,20,a6,2c,ac,da,97,ad,d1,24,a3,f8,5b,7f,d7,fc,ab,59,6e,1b,bf,

51,95,0a,ae,4d,7b,37,63,5b,fa,ad,73,d0,1a,32,83,42,de,9e,00,00,00,00,00,00,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{b5572adb-f71b-41a1-ad6e-0832b120e9ea}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"Model"=dword:000000f0

"Therad"=dword:0000001e

"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,

38,95,44,85,b1,12,f9,90,dd,23,a1,46,8f,3c,f2,5c,68,ee,21,c4,91,5d,38,fc,54,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{c9fa1039-b2b9-4ecb-85ad-32f7d18bc0ed}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"Model"=dword:0000012c

"Therad"=dword:00000001

"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,

1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32]

@="c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32]

@="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_135.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:program filesAVAST SoftwareAvastAvastSvc.exe

c:program files (x86)Common FilesAdobeARM1.0armsvc.exe

c:program files (x86)IObitSmart Defrag 2SmartDefrag.exe

c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe

c:program files (x86)CyberLinkShared filesRichVideo.exe

c:program files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe

c:program files (x86)SamsungEasy Display ManagerWifiManager.exe

c:program files (x86)CyberLinkYouCamYCMMirage.exe

c:program files (x86)SAMSUNGEasySpeedUpManagerEasySpeedUpManager.exe

c:program files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe

c:program files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe

c:program files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe

c:program files (x86)SamsungSamsung Support CenterSSCKbdHk.exe

c:program files (x86)SamsungSamsung Update PlusSUPBackground.exe

.

**************************************************************************

.

Completion time: 2013-01-06 19:05:02 - machine was rebooted

ComboFix-quarantined-files.txt 2013-01-07 01:04

ComboFix2.txt 2012-12-20 00:53

ComboFix3.txt 2012-12-19 19:31

ComboFix4.txt 2012-12-18 18:54

ComboFix5.txt 2013-01-07 00:30

.

Pre-Run: 76,447,506,432 bytes free

Post-Run: 76,018,339,840 bytes free

.

- - End Of File - - 508483E5C4C2B9B0765BA8977E257860

Share this post


Link to post
Share on other sites

Hello goofy1139

 

You are becoming reinfected between posts :(

 

I know it is difficult, but it is important to keep delays between posting to a minimum since when you use your machine you are becoming reinfected.

 

Please try to keep your browsing to an absolute minimum while we work together.

 

I need to check out a couple of files before we continue:

 

Please scan the following with Virustotal and post the links to the results pages in your next reply:

 

 

c:\program files (x86)\Wajam\Updater\WajamUpdater.exe

 

c:\progra~2\MINDDA~2\bar\2.bin\4psrchmn.exe

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...