Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PUP Virus Infection Also


  • Please log in to reply
No replies to this topic

#1 bregister45

bregister45

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:16 PM

Posted 11 October 2013 - 04:59 AM

Hey Broni, 
 
My computer seems to be infected with this virus. I have run all of the programs you suggested except Rkill, which is giving me an error: the command prompt says "Appdata doesn't exist! Rkill terminated". and a popup says "There was a problem retrieving the necessary environment variable: appdata. Rkill has terminated.
 
Malwarebytes detected and supposedly removed the files associated with flv player, but the ads and popups are still present.
 
Any advice you could give would be greatly appreciated.
 
Here are the logs I have:
 
 
 Results of screen317's Security Check version 0.99.74  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Microsoft Security Essentials      
AVG Anti-Virus Free Edition 2012   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java™ 6 Update 39  
 Visual Studio Extensions for Windows Library for JavaScript 
 Java version out of Date! 
 Adobe Flash Player 11.9.900.117  
 Adobe Reader 10.1.8 Adobe Reader out of Date!  
 Mozilla Firefox (6.0.2) 
 Google Chrome 29.0.1547.76  
 Google Chrome 30.0.1599.69  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes Anti-Malware mbam.exe  
 AVG avgwdsvc.exe 
 AVG avgtray.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 
 
 
 
 
Farbar Service Scanner Version: 13-09-2013
Ran by Reggie (administrator) on 09-10-2013 at 18:56:24
Running from "C:\Users\Reggie\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
 
 
 
MiniToolBox by Farbar  Version: 13-07-2013
Ran by Reggie (administrator) on 09-10-2013 at 19:36:15
Running from "C:\Users\Reggie\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
========================= FF Proxy Settings: ============================== 
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set subinterface interface=?) subinterface=ethernet_6 mtu=1477
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Reggie-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : tampabay.rr.com
 
Wireless LAN adapter Wireless Network Connection 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 8C-A9-82-A8-A3-39
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 8C-A9-82-A8-A3-39
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : tampabay.rr.com
   Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
   Physical Address. . . . . . . . . : 8C-A9-82-A8-A3-38
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::70af:dc65:48ad:24bf%15(Preferred) 
   IPv4 Address. . . . . . . . . . . : 172.16.42.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, October 09, 2013 6:12:20 AM
   Lease Expires . . . . . . . . . . : Wednesday, October 09, 2013 8:14:08 PM
   Default Gateway . . . . . . . . . : 172.16.42.1
   DHCP Server . . . . . . . . . . . : 172.16.42.1
   DHCPv6 IAID . . . . . . . . . . . : 378317186
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-88-B5-97-B8-70-F4-18-CF-92
   DNS Servers . . . . . . . . . . . : 172.16.42.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Physical Address. . . . . . . . . : B8-70-F4-18-CF-92
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{AA99DD68-D94B-4B18-85E9-BBE99F1FBD3B}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.tampabay.rr.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : tampabay.rr.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{6079625A-D9F0-45BC-84C5-47758E6B9A4B}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{4FF057F3-1E5C-43D3-B624-9CF589BB16EC}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:2c74:70b2:5257:e3cc(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::2c74:70b2:5257:e3cc%18(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  172.16.42.1
 
Name:    google.com
Addresses:  2607:f8b0:4008:800::1000
 74.125.229.194
 74.125.229.195
 74.125.229.196
 74.125.229.197
 74.125.229.198
 74.125.229.199
 74.125.229.200
 74.125.229.201
 74.125.229.206
 74.125.229.192
 74.125.229.193
 
 
Pinging google.com [74.125.229.194] with 32 bytes of data:
Reply from 74.125.229.194: bytes=32 time=46ms TTL=49
Reply from 74.125.229.194: bytes=32 time=48ms TTL=49
 
Ping statistics for 74.125.229.194:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 46ms, Maximum = 48ms, Average = 47ms
Server:  UnKnown
Address:  172.16.42.1
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=87ms TTL=46
Reply from 98.139.183.24: bytes=32 time=95ms TTL=46
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 87ms, Maximum = 95ms, Average = 91ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 17...8c a9 82 a8 a3 39 ......Microsoft Virtual WiFi Miniport Adapter #2
 16...8c a9 82 a8 a3 39 ......Microsoft Virtual WiFi Miniport Adapter
 15...8c a9 82 a8 a3 38 ......Intel® WiFi Link 1000 BGN
 13...b8 70 f4 18 cf 92 ......Broadcom NetLink ™ Gigabit Ethernet
  1...........................Software Loopback Interface 1
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      172.16.42.1      172.16.42.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      172.16.42.0    255.255.255.0         On-link       172.16.42.2    281
      172.16.42.2  255.255.255.255         On-link       172.16.42.2    281
    172.16.42.255  255.255.255.255         On-link       172.16.42.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       172.16.42.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       172.16.42.2    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 18     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 18     58 2001::/32                On-link
 18    306 2001:0:9d38:90d7:2c74:70b2:5257:e3cc/128
                                    On-link
 15    281 fe80::/64                On-link
 18    306 fe80::/64                On-link
 18    306 fe80::2c74:70b2:5257:e3cc/128
                                    On-link
 15    281 fe80::70af:dc65:48ad:24bf/128
                                    On-link
  1    306 ff00::/8                 On-link
 18    306 ff00::/8                 On-link
 15    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/09/2013 07:35:29 PM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - The system cannot find the file specified.
 
Error: (10/09/2013 07:35:29 PM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - The system cannot find the file specified.
 
Error: (10/09/2013 06:55:57 PM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - The system cannot find the file specified.
 
Error: (10/09/2013 06:55:57 PM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - The system cannot find the file specified.
 
Error: (10/09/2013 06:54:09 PM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - The system cannot find the file specified.
 
Error: (10/09/2013 06:54:09 PM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - The system cannot find the file specified.
 
Error: (10/09/2013 06:53:28 PM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - The system cannot find the file specified.
 
Error: (10/09/2013 06:53:27 PM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - The system cannot find the file specified.
 
Error: (10/09/2013 06:31:07 PM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - The system cannot find the file specified.
 
Error: (10/09/2013 06:31:07 PM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - The system cannot find the file specified.
 
 
System errors:
=============
Error: (10/09/2013 06:15:25 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0x8000002a30\??\C:\Users\Reggie\ntuser.dat
 
Error: (10/09/2013 00:19:31 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (10/08/2013 11:11:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.1770.0).
 
Error: (10/08/2013 11:11:51 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.159.1713.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.2.0223.00
 
Source Path: 4.2.0223.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (10/08/2013 06:05:23 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (10/02/2013 07:23:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.1252.0).
 
Error: (10/02/2013 07:23:51 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.159.1090.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.2.0223.00
 
Source Path: 4.2.0223.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (09/30/2013 09:45:59 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0x8000002a30\??\C:\Users\Reggie\ntuser.dat
 
Error: (09/30/2013 09:45:06 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:28:47 PM on ?9/?30/?2013 was unexpected.
 
Error: (09/30/2013 08:51:00 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.159.995.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.2.0223.00
 
Source Path: 4.2.0223.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
 
Microsoft Office Sessions:
=========================
Error: (06/26/2012 00:58:36 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2476259 seconds with 13920 seconds of active time.  This session ended with a crash.
 
Error: (04/29/2012 04:24:48 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1614750 seconds with 8220 seconds of active time.  This session ended with a crash.
 
Error: (03/02/2012 07:35:03 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 234106 seconds with 2160 seconds of active time.  This session ended with a crash.
 
Error: (02/26/2012 04:50:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 2189772 seconds with 14580 seconds of active time.  This session ended with a crash.
 
Error: (10/12/2011 05:01:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 394982 seconds with 2700 seconds of active time.  This session ended with a crash.
 
Error: (09/04/2011 04:14:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 189199 seconds with 420 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2012-07-13 03:20:37.711
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-13 03:20:37.454
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-03-01 04:06:17.328
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-03-01 04:06:17.262
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-02-25 03:03:16.273
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-02-25 03:03:16.198
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-02-25 03:02:22.594
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-02-25 03:02:22.536
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-02-25 03:02:17.350
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-02-25 03:02:17.269
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 2.7.0.19530)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader X (10.1.8) (Version: 10.1.8)
AirPort (Version: 5.6.1.2)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
ASPCA Reminder by We-Care.com v4.0.16.1 (Version: 4.0.16.1)
AVG 2012 (Version: 12.0.2169)
AVG 2012 (Version: 12.0.2171)
AVG 2012 (Version: 12.0.2176)
AVG 2012 (Version: 12.0.2178)
AVG 2012 (Version: 12.0.2180)
AVG 2012 (Version: 12.0.2193)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2221)
AVG 2012 (Version: 12.0.2634)
AVG 2012 (Version: 12.0.3222)
AVG 2012 (Version: 12.1.2238)
AVG 2012 (Version: 12.1.2240)
AVG 2012 (Version: 12.1.2241)
AVG 2012 (Version: 12.1.2242)
AVG 2012 (Version: 2012.1.2242)
BitTorrent (Version: 7.8.1.30016)
BitTorrentControl_v12 Toolbar (Version: 6.9.0.16)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit NetLink Controller (Version: 14.6.1.4)
CCleaner (Version: 4.01)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.3.0297)
DivX Tech Preview: MKV on Windows 7
doPDF 7.2 printer
Dotfuscator and Analytics Community Edition (Version: 5.5.4357.28718)
DVDFab 8.1.0.5 (04/07/2011) Qt
Energy Management (Version: 6.0.2.0)
Free YouTube Download version 3.1.42.1212 (Version: 3.1.42.1212)
Free YouTube to MP3 Converter version 3.10.5.722
Google Chrome (Version: 30.0.1599.69)
Google Earth (Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4601.54)
Google Update Helper (Version: 1.3.21.153)
HP Officejet 4620 series Basic Device Software (Version: 28.0.1315.0)
HP Officejet 4620 series Help (Version: 6.0.0)
HP Officejet 4620 series Product Improvement Study (Version: 28.0.1315.0)
HP Photo Creations (Version: 1.0.0.9572)
HP Update (Version: 5.005.000.002)
HPDiagnosticAlert (Version: 1.00.0000)
I.R.I.S. OCR (Version: 12.3.4.0)
iBackupBot for iTunes 3.2.0 (Version: 3.2.0)
IIS 7.5 Express (Version: 7.5.1190)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2342)
Intel® PROSet/Wireless WiFi Software (Version: 14.0.2000)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
Intel® Wireless Display
Intel® Wireless Display (Version: 2.0.27.0)
iTunes (Version: 11.1.0.126)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 39 (Version: 6.0.390)
JDownloader 0.9 (Version: 0.9)
JMicron Flash Media Controller Driver (Version: 1.0.55.0)
Junk Mail filter update (Version: 15.4.3502.0922)
Lenovo Bluetooth with Enhanced Data Rate Software (Version: 6.3.0.7400)
Lenovo DirectShare (Version: 1.0.1.38)
Lenovo EasyCamera (Version: 1.10.1209.1)
Lenovo EE Boot Optimizer (Version: 0.0.1.7)
Lenovo Games Console (Version: 1.2.6.436)
Lenovo OneKey Recovery (Version: 7.0.1628)
Lenovo PowerDVD 10 (Version: 10.0.2318.52)
Lenovo R.I.C. (Robust Intelligent Companion) (Version: 1.0.10.1220)
Lenovo Smile Dock (Version: 2.0.251.1)
Lenovo YouCam (Version: 3.1.3728)
LocalESPC (Version: 8.37.0)
LocalESPCui for en-us (Version: 8.37.0)
Magic ISO Maker v5.4 (build 0239)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 Beta (Version: 4.5.50131)
Microsoft .NET Framework 4.5 Beta Multi-Targeting Pack (Version: 4.5.50131)
Microsoft .NET Framework 4.5 Beta SDK (Version: 4.5.50131)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft ASP.NET MVC 3 - Visual Studio 11 Tools Update (Version: 3.0.30118.0)
Microsoft ASP.NET MVC 3 (Version: 3.0.20105.0)
Microsoft ASP.NET MVC 4 - Visual Studio 11 Tools (Version: 4.0.20126.0)
Microsoft ASP.NET MVC 4 (Version: 4.0.20126.16343)
Microsoft ASP.NET Web Pages - Visual Studio 11 Tools (Version: 1.0.20126.0)
Microsoft ASP.NET Web Pages (Version: 1.0.20105.0)
Microsoft ASP.NET Web Pages 2 - Visual Studio 11 Tools (Version: 2.0.20126.0)
Microsoft ASP.NET Web Pages 2 (Version: 2.0.20126.16343)
Microsoft Blend for Visual Studio (Version: 5.0.30129.0)
Microsoft Blend for Visual Studio ENU resources (Version: 5.0.30129.0)
Microsoft Expression Encoder 4 Screen Capture Codec (Version: 4.0.4276.0)
Microsoft Help Viewer 2.0 Beta (Version: 2.0.50214)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Project 2007 Service Pack 3 (SP3)
Microsoft Office Project MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Project Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Portable Library Multi-Targeting Pack (Version: 11.0.50214.01)
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (Version: 11.0.50214.01)
Microsoft Report Viewer Add-On for Visual Studio 11 - Beta (Version: 11.0.1750.32)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Silverlight 4 SDK (Version: 4.0.50401.0)
Microsoft Silverlight 5 SDK (Version: 5.0.61118.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2012 Command Line Utilities RC0 (Version: 11.0.1913.38)
Microsoft SQL Server 2012 Data-Tier App Framework  (Version: 11.0.2100.55)
Microsoft SQL Server 2012 Express LocalDB RC0 (Version: 11.0.1913.38)
Microsoft SQL Server 2012 Management Objects RC0 (Version: 11.0.1913.38)
Microsoft SQL Server 2012 Management Objects RC0 (x64) (Version: 11.0.1913.38)
Microsoft SQL Server 2012 Native Client RC0 (Version: 11.0.1913.38)
Microsoft SQL Server 2012 Transact-SQL Compiler Service RC0 (Version: 11.0.1913.38)
Microsoft SQL Server 2012 Transact-SQL ScriptDom RC0 (Version: 11.0.1913.38)
Microsoft SQL Server 2012 T-SQL Language Service RC0 (Version: 11.0.1913.38)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU CTP1 (Version: 4.0.8854.1)
Microsoft SQL Server Data Tools Build Utilities Mar 2012 (Version: 11.1.20204.01)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft System CLR Types for SQL Server 2012 RC0 (Version: 11.0.1913.38)
Microsoft System CLR Types for SQL Server 2012 RC0 (x64) (Version: 11.0.1913.38)
Microsoft Visual C++ 11  Beta x64 Designtime - 11.0.50214 (Version: 11.0.50214)
Microsoft Visual C++ 11 x64 Additional Runtime - 11.0.50214 (Version: 11.0.50214)
Microsoft Visual C++ 11 x64 Debug Runtime - 11.0.50214 (Version: 11.0.50214)
Microsoft Visual C++ 11 x64 Minimum Runtime - 11.0.50214 (Version: 11.0.50214)
Microsoft Visual C++ 11 x86 Additional Runtime - 11.0.50214 (Version: 11.0.50214)
Microsoft Visual C++ 11 x86 Debug Runtime - 11.0.50214 (Version: 11.0.50214)
Microsoft Visual C++ 11 x86 Minimum Runtime - 11.0.50214 (Version: 11.0.50214)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ Compilers 11 - ENU Resources (Version: 11.0.50214)
Microsoft Visual C++ Compilers 11 (Version: 11.0.50214)
Microsoft Visual C++ Core Libraries 11 (Version: 11.0.50214)
Microsoft Visual C++ Extended Libraries 11 (Version: 11.0.50214)
Microsoft Visual C++ Microsoft Foundation Class Libraries 11 (Version: 11.0.50214)
Microsoft Visual Studio 11 Beta Tools for .Net 3.5 (Version: 3.5.50214)
Microsoft Visual Studio 11 Developer Preview Language Pack - ENU (Version: 11.0.50214)
Microsoft Visual Studio 11 Developer Preview Pre-Clean Tool (Version: 11.0.50214)
Microsoft Visual Studio 11 LightSwitch Beta Core (Version: 11.0.50214)
Microsoft Visual Studio 11 LightSwitch Beta CoreRes - ENU (Version: 11.0.50214)
Microsoft Visual Studio 11 Performance Collection Tools Beta - ENU (Version: 11.0.50214)
Microsoft Visual Studio 11 Performance Collection Tools Beta (Version: 11.0.50214)
Microsoft Visual Studio 11 Professional Beta - ENU (Version: 11.0.50214)
Microsoft Visual Studio 11 Professional Beta (Version: 11.0.50214)
Microsoft Visual Studio 11 SharePoint Developer Tools Beta (Version: 11.0.50214)
Microsoft Visual Studio 11 SharePoint Developer Tools Beta enu Language Pack (Version: 11.0.50214)
Microsoft Visual Studio 11 Tools for SQL Server Compact 4.0 SP1 Beta ENU (Version: 4.0.8854.1)
Microsoft Visual Studio 11 Ultimate Beta XAML UI Designer Core (Version: 11.0.50214)
Microsoft Visual Studio 11 Ultimate Beta XAML UI Designer enu Resources (Version: 11.0.50214)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50214)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Visual Studio Team Foundation Server 11 Beta Object Model (Version: 11.0.50214)
Microsoft Visual Studio Team Foundation Server 11 Beta Object Model Language Pack - ENU (Version: 11.0.50214)
Microsoft Visual Studio Team Foundation Server 11 Beta Team Explorer (Version: 11.0.50214)
Microsoft Visual Studio Team Foundation Server 11 Beta Team Explorer Language Pack - ENU (Version: 11.0.50214)
Microsoft Web Deploy 3.0 (Version: 3.1236.1310)
Microsoft Web Deploy dbSqlPackage Provider Nov 2011 (Version: 10.3.20116.0)
Microsoft Web Platform Installer 4.0 (Version: 4.0.1307)
Microsoft Web Tooling Extensions - Visual Studio 11 (Version: 1.0.30123.0)
Microsoft® SQL Server Data Tools, RC0 - enu (Version: 11.1.20204.01)
Mozilla Firefox 6.0.2 (x86 en-US) (Version: 6.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
NVIDIA 3D Vision Controller Driver (Version: 266.19)
NVIDIA 3D Vision Controller Driver 266.34 (Version: 266.34)
NVIDIA Control Panel 267.43 (Version: 267.43)
NVIDIA Graphics Driver 267.43 (Version: 267.43)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA Optimus 1.0.21 (Version: 1.0.21)
NVIDIA Update Components (Version: 1.0.21)
Oasis2Service 1.0 (Version: 1.0.0)
Onekey Theater (Version: 2.0.2.8)
ooVoo (Version: 2.2.4.25)
PDF-Viewer (Version: 2.5.211.0)
Power2Go (Version: 5.6.0.7108)
PreEmptive Analytics Visual Studio Components (Version: 1.0.0.0)
Prerequisites for SSDT RC0 (Version: 11.0.1913.38)
professional_finalizer (Version: 11.0.50214)
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 6.0.1.6339)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.30.0)
Rosetta Stone Version 3 (Version: 3.4.5.0)
Search Protection (Version: 7.5.0.1)
SQL Server Data Framework Tools (Version: 11.1.20204.01)
SRS Control Panel (Version: 1.11.0200)
StartNow Toolbar (Version: 2.5.0)
Steam (Version: 1.0.0.0)
StreamTorrent 1.0
Synaptics Pointing Device Driver (Version: 15.2.16.3)
Torque (Version: 4.2.5.28819)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Project 2007 Help (KB963668)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
UserGuide (Version: 1.0.0.6)
VeriFace (Version: 4.0.1.0126)
VirtualCloneDrive
Visual Studio 11 Prerequisites - ENU Language Pack (Version: 11.0.50214)
Visual Studio 11 Prerequisites (Version: 11.0.50214)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio Extensions for Windows Library for JavaScript (Version: 0.6.8229.0)
VLC media player 2.0.6 (Version: 2.0.6)
vs_devenv (Version: 11.0.50214)
vs_devenvLP (Version: 11.0.50214)
vs_lightswitchserverprereqsmsi (Version: 11.0.50214)
vs_minshellcore (Version: 11.0.50214)
vs_minshellinterop (Version: 11.0.50214)
vs_minshellres (Version: 11.0.50214)
vslp_finalizer (Version: 11.0.50214)
WCF RIA Services V1.0 SP2 (Version: 4.1.61406.0)
Windows App Certification Kit (Version: 8.37.0)
Windows Driver Package - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1) (Version: 12/02/2010 6.1.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Runtime Intellisense Content - English (Version: 8.37.0)
Windows Software Development Kit (Version: 8.37.0)
Windows Software Development Kit DirectX x64 Remote (Version: 8.37.0)
Windows Software Development Kit DirectX x86 Remote (Version: 8.37.0)
Windows Software Development Kit for Metro style Apps (Version: 8.37.0)
Windows Software Development Kit for Metro style Apps DirectX x64 Remote (Version: 8.37.0)
Windows Software Development Kit for Metro style Apps DirectX x86 Remote (Version: 8.37.0)
Windows Software Development Kit Redistributables (Version: 8.37.0)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
Wondershare Dr.Fone(Build 1.0.2.5) (Version: 1.0.2.5)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 64%
Total physical RAM: 8135.86 MB
Available physical RAM: 2864.87 MB
Total Pagefile: 16269.9 MB
Available Pagefile: 10824.35 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.27 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:654.69 GB) (Free:99.71 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.23 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\REGGIE-PC
 
Administrator            Guest                    Reggie                   
UpdatusUser              
 
 
**** End of log ****
 
 
 
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.10.08.09
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Reggie :: REGGIE-PC [administrator]
 
10/8/2013 8:33:55 PM
mbam-log-2013-10-08 (20-33-55).txt
 
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 562958
Time elapsed: 3 hour(s), 11 minute(s), 31 second(s)
 
Memory Processes Detected: 1
C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe (PUP.Optional.SweetPacks.A) -> 2796 -> Delete on reboot.
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 9
HKLM\SYSTEM\CurrentControlSet\Services\Updater Service for StartNow Toolbar (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCR\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCR\IEHelperv250.WeCareReminder.1 (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCR\IEHelperv250.WeCareReminder (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 5
C:\Program Files (x86)\DealPly (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Users\Reggie\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Reggie\AppData\Roaming\OpenCandy\41129A0147FD4E819EE8F3013414DCAA (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Reggie\AppData\Roaming\OpenCandy\59BEB226F1E542E0822ADA9C3470BAE3 (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Reggie\AppData\Roaming\OpenCandy\OpenCandy_59BEB226F1E542E0822ADA9C3470BAE3 (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
 
Files Detected: 24
C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe (PUP.Optional.SweetPacks.A) -> Delete on reboot.
C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPly\vn-zugo.exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\ProgramData\WeCareReminder\ReminderHelper.exe (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\ProgramData\WeCareReminder\WCAutoUpdate.exe (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\Users\Reggie\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000f11 (PUP.Optional.Smart) -> Quarantined and deleted successfully.
C:\Users\Reggie\AppData\Roaming\OpenCandy\59BEB226F1E542E0822ADA9C3470BAE3\OpenCandySliderASPCA_20120302.msi (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\Users\Reggie\Downloads\Flash_Setup.exe (PUP.Optional.AirInstaller) -> Quarantined and deleted successfully.
C:\Users\Reggie\Downloads\iLividSetup-r817-n-bc (1).exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Users\Reggie\Downloads\iLividSetup-r817-n-bc.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Users\Reggie\Downloads\PluginInstall (1).exe (MSIL.Solimba) -> Quarantined and deleted successfully.
C:\Users\Reggie\Downloads\PluginInstall.exe (MSIL.Solimba) -> Quarantined and deleted successfully.
C:\Users\Reggie\Downloads\setup (1).exe (PUP.Optional.Smart) -> Quarantined and deleted successfully.
C:\Users\Reggie\Downloads\setup.exe (PUP.Optional.Smart) -> Quarantined and deleted successfully.
C:\Users\Reggie\Downloads\web-play-product_setup.exe (PUP.Downware) -> Quarantined and deleted successfully.
C:\Windows\Installer\47e0ae66.msi (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I10S60RI\updater-startnow-200-2.5-d[1].exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPly\DealPly.crx (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DealPly\icon.ico (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Users\Reggie\AppData\Roaming\OpenCandy\41129A0147FD4E819EE8F3013414DCAA\TuneUpUtilities2013_2200318_en-US.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Reggie\AppData\Roaming\OpenCandy\59BEB226F1E542E0822ADA9C3470BAE3\2487.ico (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Reggie\AppData\Roaming\OpenCandy\59BEB226F1E542E0822ADA9C3470BAE3\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Reggie\AppData\Roaming\OpenCandy\59BEB226F1E542E0822ADA9C3470BAE3\OCBrowserHelper_1.0.3.85.dll (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Reggie\AppData\Roaming\OpenCandy\59BEB226F1E542E0822ADA9C3470BAE3\WeCare_ASPCA_Standard_p27v1.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
 
(end)
 
 
 
 
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1005
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 10.0.9200.16686
 
Java version: 1.6.0_39
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.995000 GHz
Memory total: 8531066880, free: 2893762560
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1005
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 10.0.9200.16686
 
Java version: 1.6.0_39
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.995000 GHz
Memory total: 8531066880, free: 2958131200
 
Downloaded database version: v2013.10.09.11
Downloaded database version: v2013.10.08.02
=======================================
Initializing...
------------ Kernel report ------------
     10/09/2013 20:29:00
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\wd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\DRIVERS\LhdX64.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\fbfmon.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx64.sys
\SystemRoot\system32\DRIVERS\avgidsha.sys
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\avgmfx64.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdia.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\drivers\winioex.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\BPntDrv.sys
\SystemRoot\system32\drivers\BOOTVID.dll
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\k57nd60a.sys
\SystemRoot\system32\DRIVERS\NETwNs64.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\nusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\jmcr.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\AcpiVpc.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\delayman.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\clwvd.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\DRIVERS\VClone.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\WDKMD.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\nusb3hub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\avgidsfiltera.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\avgidsdrivera.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\windows\system32\Drivers\rikvm_3A60B698.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80096fd790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-0\
Lower Device Object: 0xfffffa80078fa050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80096fd790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80096fd170, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80097d3040, DeviceName: Unknown, DriverName: \Driver\LHDmgr\
DevicePointer: 0xfffffa80096fd790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80078fa050, DeviceName: \Device\Ide\IAAStorageDevice-0\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\LHDmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 5E25BD3D
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 409600
    Partition file system is NTFS
    Partition is bootable
 
    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 411648  Numsec = 1372983296
 
    Partition 2 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1373394944  Numsec = 60811264
 
    Partition 3 type is Other (0x12)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1434206208  Numsec = 30942960
 
Disk Size: 750156374016 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1465129168-1465149168)...
Done!
Read File:  File "c:\programdata\avg2012\chjw\7cc6c5adc6c5684a.dat:8ffb1450-4faf-4b4c-8b16-051773cb370a" is sparse (flags = 32768)
Read File: File "C:\ProgramData\AVG2012\log\avgcore.log.1" is compressed (flags = 1)
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_2048_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished
 
 
 
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.10.08.09
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Reggie :: REGGIE-PC [administrator]
 
10/9/2013 6:31:19 PM
mbam-log-2013-10-09 (18-31-19).txt
 
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 559153
Time elapsed: 3 hour(s), 40 minute(s), 12 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users