Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Russian website visit - laptop is infected?


  • Please log in to reply
2 replies to this topic

#1 Lioness1009

Lioness1009

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:25 PM

Posted 04 December 2013 - 05:57 PM

Hi guys,

This is the second time within 2 months I get something nasty from a Russian website....

At fist it installed a browser called mediahit in silent mode and I hardly removed it.

Now I sense it still has some issue since I get access denied on stopping services and I am using the original Windows 7 built in admin account.

OS is Win 7 Ent. x64.

 

 

I used MalwareBytes, it found some PUP entries which I removed.

I have Avira premium, I did not scan fully with it yet. But it also did not pop up with a warning.

 

Here is the DDS log, thanks in advance!

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by cat at 0:48:38 on 2013-12-05
Microsoft Windows 7 Enterprise   6.1.7601.1.1255.972.1033.18.8104.5138 [GMT 2:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\BtwRSupportService.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\Explorer.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Download Manager\idmBroker.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sargui.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\cat.SuperCat\Downloads\Programs\HitmanPro_x64_2.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\cat.SuperCat\AppData\Local\Temp\fqxsdl.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
BHO: Adobe Acrobat Create PDF Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRunOnce: [GrpConv] grpconv -o
StartupFolder: C:\Users\CAT~1.SUP\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\_UNINS~1.LNK - C:\Users\cat.SuperCat\AppData\Local\Temp\_uninst_89158698.bat
uPolicies-Explorer: NoDriveTypeAutoRun = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableInstallerDetection = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableSecureUIAPaths = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: FilterAdministratorToken = dword:1
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: En&queue current page with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm
IE: Enqueue link tar&get with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm
IE: LastPass - C:\Users\cat.SuperCat\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - C:\Users\cat.SuperCat\AppData\LocalLow\LastPass\context.html?cmd=fillforms
IE: New &NetMark - C:\Program Files (x86)\NetMarks Manager\OpenNM.htm
IE: Open &link target with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm
IE: Open current page with BI&D - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebid.htm
IE: Open current page with BID Link Explorer - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
IE: {4B3520B0-D518-4443-BA9E-2D4CE7F773C5} - C:\Program Files (x86)\NetMarks Manager\NetMarks.exe
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
Trusted Zone: google-analytics.com
Trusted Zone: novastor.com
Trusted Zone: novastor.com
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{368C7B55-F49B-4E93-A5AC-9DB0BB44F09C} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{368C7B55-F49B-4E93-A5AC-9DB0BB44F09C}\34C4F45544 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{368C7B55-F49B-4E93-A5AC-9DB0BB44F09C}\E45445745414255373 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BC2BC1B8-F7F5-404E-8260-713B5A22BCF9} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BFEDAF8F-A09E-463E-948B-950B105A270C} : NameServer = 192.168.1.1
TCP: Interfaces\{BFEDAF8F-A09E-463E-948B-950B105A270C}\34C4F45544 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\cat.SuperCat\AppData\Roaming\Mozilla\Firefox\Profiles\9q5tt8ep.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - google.de
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072254&SearchSource=2&CUI=UN41957327285302703&UM=1&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\LastPass\nplastpass.dll
FF - plugin: C:\Program Files (x86)\LastPass\nplastpass64.dll
FF - plugin: C:\Program Files (x86)\Nitro\Pro 8\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro\Pro 8\npnitroie.dll
FF - plugin: C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll
FF - plugin: C:\Users\cat.SuperCat\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_3.dll
FF - ExtSQL: 2013-11-14 19:09; mozilla_cc@internetdownloadmanager.com; C:\Users\cat.SuperCat\AppData\Roaming\IDM\idmmzcc5
FF - ExtSQL: 2013-11-16 06:05; {524B8EF8-C312-11DB-8039-536F56D89593}; C:\Users\cat.SuperCat\AppData\Roaming\Mozilla\Firefox\Profiles\9q5tt8ep.default\extensions\{524B8EF8-C312-11DB-8039-536F56D89593}.xpi
FF - ExtSQL: 2013-11-16 19:04; IplextoALL@ALLPlayer.org; C:\Users\cat.SuperCat\AppData\Roaming\Mozilla\Firefox\Profiles\9q5tt8ep.default\extensions\IplextoALL@ALLPlayer.org.xpi
FF - ExtSQL: 2013-11-19 05:32; foxmarks@kei.com; C:\Users\cat.SuperCat\AppData\Roaming\Mozilla\Firefox\Profiles\9q5tt8ep.default\extensions\foxmarks@kei.com
FF - ExtSQL: 2013-11-21 09:01; vlc-plugin@videolan.org; C:\Users\cat.SuperCat\AppData\Roaming\Mozilla\Firefox\Profiles\9q5tt8ep.default\extensions\vlc-plugin@videolan.org.xpi
FF - ExtSQL: 2013-11-26 10:09; support@lastpass.com; C:\Users\cat.SuperCat\AppData\Roaming\Mozilla\Firefox\Profiles\9q5tt8ep.default\extensions\support@lastpass.com
FF - ExtSQL: 2013-11-27 15:55; jid0-XZn6pYCdV3ANrfYigxlyyGDrxAM@jetpack; C:\Users\cat.SuperCat\AppData\Roaming\Mozilla\Firefox\Profiles\9q5tt8ep.default\extensions\jid0-XZn6pYCdV3ANrfYigxlyyGDrxAM@jetpack.xpi
FF - ExtSQL: 2013-11-28 04:29; {e9df9360-97f8-4690-afe6-996c80790da4}; C:\Users\cat.SuperCat\AppData\Roaming\Mozilla\Firefox\Profiles\9q5tt8ep.default\extensions\{e9df9360-97f8-4690-afe6-996c80790da4}
.
============= SERVICES / DRIVERS ===============
.
R0 89158698;89158698;C:\Windows\System32\drivers\89158698.sys [2013-12-5 460888]
R0 ambakdrv;ambakdrv;C:\Windows\System32\ambakdrv.sys [2013-11-18 30648]
R0 EUBAKUP;EUBAKUP;C:\Windows\System32\drivers\eubakup.sys [2013-11-15 61000]
R0 EUBKMON;EUBKMON;C:\Windows\System32\drivers\EUBKMON.sys [2013-11-15 48200]
R0 hotcore3;hc3ServiceName;C:\Windows\System32\drivers\hotcore3.sys [2013-11-26 34056]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-11-28 32544]
R0 TWZDISK;TWZDISK;C:\Windows\System32\drivers\TWZDISK.sys [2013-11-25 74512]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2013-11-17 26176]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-12-4 28600]
R1 EUDSKACS;EUDSKACS;C:\Windows\System32\drivers\eudskacs.sys [2013-11-15 18504]
R1 EUFDDISK;EUFDDISK;C:\Windows\System32\drivers\EuFdDisk.sys [2013-11-15 189000]
R1 TWZFILE;TWZFILE;C:\Windows\System32\drivers\TWZFILE.sys [2013-11-25 44304]
R1 Uim_DEVIM;UIM Direct Device Image Plugin;C:\Windows\System32\drivers\uim_devim.sys [2013-11-15 25992]
R2 ammntdrv;ammntdrv;C:\Windows\System32\ammntdrv.sys [2013-11-18 151480]
R2 amwrtdrv;amwrtdrv;C:\Windows\System32\amwrtdrv.sys [2013-11-18 17848]
R2 AntiVirMailService;Avira Mail Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2013-12-4 972872]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-12-4 440376]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-12-4 440376]
R2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2013-12-4 1164360]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-12-4 106904]
R2 avnetflt;avnetflt;C:\Windows\System32\drivers\avnetflt.sys [2013-12-4 83160]
R2 BcmBtRSupport;Bluetooth Driver Management Service;C:\Windows\System32\BtwRSupportService.exe [2013-11-17 2255064]
R2 hmip;hmip;C:\Windows\System32\drivers\hmip64.sys [2013-11-18 30056]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2013-11-29 175480]
R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-12-1 83704]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-16 13832]
R2 WCMVCAM;WebcamMax, WDM Video Capture;C:\Windows\System32\drivers\wcmvcam64.sys [2012-4-15 1071032]
R3 A6200;NETGEAR A6200 WiFi Adapter Driver;C:\Windows\System32\drivers\BCMWLHIGH664.SYS [2013-11-15 2567984]
R3 DFX11_1;DFX Audio Enhancer 11.1;C:\Windows\System32\drivers\dfx11_1x64.sys [2012-12-13 28008]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2013-11-18 142632]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\Windows\System32\drivers\hitmanpro37.sys [2013-12-3 32512]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-15 317440]
R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2013-1-31 28160]
R3 MonitorFunction;Driver for Monitor;C:\Windows\System32\drivers\TVMonitor.sys [2013-11-22 16376]
R3 NetgearUDSMBus;UDS Master Bus of Kernel USB Software Bus by TCP;C:\Windows\System32\drivers\NetgearUDSMBus.sys [2013-12-1 107296]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-11-26 39200]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2013-11-19 34544]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
RUnknown 0938936drv;0938936drv; [x]
S0 amdkmafd;AMD Audio Bus Lower Filter;C:\Windows\System32\drivers\amdkmafd.sys [2013-11-16 21600]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2013-11-17 70960]
S3 bcbtums;Bluetooth USB LD Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-11-17 165688]
S3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2013-11-17 598808]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2013-11-17 39976]
S3 CisUtMonitor;CisUtMonitor;C:\Windows\System32\drivers\CisUtMonitor.sys [2013-11-16 33360]
S3 cleanhlp;cleanhlp;C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [2013-11-17 57024]
S3 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2013-11-15 17480]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2013-11-15 9800]
S3 FARMNTIO;FARMNTIO;C:\Windows\System32\drivers\farmntio.sys [2013-11-19 24664]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-16 111616]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-17 25928]
S3 MDA_NTDRV;MDA_NTDRV;C:\Windows\System32\MDA_NTDRV.sys [2013-2-25 21208]
S3 MEMSWEEP2;MEMSWEEP2;C:\Windows\System32\6845.tmp [2013-12-5 6144]
S3 NetgearUDSTcpBus;NetgearUDSTcpBus;C:\Windows\System32\drivers\NetgearUDSTcpBus.sys [2013-12-1 183584]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 pikbd;Pluralinput Keyboard 0.8.4;C:\Windows\System32\drivers\pikbd.sys [2013-11-19 23480]
S3 pimou;Pluralinput Mouse 0.8.5;C:\Windows\System32\drivers\pimou.sys [2013-11-16 22456]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-14 20992]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2013-11-25 31800]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2013-11-25 290920]
S3 RTLE8023x64;Realtek 10/100/1000 PCI-E NIC Family NDIS XP(x64) Driver;C:\Windows\System32\drivers\Rtenic64.sys [2013-11-16 521944]
S3 SRS_AE_Service;SRS Audio;C:\Windows\System32\drivers\SRS_AE_amd64.sys [2012-6-21 549704]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\System32\drivers\teamviewervpn.sys [2013-11-20 35112]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-11-16 1255736]
S4 a2AntiMalware;Emsisoft Anti-Malware 7.0 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2013-11-17 4159464]
S4 ABBYY.Licensing.FineReader.Corporate.11.0;ABBYY FineReader 11 CE Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [2011-12-22 818952]
S4 APNMCP;Ask Update Service;"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" --> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [?]
S4 Backupper Service;AOMEI Backupper Scheduler Service;C:\Program Files (x86)\AOMEI Backupper\ABService.exe --> C:\Program Files (x86)\AOMEI Backupper\ABService.exe [?]
S4 BackupStack;Computer Backup (JustCloud);C:\Program Files (x86)\JustCloud\BackupStack.exe [2013-9-20 38440]
S4 BootRacerServ;BootRacerServ;C:\Program Files (x86)\BootRacer\BootRacerServ.exe [2013-8-19 67888]
S4 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-12-1 90640]
S4 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-12-1 78352]
S4 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-12-1 295440]
S4 EaseUS Agent;EaseUS Agent Service;C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2013-11-26 69192]
S4 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-11-16 1436424]
S4 Guard Agent;Guard Agent Service;C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [2013-11-26 23624]
S4 HDDlife HDD Access service;HDDlife HDD Access service;C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe [2013-9-13 2050312]
S4 HideMyIpSRV;HideMyIpSRV;C:\Program Files (x86)\Hide My IP\HideMyIpSrv.exe [2013-12-3 3616880]
S4 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-17 418376]
S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-17 701512]
S4 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2012-12-13 230408]
S4 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-26 15125280]
S4 Printer Control;Printer Control;C:\Windows\System32\PrintCtrl.exe [2013-11-26 65536]
S4 ReflectService.exe;Macrium Reflect Image Mounting Service;C:\Program Files\Macrium\Reflect\ReflectService.exe [2013-11-8 1141360]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S4 SRSHDAudioService;SRS HDAudio Lab Service;C:\Program Files (x86)\Common Files\SRS Labs\SRS HD Audio Lab Service 2\SRSAudioLabService.exe [2012-6-25 13232]
S4 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-11-20 5309280]
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2013-12-04 22:34:01 6144 ------w- C:\Windows\System32\6845.tmp
2013-12-04 22:33:10 460888 ----a-w- C:\Windows\System32\drivers\89158698.sys
2013-12-04 22:31:50 6144 ------w- C:\Windows\System32\674A.tmp
2013-12-04 22:31:44 -------- d-----w- C:\Program Files (x86)\Sophos
2013-12-04 13:57:49 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Mediahit
2013-12-04 10:04:08 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\ZBrowser
2013-12-04 10:03:49 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Package Cache
2013-12-04 09:57:58 -------- d-----w- C:\Program Files (x86)\Zona
2013-12-04 09:57:52 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Zona
2013-12-04 06:26:56 -------- d-----w- C:\Program Files (x86)\Babylon
2013-12-04 03:43:01 -------- d-sh--r- C:\sys
2013-12-04 03:31:24 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\UnknownApplicationVendor
2013-12-04 03:13:22 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\BinarySense
2013-12-04 03:13:12 -------- d-----w- C:\Program Files (x86)\Common Files\BinarySense
2013-12-04 03:13:12 -------- d-----w- C:\Program Files (x86)\BinarySense
2013-12-04 00:19:53 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Adobe_Systems_Incorporate
2013-12-04 00:03:14 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Avira
2013-12-04 00:02:15 83160 ----a-w- C:\Windows\System32\drivers\avnetflt.sys
2013-12-04 00:02:15 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2013-12-04 00:02:15 106904 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2013-12-04 00:02:14 -------- d-----w- C:\ProgramData\Avira
2013-12-03 23:59:24 -------- d-----w- C:\ProgramData\Logs
2013-12-03 23:27:50 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\PFRouterDetector
2013-12-03 22:56:07 -------- d-----w- C:\ProgramData\Licenses
2013-12-03 22:56:04 -------- d-----w- C:\Program Files\Kutools for Word
2013-12-03 14:13:48 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Trillian
2013-12-03 10:02:55 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-03 10:02:55 -------- d-----w- C:\Program Files\iTunes
2013-12-03 10:02:55 -------- d-----w- C:\Program Files\iPod
2013-12-03 10:02:55 -------- d-----w- C:\Program Files (x86)\iTunes
2013-12-03 10:01:48 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-12-03 09:59:16 -------- d-----w- C:\Program Files (x86)\Hide My IP
2013-12-03 04:28:27 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\mresreg
2013-12-03 03:37:54 -------- d-----w- C:\ProgramData\G Data
2013-12-03 01:03:47 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\OrphansRemover
2013-12-03 01:03:45 -------- d-----w- C:\Program Files (x86)\OrphansRemover
2013-12-02 23:11:31 32512 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys
2013-12-02 22:35:54 388096 ----a-r- C:\Users\cat.SuperCat\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-12-02 22:35:54 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-12-02 21:54:03 -------- d-----w- C:\Program Files\GIMP 2
2013-12-02 21:13:47 348160 ----a-w- C:\Windows\SysWow64\eSellerateEngine.dll
2013-12-02 21:13:47 -------- d-----w- C:\Program Files (x86)\Acoustica MP3 Audio Mixer
2013-12-02 20:21:18 -------- d--h--w- C:\ProgramData\CanonIJScan
2013-12-02 12:22:59 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\DVDVideoSoft
2013-12-02 12:22:59 -------- d-----w- C:\Program Files (x86)\DVDVideoSoft
2013-12-02 12:22:59 -------- d-----w- C:\Program Files (x86)\Common Files\DVDVideoSoft
2013-12-02 10:38:30 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\MusicBee
2013-12-02 09:32:13 -------- d-----w- C:\Program Files (x86)\JetAudio
2013-12-02 09:21:21 -------- d-----w- C:\Program Files (x86)\Canon
2013-12-02 08:50:30 -------- d-----w- C:\Program Files (x86)\Samsung
2013-12-02 07:24:38 -------- d-----w- C:\ProgramData\Samsung
2013-12-02 07:24:33 36864 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\ssp4mpc.dll
2013-12-01 23:34:40 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Trend Micro
2013-12-01 23:33:36 -------- d-----w- C:\ProgramData\Trend Micro Installer
2013-12-01 23:33:28 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\IN-MEDIAKG
2013-12-01 23:33:15 -------- d-----w- C:\Program Files (x86)\mresreg
2013-12-01 22:40:44 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Free Auto Shutdown
2013-12-01 22:40:41 -------- d-----w- C:\Program Files (x86)\Free Auto Shutdown
2013-12-01 22:35:01 -------- d-----w- C:\Program Files (x86)\Backup Thunderbird
2013-12-01 18:44:27 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Mp3tag
2013-12-01 18:26:41 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Locate32
2013-12-01 17:58:59 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\MediaServer
2013-12-01 17:58:57 -------- d-----w- C:\ProgramData\PDVD
2013-12-01 17:55:15 -------- d-----w- C:\ProgramData\install_clap
2013-12-01 05:48:08 -------- d-----w- C:\Program Files (x86)\Glorylogic
2013-12-01 05:41:31 34304 ----a-w- C:\Windows\System32\DfSdkBt.exe
2013-12-01 05:06:11 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\JGoodies
2013-12-01 05:00:03 183584 ----a-w- C:\Windows\System32\drivers\NetgearUDSTcpBus.sys
2013-12-01 05:00:03 107296 ----a-w- C:\Windows\System32\drivers\NetgearUDSMBus.sys
2013-12-01 04:59:46 -------- d-----w- C:\Program Files (x86)\NETGEAR
2013-12-01 03:53:17 -------- d-----w- C:\Program Files (x86)\MPC-HC
2013-12-01 03:51:18 -------- d-----w- C:\Program Files (x86)\Mp3tag
2013-12-01 03:49:35 -------- d-----w- C:\Program Files (x86)\MusicBee
2013-12-01 01:59:35 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\HDGraph.com
2013-12-01 01:58:19 -------- d-----w- C:\Program Files (x86)\JGoodies
2013-11-30 21:54:52 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\DriverTuner
2013-11-30 21:53:50 -------- d-----w- C:\Program Files\Realtek Drivers Download Utility
2013-11-30 21:47:04 648 ----a-w- C:\Windows\uninstallstickies.bat
2013-11-30 21:47:04 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\stickies
2013-11-30 21:47:04 -------- d-----w- C:\Program Files (x86)\Stickies
2013-11-30 21:18:44 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\AstroGrep
2013-11-29 22:53:08 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\MagicCamera
2013-11-29 22:53:03 -------- d-----w- C:\Program Files (x86)\ShiningMorning
2013-11-29 21:07:45 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Remove_Empty_Directories
2013-11-29 21:05:21 -------- d-----w- C:\Program Files (x86)\Remove Empty Directories
2013-11-29 19:42:55 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\ACD Systems
2013-11-29 17:41:12 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\ACD Systems
2013-11-29 17:07:26 -------- d-----w- C:\ProgramData\ACD Systems
2013-11-29 17:07:23 -------- d-----w- C:\Program Files (x86)\Common Files\ACD Systems
2013-11-29 17:07:23 -------- d-----w- C:\Program Files (x86)\ACD Systems
2013-11-29 16:10:36 175480 ----a-w- C:\Windows\System32\drivers\idmwfp.sys
2013-11-29 07:28:53 -------- d-----w- C:\Program Files (x86)\FastStone Image Viewer
2013-11-29 00:49:30 -------- d-----w- C:\Program Files (x86)\Audacity
2013-11-28 21:40:48 -------- d-----w- C:\Program Files (x86)\PFRouterDetector
2013-11-28 21:40:01 -------- d-----w- C:\Program Files (x86)\PFPortChecker
2013-11-28 19:39:18 -------- d-----w- C:\Program Files (x86)\The KMPlayer
2013-11-28 16:16:58 -------- d-----w- C:\Program Files\Macrorit
2013-11-28 16:13:37 -------- d-----w- C:\Program Files (x86)\Aiseesoft Studio
2013-11-28 13:59:25 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Maxthon3
2013-11-28 13:59:21 -------- d-----w- C:\Program Files (x86)\Maxthon
2013-11-28 11:50:26 332288 ----a-w- C:\Windows\System32\uxtheme.dll.backup
2013-11-28 11:50:24 44544 ----a-w- C:\Windows\System32\themeservice.dll.backup
2013-11-28 11:50:21 2851840 ----a-w- C:\Windows\System32\themeui.dll.backup
2013-11-28 11:11:44 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Mythicsoft
2013-11-28 11:11:38 -------- d-----w- C:\Program Files\Mythicsoft
2013-11-28 03:51:35 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\fontconfig
2013-11-28 03:50:52 -------- d-----w- C:\Users\cat.SuperCat\.smplayer
2013-11-28 02:34:38 -------- d-----w- C:\Program Files\SMPlayer
2013-11-28 02:34:18 -------- d-----w- C:\Program Files (x86)\GRETECH
2013-11-28 01:20:27 212240 ----a-w- C:\Windows\SysWow64\RICHTX32.OCX
2013-11-28 01:20:27 137000 ----a-w- C:\Windows\SysWow64\MSMAPI32.OCX
2013-11-28 01:20:26 224016 ----a-w- C:\Windows\SysWow64\TABCTL32.OCX
2013-11-28 01:20:26 -------- d-----w- C:\Program Files (x86)\NetMarks Manager
2013-11-28 01:17:42 -------- d-----w- C:\Program Files (x86)\NetVisualize
2013-11-28 00:42:15 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\NVIDIA Corporation
2013-11-28 00:41:23 -------- d-----w- C:\Windows\SysWow64\NV
2013-11-28 00:41:23 -------- d-----w- C:\Windows\System32\NV
2013-11-28 00:38:19 -------- d-----w- C:\Windows\System32\RightClickFiles
2013-11-28 00:36:01 32544 ----a-w- C:\Windows\System32\drivers\nvpciflt.sys
2013-11-28 00:36:01 30361888 ----a-w- C:\Windows\System32\nvoglv64.dll
2013-11-28 00:36:00 9663656 ----a-w- C:\Windows\SysWow64\nvcuda.dll
2013-11-28 00:36:00 657184 ----a-w- C:\Windows\System32\NvIFR64.dll
2013-11-28 00:36:00 2747680 ----a-w- C:\Windows\SysWow64\nvcuvenc.dll
2013-11-28 00:36:00 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433193.dll
2013-11-28 00:36:00 141336 ----a-w- C:\Windows\SysWow64\nvinit.dll
2013-11-28 00:36:00 12613920 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys
2013-11-28 00:36:00 1242400 ----a-w- C:\Windows\SysWow64\nvumdshim.dll
2013-11-28 00:25:44 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Meauxsoft
2013-11-28 00:16:58 -------- d-----w- C:\Users\cat.SuperCat\.net
2013-11-27 23:43:52 -------- d-----w- C:\Program Files\Stereo Tool
2013-11-27 22:23:49 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\WebcamMax
2013-11-27 22:23:49 -------- d-----w- C:\ProgramData\WebcamMax
2013-11-27 22:21:46 -------- d-----w- C:\Program Files (x86)\WebcamMax
2013-11-27 18:39:09 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-27 18:37:45 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2013-11-27 18:33:14 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\ExtremeCopy
2013-11-27 18:31:25 -------- d-----w- C:\Program Files\Easersoft
2013-11-27 18:30:34 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\toolbarcleaner
2013-11-27 18:30:30 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner
2013-11-27 18:19:19 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\PerfectTUNES
2013-11-27 16:43:58 6889920 ----a-w- C:\Windows\SysWow64\SpoonUninstall.exe
2013-11-27 16:43:50 -------- d-----w- C:\Program Files (x86)\Illustrate
2013-11-27 16:36:23 -------- d-----w- C:\Program Files (x86)\MP3Gain
2013-11-27 13:58:50 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-11-27 13:58:50 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-11-27 11:41:17 -------- d-----w- C:\Program Files (x86)\Shield
2013-11-27 11:34:25 -------- d-----w- C:\ProgramData\AltrixSoft
2013-11-27 11:34:08 -------- d-----w- C:\Program Files (x86)\Common Files\AltrixSoft
2013-11-27 09:46:11 -------- d-----w- C:\Program Files\HitmanPro
2013-11-27 09:46:02 -------- d-----w- C:\ProgramData\HitmanPro
2013-11-27 09:38:10 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\ABBYY
2013-11-27 00:33:48 -------- d-----w- C:\Program Files (x86)\Common Files\ABBYY
2013-11-27 00:31:30 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\ABBYY
2013-11-27 00:31:25 -------- d-----w- C:\ProgramData\ABBYY
2013-11-27 00:28:15 -------- d-----w- C:\Program Files (x86)\ABBYY FineReader 11
2013-11-26 23:57:43 -------- d-----w- C:\Windows\SysWow64\directx
2013-11-26 22:21:50 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Vimisoft Studio
2013-11-26 21:49:57 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\iVisit Data
2013-11-26 21:48:03 897024 ----a-w- C:\Windows\SysWow64\SaveTo.dll
2013-11-26 21:46:22 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\VSee
2013-11-26 21:33:53 810496 ----a-w- C:\Windows\System32\xvidcore.dll
2013-11-26 21:33:53 80896 ----a-w- C:\Windows\System32\ff_vfw.dll
2013-11-26 21:33:53 183808 ----a-w- C:\Windows\System32\xvidvfw.dll
2013-11-26 21:33:50 389120 ----a-w- C:\Windows\SysWow64\actskn43.ocx
2013-11-26 21:33:50 389120 ----a-w- C:\Windows\System32\actskn43.ocx
2013-11-26 21:01:25 1053056 ----a-w- C:\Windows\SysWow64\drivers\V2WCDRV.sys
2013-11-26 21:01:14 148992 ----a-w- C:\Windows\System32\LAGARITH.DLL
2013-11-26 21:01:12 -------- d-----w- C:\Program Files\Web Solution Mart
2013-11-26 20:57:16 662288 ----a-w- C:\Windows\SysWow64\MSCOMCT2.OCX
2013-11-26 20:57:16 -------- d-----w- C:\Program Files (x86)\Common Files\Web Solution Mart
2013-11-26 20:57:15 -------- d-----w- C:\Program Files (x86)\Fake Webcam 7.3
2013-11-26 19:47:22 152848 ----a-w- C:\Windows\SysWow64\COMDLG32.OCX
2013-11-26 19:47:22 132880 ----a-w- C:\Windows\SysWow64\MSINET.OCX
2013-11-26 19:47:22 1081616 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2013-11-26 19:47:22 -------- d-----w- C:\Program Files (x86)\Common Files\Webcam Simulator
2013-11-26 19:44:27 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\VNT
2013-11-26 19:44:24 -------- d-----w- C:\ProgramData\AskPartnerNetwork
2013-11-26 19:44:24 -------- d-----w- C:\Program Files (x86)\VNT
2013-11-26 19:44:15 -------- d-----w- C:\ProgramData\APN
2013-11-26 18:35:17 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\mystart_ad
2013-11-26 18:35:15 -------- d-----w- C:\ProgramData\MyStart Anti-phishing Domain Advisor
2013-11-26 18:35:14 -------- d-----w- C:\ProgramData\EmailNotifier
2013-11-26 18:35:03 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\ManyCam
2013-11-26 18:34:57 -------- d-----w- C:\Program Files (x86)\ManyCam
2013-11-26 16:57:03 -------- d-----w- C:\Program Files (x86)\DFX
2013-11-26 16:57:03 -------- d-----w- C:\Program Files (x86)\Common Files\DFX
2013-11-26 12:19:18 -------- d-----r- C:\Program Files (x86)\Skype
2013-11-26 12:14:32 57344 ----a-r- C:\Users\cat.SuperCat\AppData\Roaming\Microsoft\Installer\{57F95617-28F4-566C-885B-9530CAE60E71}\NewShortcut1_F3FECDDB618046699EBFBFAD3F0D5BC9.exe
2013-11-26 12:13:52 -------- d-----w- C:\Program Files (x86)\Paragon Software
2013-11-26 12:06:46 -------- d-----w- C:\ProgramData\launcher
2013-11-26 12:06:46 -------- d-----w- C:\ProgramData\explauncher
2013-11-26 11:26:08 34056 ----a-w- C:\Windows\System32\drivers\hotcore3.sys
2013-11-26 11:25:22 -------- d-----w- C:\Program Files\Paragon Software
2013-11-26 08:22:16 24136 ----a-w- C:\Windows\System32\fbnative.exe
2013-11-26 04:42:56 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\NVIDIA
2013-11-26 04:39:32 955168 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2013-11-26 04:39:32 1064224 ----a-w- C:\Windows\System32\nvspcap64.dll
2013-11-26 04:36:29 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-11-26 04:36:29 29984 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-11-26 04:36:29 28960 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-11-26 04:15:30 -------- d-----w- C:\ProgramData\BootRacer
2013-11-26 04:08:38 -------- d-----w- C:\Program Files (x86)\BootRacer
2013-11-26 03:50:29 -------- d-----w- C:\Users\cat.SuperCat\.swt
2013-11-26 03:28:45 -------- d-----w- C:\Program Files\Uninstall Tool
2013-11-26 03:28:13 -------- d-----w- C:\Program Files\Macrium
2013-11-26 01:28:13 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\FreeCommanderXE
2013-11-26 01:28:12 -------- d-----w- C:\Program Files (x86)\FreeCommander XE
2013-11-25 23:27:51 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\IrfanView
2013-11-25 23:27:51 -------- d-----w- C:\Program Files (x86)\IrfanView
2013-11-25 22:14:00 -------- d-----w- C:\Program Files (x86)\Avira
2013-11-25 22:05:17 -------- d-----w- C:\Program Files (x86)\Hard Drive Inspector
2013-11-25 19:03:01 -------- d-----w- C:\ProgramData\Canneverbe Limited
2013-11-25 19:02:59 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Canneverbe Limited
2013-11-25 18:59:20 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys
2013-11-25 18:59:18 -------- d-----w- C:\Program Files\VS Revo Group
2013-11-25 17:27:42 -------- d-----w- C:\Program Files (x86)\DCoder Image Source
2013-11-25 17:27:25 -------- d-----w- C:\Program Files (x86)\FFMPEG Core Files
2013-11-25 17:27:04 -------- d-----w- C:\Program Files (x86)\AC3Filter
2013-11-25 17:26:53 -------- d-----w- C:\Program Files (x86)\DirectVobSub
2013-11-25 17:26:45 -------- d-----w- C:\Program Files (x86)\Haali
2013-11-25 17:26:36 -------- d-----w- C:\Program Files (x86)\MadVR
2013-11-25 17:26:29 -------- d-----w- C:\Program Files (x86)\LAV Filters
2013-11-25 17:25:42 -------- d-----w- C:\Program Files (x86)\Bass Audio Decoder
2013-11-25 16:57:13 -------- d-----w- C:\ProgramData\Zoom Player
2013-11-25 16:57:13 -------- d-----w- C:\Program Files (x86)\Zoom Player
2013-11-25 16:54:04 -------- d-----w- C:\ProgramData\Package Cache
2013-11-25 15:39:01 -------- d-----w- C:\Program Files (x86)\Toolwiz Smart Defrag FREE
2013-11-25 15:30:57 44304 ----a-w- C:\Windows\System32\drivers\TWZFILE.sys
2013-11-25 15:30:55 74512 ----a-w- C:\Windows\System32\drivers\TWZDISK.sys
2013-11-25 15:30:51 -------- d--h--w- C:\TOOLWIZTIMEFREEZE
2013-11-24 22:01:11 7367200 ----a-w- C:\Windows\SysWow64\RtsUVStoricon.dll
2013-11-24 22:01:11 290920 ----a-w- C:\Windows\System32\drivers\rtsuvstor.sys
2013-11-24 22:01:11 15464 ----a-w- C:\Windows\System32\drivers\diskperf64.sys
2013-11-24 21:56:15 -------- d-----w- C:\Program Files\Common Files\Intel
2013-11-24 21:56:14 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2013-11-24 21:54:17 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2013-11-24 20:18:09 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-24 10:02:10 -------- d-----w- C:\Program Files\uvnc bvba
2013-11-24 08:07:46 20472 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\TeamViewer_PrintProcessor.dll
2013-11-24 05:37:13 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\OpenOffice
2013-11-24 05:26:41 -------- d-----w- C:\Program Files (x86)\OpenOffice 4
2013-11-24 05:22:20 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Ultralingua7
2013-11-24 05:21:46 -------- d-----w- C:\ProgramData\Ultralingua7
2013-11-24 05:21:38 -------- d-----w- C:\Windows\SysWow64\DotNetFx35ClientSetup
2013-11-24 05:21:21 -------- d-----w- C:\Program Files (x86)\Ultralingua
2013-11-24 05:19:37 93240 ----a-w- C:\Windows\System32\drivers\scdemu.sys
2013-11-24 05:19:37 -------- d-----w- C:\Program Files (x86)\PowerISO
2013-11-24 05:12:15 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Grammatica
2013-11-24 05:12:07 -------- d-----w- C:\Program Files (x86)\Grammatica 7
2013-11-24 05:10:32 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\LibreOffice
2013-11-24 04:46:15 -------- d-----w- C:\Program Files (x86)\MSECache
2013-11-24 04:25:54 -------- d-----w- C:\Program Files (x86)\LibreOffice 4
2013-11-24 02:33:13 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Python-Eggs
2013-11-24 02:28:36 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\System Functions Software
2013-11-23 07:28:35 -------- d-----w- C:\Program Files (x86)\MonitorDriver
2013-11-23 07:06:19 -------- d-----w- C:\Program Files (x86)\Speak-A-Message
2013-11-23 00:25:01 2414360 ----a-w- C:\Windows\SysWow64\d3dx9_31.dll
2013-11-23 00:25:01 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2013-11-22 23:57:49 -------- d-----w- C:\ProgramData\ViceVersa PRO
2013-11-22 23:56:16 -------- d-----w- C:\Program Files\ViceVersa Pro
2013-11-22 23:52:57 279000 ----a-w- C:\Windows\SysWow64\IntelCpHeciSvc.exe
2013-11-22 23:52:57 116224 ----a-w- C:\Windows\System32\igfxCoIn_v3347.dll
2013-11-22 23:52:48 7470080 ----a-w- C:\Windows\System32\igdumd64.dll
2013-11-22 23:52:45 98304 ----a-w- C:\Windows\System32\igdde64.dll
2013-11-22 23:52:45 77312 ----a-w- C:\Windows\SysWow64\igdde32.dll
2013-11-22 23:41:48 122880 ----a-w- C:\Windows\UnGins.exe
2013-11-22 22:31:58 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2013-11-22 18:36:52 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Apple Computer
2013-11-22 18:36:41 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-11-22 18:35:33 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Apple
2013-11-22 18:34:55 -------- d-----w- C:\Program Files\Bonjour
2013-11-22 18:24:25 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Dropbox
2013-11-22 15:36:21 16376 ----a-w- C:\Windows\System32\drivers\TVMonitor.sys
2013-11-21 22:14:51 743248 ----a-w- C:\Windows\SysWow64\msvcp100d.dll
2013-11-21 22:14:51 1858896 ----a-w- C:\Windows\System32\msvcr100d.dll
2013-11-21 22:14:51 1498960 ----a-w- C:\Windows\SysWow64\msvcr100d.dll
2013-11-21 22:14:51 1014096 ----a-w- C:\Windows\System32\msvcp100d.dll
2013-11-21 21:32:59 -------- d-----w- C:\Program Files (x86)\Ashampoo
2013-11-21 21:09:34 -------- d--h--w- C:\ProgramData\sysnfxo
2013-11-21 21:09:34 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\SuperEasy Backup
2013-11-21 21:09:16 -------- d-----w- C:\ProgramData\SuperEasy Backup
2013-11-21 04:28:43 64080 ----a-w- C:\Windows\System32\drivers\vmx86.sys
2013-11-21 04:28:37 32848 ----a-w- C:\Windows\System32\drivers\VMkbd.sys
2013-11-21 04:26:52 30800 ----a-w- C:\Windows\System32\drivers\vmnetuserif.sys
2013-11-21 04:26:26 930384 ----a-w- C:\Windows\System32\vnetlib64.dll
2013-11-21 00:30:02 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\MediaMonkey
2013-11-21 00:29:51 -------- d-----w- C:\ProgramData\MediaMonkey
2013-11-21 00:29:49 -------- d-----w- C:\Program Files (x86)\MediaMonkey
2013-11-20 22:35:30 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\AIMP3
2013-11-20 22:35:17 -------- d-----w- C:\Program Files (x86)\AIMP3
2013-11-20 20:01:28 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\TeamViewer
2013-11-20 19:58:21 35112 ----a-w- C:\Windows\System32\drivers\teamviewervpn.sys
2013-11-20 19:58:18 -------- d-----w- C:\Program Files (x86)\TeamViewer
2013-11-20 09:15:12 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\UltraVNC
2013-11-19 20:00:48 -------- d-----w- C:\Program Files\JAM Software
2013-11-19 18:28:48 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\JAM Software
2013-11-19 18:28:46 -------- d-----w- C:\Program Files (x86)\JAM Software
2013-11-19 17:16:20 -------- d-----w- C:\Program Files (x86)\MozBackup
2013-11-19 14:26:34 2560 ----a-w- C:\Windows\System32\drivers\he-IL\wdf01000.sys.mui
2013-11-19 13:44:59 -------- d-----w- C:\Users\cat.SuperCat\.musikproject
2013-11-19 13:01:32 -------- d-----w- C:\Program Files (x86)\ISO Opener
2013-11-19 12:43:00 -------- d-----w- C:\Windows\SysWow64\he
2013-11-19 12:43:00 -------- d-----w- C:\Windows\SysWow64\drivers\he-IL
2013-11-19 12:42:56 -------- d-----w- C:\Windows\SysWow64\wbem\he-IL
2013-11-19 12:42:49 -------- d-----w- C:\Windows\System32\he
2013-11-19 12:42:49 -------- d-----w- C:\Windows\System32\drivers\UMDF\he-IL
2013-11-19 12:42:48 -------- d-----w- C:\Windows\System32\drivers\he-IL
2013-11-19 12:42:41 -------- d-----w- C:\Windows\System32\wbem\he-IL
2013-11-19 12:42:20 -------- d-----w- C:\Windows\he-IL
2013-11-19 12:10:39 24576 ----a-w- C:\Windows\System32\drivers\he-IL\usbport.sys.mui
2013-11-19 12:10:39 11776 ----a-w- C:\Windows\System32\drivers\he-IL\usbhub.sys.mui
2013-11-19 12:10:29 5632 ----a-w- C:\Windows\System32\drivers\he-IL\rdvgkmd.sys.mui
2013-11-19 12:10:29 2560 ----a-w- C:\Windows\System32\drivers\he-IL\rdpwd.sys.mui
2013-11-19 12:10:17 7168 ----a-w- C:\Windows\System32\drivers\he-IL\tunnel.sys.mui
2013-11-19 12:10:17 4096 ----a-w- C:\Windows\System32\drivers\he-IL\tsusbhub.sys.mui
2013-11-19 12:10:17 3072 ----a-w- C:\Windows\System32\drivers\he-IL\tsusbflt.sys.mui
2013-11-19 12:10:12 9728 ----a-w- C:\Windows\System32\drivers\he-IL\battc.sys.mui
2013-11-19 12:06:00 13824 ----a-w- C:\Windows\System32\drivers\he-IL\nwifi.sys.mui
2013-11-19 12:04:59 8704 ----a-w- C:\Windows\System32\drivers\he-IL\BrSerId.sys.mui
2013-11-19 12:04:59 8192 ----a-w- C:\Windows\System32\drivers\he-IL\acpi.sys.mui
2013-11-19 12:04:59 3072 ----a-w- C:\Windows\System32\drivers\he-IL\atikmdag.sys.mui
2013-11-19 12:04:59 2560 ----a-w- C:\Windows\System32\drivers\he-IL\UAGP35.SYS.mui
2013-11-19 12:04:59 2560 ----a-w- C:\Windows\System32\drivers\he-IL\GAGP30KX.SYS.mui
2013-11-19 12:04:59 2560 ----a-w- C:\Windows\System32\drivers\he-IL\BrParwdm.sys.mui
2013-11-19 12:04:59 11776 ----a-w- C:\Windows\System32\drivers\he-IL\ohci1394.sys.mui
2013-11-19 12:04:58 11776 ----a-w- C:\Windows\System32\drivers\he-IL\1394ohci.sys.mui
2013-11-19 11:56:47 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-11-19 11:56:47 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-11-19 11:56:47 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-11-19 11:56:47 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-11-19 11:56:46 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-11-19 11:56:46 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-11-19 11:56:46 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-11-19 08:59:22 87112 ----a-w- C:\Windows\System32\drivers\xssflt.sys
2013-11-19 07:23:36 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Nitro
2013-11-19 07:13:27 29704 ----a-w- C:\Windows\System32\nitrolocalmon2.dll
2013-11-19 07:13:27 17928 ----a-w- C:\Windows\System32\nitrolocalui2.dll
2013-11-19 07:13:02 -------- d-----w- C:\Program Files\Common Files\Nitro
2013-11-19 07:13:00 -------- d-----w- C:\ProgramData\Nitro
2013-11-19 07:13:00 -------- d-----w- C:\Program Files (x86)\Nitro
2013-11-19 07:13:00 -------- d-----w- C:\Program Files (x86)\Common Files\Nitro
2013-11-19 07:11:49 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Downloaded Installations
2013-11-19 07:07:49 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\PrimoPDF
2013-11-19 04:49:57 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\NovaStor
2013-11-19 04:49:12 -------- d-----w- C:\ProgramData\TempDR
2013-11-19 04:36:03 23480 ----a-w- C:\Windows\System32\drivers\pikbd.sys
2013-11-19 04:31:43 34544 ----a-w- C:\Windows\System32\drivers\Smb_driver_Intel.sys
2013-11-19 04:30:56 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Apps
2013-11-19 04:18:54 -------- d-----w- C:\Windows\amlog
2013-11-19 04:02:22 -------- d-----w- C:\Program Files\PartitionGuru Free
2013-11-19 00:04:02 -------- d-----w- C:\ProgramData\Farstone
2013-11-19 00:00:54 -------- d-----w- C:\Program Files (x86)\FarStone TotalRecovery
2013-11-18 23:54:47 24664 ----a-w- C:\Windows\System32\drivers\farmntio.sys
2013-11-18 23:23:46 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Downloaded Installations
2013-11-18 23:09:16 -------- d-----w- C:\Program Files (x86)\ActivePath
2013-11-18 20:57:47 30056 ----a-w- C:\Windows\System32\drivers\hmip64.sys
2013-11-18 19:45:29 -------- d-----w- C:\Users\cat.SuperCat\.rainlendar2
2013-11-18 19:45:17 -------- d-----w- C:\Program Files (x86)\Rainlendar2
2013-11-18 19:06:37 1024 ---ha-w- C:\SYSTAG.BIN
2013-11-18 18:16:21 -------- d-----w- C:\ProgramData\AomeiBR
2013-11-18 02:28:28 90624 ----a-w- C:\Windows\System32\Primomonnt.dll
2013-11-18 02:28:27 -------- d-----w- C:\Program Files (x86)\Nitro PDF
2013-11-18 01:55:23 -------- d-----w- C:\Program Files\Elantech
2013-11-18 01:55:11 5016872 ----a-w- C:\Windows\System32\ETDUI.cpl
2013-11-18 01:55:11 142632 ----a-w- C:\Windows\System32\drivers\ETD.sys
2013-11-18 01:27:15 30648 ----a-w- C:\Windows\System32\ambakdrv.sys
2013-11-18 01:27:15 17848 ----a-w- C:\Windows\System32\amwrtdrv.sys
2013-11-18 01:27:15 151480 ----a-w- C:\Windows\System32\ammntdrv.sys
2013-11-18 01:24:07 -------- d-----w- C:\ProgramData\Macrium
2013-11-18 01:05:48 2560 ----a-w- C:\Windows\System32\drivers\ru-RU\wdf01000.sys.mui
2013-11-18 01:05:48 2560 ----a-w- C:\Windows\System32\drivers\de-DE\wdf01000.sys.mui
2013-11-18 01:02:15 134236 ----a-w- C:\Windows\Easy Login Uninstaller.exe
2013-11-18 00:59:05 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\CommonDataMSI
2013-11-18 00:58:59 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Iconico
2013-11-18 00:53:46 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Genie-Soft
2013-11-18 00:53:41 -------- d-----w- C:\Program Files\Genie-Soft
2013-11-17 22:50:23 -------- d-----w- C:\Program Files\VideoLAN
2013-11-17 21:58:50 -------- d-----w- C:\Program Files (x86)\Enigma Software Group
2013-11-17 21:55:17 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-11-17 21:49:13 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\HTML Executable
2013-11-17 21:38:33 -------- d-----w- C:\Program Files\Common Files\Bitdefender
2013-11-17 21:38:29 -------- d-----w- C:\Program Files (x86)\Common Files\Bitdefender
2013-11-17 21:00:39 -------- d-----w- C:\Windows\SysWow64\wbem\ru-RU
2013-11-17 21:00:39 -------- d-----w- C:\Windows\SysWow64\ru
2013-11-17 21:00:39 -------- d-----w- C:\Windows\SysWow64\drivers\ru-RU
2013-11-17 21:00:33 -------- d-----w- C:\Windows\System32\drivers\UMDF\ru-RU
2013-11-17 21:00:33 -------- d-----w- C:\Windows\System32\drivers\ru-RU
2013-11-17 21:00:30 -------- d-----w- C:\Windows\System32\wbem\ru-RU
2013-11-17 21:00:30 -------- d-----w- C:\Windows\System32\ru
2013-11-17 21:00:25 -------- d-----w- C:\Windows\ru-RU
2013-11-17 20:53:58 5120 ----a-w- C:\Windows\System32\drivers\ru-RU\rdbss.sys.mui
2013-11-17 20:52:05 -------- d-----w- C:\Windows\de-DE
2013-11-17 20:52:02 -------- d-----w- C:\Windows\SysWow64\XPSViewer
2013-11-17 20:52:02 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\de-DE
2013-11-17 20:52:02 -------- d-----w- C:\Windows\SysWow64\drivers\de-DE
2013-11-17 20:52:02 -------- d-----w- C:\Windows\SysWow64\de
2013-11-17 20:52:02 -------- d-----w- C:\Windows\SysWow64\0407
2013-11-17 20:52:00 -------- d-----w- C:\Windows\SysWow64\wbem\de-DE
2013-11-17 20:51:50 -------- d-----w- C:\Windows\System32\0407
2013-11-17 20:51:49 -------- d-----w- C:\Windows\System32\drivers\UMDF\de-DE
2013-11-17 20:51:49 -------- d-----w- C:\Windows\System32\drivers\de-DE
2013-11-17 20:51:47 -------- d-----w- C:\Windows\System32\de
2013-11-17 20:51:46 -------- d-----w- C:\Windows\System32\wbem\de-DE
2013-11-17 20:44:58 4096 ----a-w- C:\Windows\System32\drivers\de-DE\isapnp.sys.mui
2013-11-17 20:43:59 7168 ----a-w- C:\Windows\System32\drivers\de-DE\luafv.sys.mui
2013-11-17 12:01:18 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Broadcom
2013-11-17 12:01:03 598808 ----a-w- C:\Windows\System32\drivers\btwampfl.sys
2013-11-17 11:56:09 39976 ----a-w- C:\Windows\System32\drivers\btwl2cap.sys
2013-11-17 11:56:09 21544 ----a-w- C:\Windows\System32\drivers\btwrchid.sys
2013-11-17 11:56:09 210984 ----a-w- C:\Windows\System32\drivers\btwavdt.sys
2013-11-17 11:56:09 184144 ----a-w- C:\Windows\System32\drivers\btwaudio.sys
2013-11-17 11:55:28 -------- d-----w- C:\Program Files\WIDCOMM
2013-11-17 11:43:49 -------- d-----w- C:\Program Files (x86)\Common Files\Atheros
2013-11-17 08:06:35 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Western Digital
2013-11-17 07:34:11 47616 ----a-w- C:\Windows\SysWow64\ff_acm.acm
2013-11-17 07:34:10 79872 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
2013-11-17 07:34:10 -------- d-----w- C:\Program Files (x86)\ffdshow
2013-11-17 07:30:39 256088 ----a-w- C:\Windows\System32\unrar64.dll
2013-11-17 07:30:39 217176 ----a-w- C:\Windows\SysWow64\unrar.dll
2013-11-17 07:30:36 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
2013-11-17 07:27:48 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\ALLConverter
2013-11-17 07:23:43 -------- d-----w- C:\Program Files\DivX
2013-11-17 07:23:39 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2013-11-17 07:15:27 -------- d-----w- C:\Program Files (x86)\DivX
2013-11-17 07:14:56 -------- d-----w- C:\ProgramData\DivX
2013-11-17 03:57:49 256904 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys
2013-11-17 03:41:04 -------- d-----w- C:\ProgramData\Kaspersky Lab
2013-11-17 03:32:43 -------- d-----w- C:\Program Files (x86)\Emsisoft Anti-Malware
2013-11-17 03:09:41 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Process Hacker 2
2013-11-17 02:56:08 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Malwarebytes
2013-11-17 02:55:59 -------- d-----w- C:\ProgramData\Malwarebytes
2013-11-17 02:55:58 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-11-17 02:55:57 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-17 02:53:15 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-11-17 02:53:15 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2013-11-17 00:37:23 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Musicmatch
2013-11-17 00:23:13 23816 ----a-w- C:\Windows\System32\drivers\cpuz135_x64.sys
2013-11-17 00:23:13 -------- d-----w- C:\Program Files\CPUID
2013-11-16 22:59:03 43104 ----a-w- C:\Windows\System32\drivers\btcusb.sys
2013-11-16 22:59:03 12800 ----a-w- C:\Windows\System32\btinstall.dll
2013-11-16 22:58:26 66264 ----a-w- C:\Windows\System32\btwdi.dll
2013-11-16 22:58:26 2255064 ----a-w- C:\Windows\System32\BtwRSupportService.exe
2013-11-16 22:58:26 2232024 ----a-w- C:\Windows\System32\BcmBtRSupport.dll
2013-11-16 22:58:26 165688 ----a-w- C:\Windows\System32\drivers\bcbtums.sys
2013-11-16 22:16:40 -------- d-----w- C:\ProgramData\Western Digital
2013-11-16 22:12:55 -------- d-----w- C:\Program Files (x86)\Western Digital Corporation
2013-11-16 22:11:17 -------- d-----w- C:\Program Files\WDCSAM
2013-11-16 21:57:32 -------- d-----w- C:\ProgramData\Innovative Solutions
2013-11-16 21:57:30 -------- d-----w- C:\Program Files (x86)\Common Files\Innovative Solutions
2013-11-16 21:57:29 42496 ----a-w- C:\Windows\SysWow64\AdvUninstCPL.cpl
2013-11-16 20:43:24 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\PhotoScape
2013-11-16 19:27:06 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\NVIDIA
2013-11-16 19:22:24 22456 ----a-w- C:\Windows\System32\drivers\pimou.sys
2013-11-16 19:21:19 4017664 ----a-w- C:\Windows\System32\drivers\athrx.sys
2013-11-16 16:12:54 2871808 ----a-w- C:\Windows\explorer.exe
2013-11-16 16:12:53 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
2013-11-16 16:12:52 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-11-16 16:12:52 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-11-16 16:12:42 67072 ----a-w- C:\Windows\splwow64.exe
2013-11-16 16:12:42 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2013-11-16 07:30:13 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\DonationCoder
2013-11-16 07:26:20 118267 ----a-w- C:\Windows\Easy HR Windows System Restore Utility Uninstaller.exe
2013-11-16 07:26:19 -------- d-----w- C:\Program Files\EasyHR
2013-11-16 03:36:15 -------- d-----w- C:\Windows\SysWow64\Wat
2013-11-16 03:36:14 -------- d-----w- C:\Windows\System32\Wat
2013-11-16 03:33:20 -------- d-----w- C:\ProgramData\DonationCoder
2013-11-16 02:23:02 74456 ----a-w- C:\Windows\System32\RtNicProp64.dll
2013-11-16 02:23:02 521944 ----a-w- C:\Windows\System32\drivers\Rtenic64.sys
2013-11-16 02:23:02 108760 ----a-w- C:\Windows\System32\RTNUninst64.dll
2013-11-16 01:59:27 -------- d-----w- C:\ProgramData\SonicFocus
2013-11-16 01:59:10 -------- d-----w- C:\Windows\SysWow64\RTCOM
2013-11-16 01:59:10 -------- d-----w- C:\Program Files\Realtek
2013-11-16 01:57:30 2080472 ----a-w- C:\Windows\RtlExUpd.dll
2013-11-16 01:57:27 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2013-11-16 01:57:27 65024 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2013-11-16 01:57:27 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2013-11-16 01:57:27 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2013-11-16 01:57:27 204800 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2013-11-16 01:57:26 757760 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2013-11-16 01:57:26 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2013-11-16 01:57:25 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2013-11-16 01:57:25 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2013-11-16 01:55:12 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\BID
2013-11-16 01:54:56 -------- d-----w- C:\Program Files (x86)\Bulk Image Downloader
2013-11-16 01:16:06 21600 ----a-w- C:\Windows\System32\drivers\amdkmafd.sys
2013-11-16 01:11:21 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\isafe
2013-11-16 01:06:47 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\URSoft
2013-11-16 01:06:43 -------- d-----w- C:\Program Files (x86)\Your Uninstaller! 7
2013-11-16 01:05:14 -------- d-----w- C:\Program Files\Perfect Uninstaller
2013-11-16 01:03:14 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\VS Revo Group
2013-11-16 01:03:09 -------- d-----w- C:\ProgramData\VS Revo Group
2013-11-16 00:33:45 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\CrashDumps
2013-11-16 00:29:16 6688 ----a-w- C:\Windows\movexe.exe
2013-11-16 00:27:47 -------- d-----w- C:\Program Files\BestPlay
2013-11-16 00:20:41 33360 ----a-w- C:\Windows\System32\drivers\CisUtMonitor.sys
2013-11-16 00:20:41 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\CrystalIdea Software
2013-11-16 00:20:40 -------- d-----w- C:\Program Files (x86)\Uninstall Tool
2013-11-16 00:16:35 1795952 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll
2013-11-16 00:16:34 99288 ----a-w- C:\Windows\System32\drivers\TeeDriverx64.sys
2013-11-16 00:11:52 116224 ----a-w- C:\Windows\System32\igfxCoIn_v3223.dll
2013-11-16 00:11:39 3511296 ----a-w- C:\Windows\System32\igfxcmjit64.dll
2013-11-16 00:11:38 575488 ----a-w- C:\Windows\System32\igfx11cmrt64.dll
2013-11-16 00:11:38 542720 ----a-w- C:\Windows\SysWow64\igfx11cmrt32.dll
2013-11-16 00:11:38 3121152 ----a-w- C:\Windows\SysWow64\igfxcmjit32.dll
2013-11-16 00:11:22 6068224 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
2013-11-15 23:42:16 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\DFX
2013-11-15 23:42:05 -------- d-----w- C:\Program Files (x86)\VideoLAN
2013-11-15 23:41:59 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared
2013-11-15 23:41:55 -------- d-----w- C:\Program Files (x86)\Common Files\SRS Labs
2013-11-15 23:41:54 -------- d-----w- C:\Program Files\SRS Labs
2013-11-15 23:41:54 -------- d-----w- C:\Program Files\Common Files\SRS Labs
2013-11-15 23:28:34 -------- d-----w- C:\Windows\System32\log
2013-11-15 22:59:36 -------- d-----w- C:\Windows\AutoKMS
2013-11-15 22:39:37 -------- d-----w- C:\ProgramData\Microsoft Toolkit
2013-11-15 22:16:50 -------- d-----w- C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
2013-11-15 22:12:55 -------- d-----w- C:\Program Files (x86)\PowerDataRecovery
2013-11-15 22:05:16 521728 --sha-w- C:\EUMONBMP.SYS
2013-11-15 21:57:55 -------- d-----w- C:\Program Files\Synaptics
2013-11-15 21:56:58 -------- d-sh--w- C:\BOOT
2013-11-15 21:51:26 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Innovative Solutions
2013-11-15 21:51:23 -------- d-----w- C:\Program Files (x86)\Innovative Solutions
2013-11-15 21:23:29 633856 ----a-w- C:\Windows\System32\comctl32.dll
2013-11-15 21:23:29 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2013-11-15 21:23:17 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2013-11-15 21:23:17 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2013-11-15 21:23:17 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2013-11-15 21:23:17 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2013-11-15 21:23:10 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-11-15 21:23:09 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-11-15 21:21:55 41472 ----a-w- C:\Windows\System32\lpk.dll
2013-11-15 21:20:58 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-11-15 21:19:43 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2013-11-15 21:19:43 1111552 ----a-w- C:\Windows\System32\rdpcorets.dll
2013-11-15 21:19:42 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-11-15 21:19:42 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-11-15 21:19:41 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-11-15 21:19:40 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-11-15 21:19:02 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-11-15 21:19:01 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-11-15 21:19:00 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-11-15 21:19:00 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-11-15 21:19:00 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-11-15 21:14:57 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-11-15 21:14:57 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-11-15 21:14:57 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-11-15 21:14:30 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-11-15 21:14:30 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-11-15 21:14:30 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-11-15 21:14:30 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-11-15 21:14:30 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-11-15 21:14:29 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2013-11-15 20:13:49 -------- d-----w- C:\Windows\Migration
2013-11-15 19:54:19 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2013-11-15 18:41:37 -------- d-----w- C:\Windows\pss
2013-11-15 18:39:42 -------- d-----w- C:\ProgramData\Oracle
2013-11-15 18:39:33 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-11-15 18:21:43 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Smarty Uninstaller
2013-11-15 18:18:10 -------- d-----w- C:\ProgramData\IsolatedStorage
2013-11-15 18:16:24 4603616 ----a-w- C:\Windows\SysWow64\DevComponents.DotNetBar2.dll
2013-11-15 18:16:23 -------- d-----w- C:\Program Files (x86)\Smarty Uninstaller
2013-11-15 18:12:11 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\ALLMediaServer
2013-11-15 18:11:54 645632 ----a-w- C:\Windows\SysWow64\xvidcore.dll
2013-11-15 18:11:54 276992 ----a-w- C:\Windows\SysWow64\BugTrap.dll
2013-11-15 18:11:54 258048 ----a-w- C:\Windows\SysWow64\libFLAC.dll
2013-11-15 18:11:54 2106368 ----a-w- C:\Windows\SysWow64\ac3filter.ax
2013-11-15 18:11:47 -------- d-----w- C:\ProgramData\ALLPlayer
2013-11-15 18:11:47 -------- d-----w- C:\Program Files (x86)\ALLPlayer
2013-11-15 18:08:15 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
2013-11-15 18:08:05 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2013-11-15 18:07:58 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Adobe
2013-11-15 18:07:50 -------- d-----w- C:\Windows\PCHEALTH
2013-11-15 18:07:50 -------- d-----w- C:\Program Files\Microsoft SQL Server
2013-11-15 18:05:07 -------- d-----w- C:\Windows\SHELLNEW
2013-11-15 18:05:07 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2013-11-15 18:05:07 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2013-11-15 18:03:26 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Microsoft Help
2013-11-15 17:53:59 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\DiskSpaceFan
2013-11-15 17:53:57 -------- d-----w- C:\Program Files (x86)\Cookapp
2013-11-15 17:53:31 -------- d-----w- C:\Program Files (x86)\PhotoScape
2013-11-15 17:38:09 -------- d-----w- C:\Windows\System32\SPReview
2013-11-15 17:37:43 -------- d-----w- C:\Windows\System32\EventProviders
2013-11-15 17:30:59 758272 ----a-w- C:\Windows\System32\PortableDeviceApi.dll
2013-11-15 17:29:59 93696 ----a-w- C:\Windows\SysWow64\fms.dll
2013-11-15 17:27:38 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2013-11-15 17:27:38 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2013-11-15 17:27:33 244736 ----a-w- C:\Windows\System32\sqmapi.dll
2013-11-15 17:26:09 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
2013-11-15 17:26:09 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2013-11-15 17:26:09 229376 ----a-w- C:\Windows\System32\fsquirt.exe
2013-11-15 16:54:22 2565632 ----a-w- C:\Windows\System32\esent.dll
2013-11-15 16:54:22 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2013-11-15 16:54:21 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2013-11-15 16:54:21 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2013-11-15 16:54:21 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2013-11-15 16:54:21 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2013-11-15 16:54:21 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2013-11-15 16:54:21 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2013-11-15 16:54:20 96768 ----a-w- C:\Windows\System32\fsutil.exe
2013-11-15 16:54:20 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2013-11-15 16:48:33 -------- d-----w- C:\Program Files (x86)\JustCloud
2013-11-15 16:45:33 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\TeraCopy
2013-11-15 16:45:11 -------- d-----w- C:\Program Files\TeraCopy
2013-11-15 16:36:40 -------- d-----w- C:\Program Files (x86)\AppCleaner
2013-11-15 16:26:45 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Macromedia
2013-11-15 16:20:03 48216 ----a-w- C:\Windows\System32\drivers\amonlwlh.sys
2013-11-15 16:11:42 189000 ----a-w- C:\Windows\System32\drivers\EuFdDisk.sys
2013-11-15 16:11:42 18504 ----a-w- C:\Windows\System32\drivers\eudskacs.sys
2013-11-15 16:11:41 61000 ----a-w- C:\Windows\System32\drivers\eubakup.sys
2013-11-15 16:11:39 48200 ----a-w- C:\Windows\System32\drivers\EUBKMON.sys
2013-11-15 16:09:34 9800 ----a-w- C:\Windows\System32\EuGdiDrv.sys
2013-11-15 16:09:34 9160 ----a-w- C:\Windows\SysWow64\EuGdiDrv.sys
2013-11-15 16:09:34 87112 ----a-w- C:\Windows\SysWow64\setupempdrv03.exe
2013-11-15 16:09:34 3376640 ----a-w- C:\Windows\System32\BootMan.exe
2013-11-15 16:09:34 3316736 ----a-w- C:\Windows\System32\¸´¼? BootMan.exe
2013-11-15 16:09:34 2468520 ----a-w- C:\Windows\SysWow64\BootMan.exe
2013-11-15 16:09:34 19840 ----a-w- C:\Windows\SysWow64\EuEpmGdi.dll
2013-11-15 16:09:34 17480 ----a-w- C:\Windows\System32\epmntdrv.sys
2013-11-15 16:09:34 16256 ----a-w- C:\Windows\System32\EuEpmGdi.dll
2013-11-15 16:09:34 14920 ----a-w- C:\Windows\SysWow64\epmntdrv.sys
2013-11-15 16:09:34 100936 ----a-w- C:\Windows\System32\setupempdrvx64.exe
2013-11-15 16:05:56 -------- d-----w- C:\Program Files (x86)\EaseUS
2013-11-15 16:05:37 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Programs
2013-11-15 15:35:42 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-15 15:35:42 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-15 15:10:14 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\ElevatedDiagnostics
2013-11-15 14:59:13 -------- d-----w- C:\Program Files (x86)\MacType
2013-11-15 14:31:40 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Opera Software
2013-11-15 14:31:39 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Opera Software
2013-11-15 14:09:20 745224 ----a-w- C:\Windows\System32\Vim.RWBlock.dll
2013-11-15 14:09:20 2152176 ----a-w- C:\Windows\System32\WudfUpdate_01009.dll
2013-11-15 14:09:02 79112 ----a-w- C:\Windows\System32\vimbase.dll
2013-11-15 14:09:02 1715976 ----a-w- C:\Windows\System32\vimsdk.dll
2013-11-15 14:09:00 700680 ----a-w- C:\Windows\System32\drivers\uim_im.sys
2013-11-15 14:09:00 556296 ----a-w- C:\Windows\System32\drivers\UimFIO.sys
2013-11-15 14:09:00 25992 ----a-w- C:\Windows\System32\drivers\uim_devim.sys
2013-11-15 14:09:00 102664 ----a-w- C:\Windows\System32\drivers\UimBus.sys
2013-11-15 14:08:58 393480 ----a-w- C:\Windows\System32\drivers\UMDF\blockmounter.dll
2013-11-15 13:30:00 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\uTorrent
2013-11-15 12:32:33 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Thunderbird
2013-11-15 12:25:45 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\Stegisoft
2013-11-15 12:25:42 -------- d-----w- C:\Program Files (x86)\UltraFileSearch
2013-11-15 12:16:54 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-11-15 12:16:48 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-11-15 12:16:48 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9921A006-B27A-4D5B-8905-9D92D2C4117D}\mpengine.dll
2013-11-15 11:51:52 13024768 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe
2013-11-15 11:51:18 -------- d-----w- C:\Program Files (x86)\LastPass
2013-11-15 11:49:48 18528 ----a-w- C:\Windows\System32\V3w32se2.dll
2013-11-15 11:49:13 -------- d-----w- C:\ProgramData\AhnLab
2013-11-15 11:48:43 96560 ----a-w- C:\Windows\System32\bcmwlcoi.dll
2013-11-15 11:48:43 2567984 ----a-w- C:\Windows\System32\drivers\BCMWLHIGH664.SYS
2013-11-15 11:48:43 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2013-11-15 11:48:42 4395008 ----a-w- C:\Windows\System32\bcmihvsrv64.dll
2013-11-15 11:48:42 3659264 ----a-w- C:\Windows\System32\bcmihvui64.dll
2013-11-15 11:47:39 -------- d-----w- C:\ProgramData\NETGEAR
2013-11-15 11:45:37 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Google
2013-11-14 22:40:59 -------- d-----w- C:\Windows\Panther
2013-11-14 18:15:39 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-11-14 18:15:39 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-11-14 18:15:39 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-11-14 17:58:28 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-11-14 17:58:28 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-11-14 17:58:28 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-11-14 17:58:28 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-11-14 17:58:28 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-11-14 17:58:28 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-11-14 17:58:28 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-11-14 17:56:59 -------- d-----w- C:\Windows\System32\MRT
2013-11-14 17:54:36 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-11-14 17:54:36 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-11-14 17:54:36 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-11-14 17:54:36 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-11-14 17:54:36 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-11-14 17:38:40 44032 ----a-w- C:\Windows\System32\tsgqec.dll
2013-11-14 17:38:40 3717632 ----a-w- C:\Windows\System32\mstscax.dll
2013-11-14 17:38:40 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll
2013-11-14 17:38:40 158720 ----a-w- C:\Windows\System32\aaclient.dll
2013-11-14 17:38:40 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
2013-11-14 17:38:39 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2013-11-14 17:23:45 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2013-11-14 17:23:45 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2013-11-14 17:23:44 850944 ----a-w- C:\Windows\SysWow64\sbe.dll
2013-11-14 17:23:44 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
2013-11-14 17:23:44 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2013-11-14 17:23:44 1118720 ----a-w- C:\Windows\System32\sbe.dll
2013-11-14 17:23:26 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2013-11-14 17:23:26 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2013-11-14 17:22:07 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2013-11-14 17:22:02 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-11-14 17:21:53 1617512 ----a-w- C:\Windows\System32\nvdispco6420120.dll
2013-11-14 17:21:53 1359976 ----a-w- C:\Windows\System32\nvgenco642040.dll
2013-11-14 17:21:39 446056 ----a-w- C:\Windows\System32\nvoptimusmft.dll
2013-11-14 17:21:39 380520 ----a-w- C:\Windows\SysWow64\nvoptimusmft.dll
2013-11-14 17:21:38 67176 ----a-w- C:\Windows\System32\OpenCL.dll
2013-11-14 17:21:38 57960 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-11-14 17:21:38 392296 ----a-w- C:\Windows\System32\nvdecodemft.dll
2013-11-14 17:21:38 320104 ----a-w- C:\Windows\SysWow64\nvdecodemft.dll
2013-11-14 17:21:38 3069608 ----a-w- C:\Windows\System32\nvapi64.dll
2013-11-14 17:21:38 11240 ----a-w- C:\Windows\System32\drivers\nvBridge.kmd
2013-11-14 17:20:33 395776 ----a-w- C:\Windows\System32\webio.dll
2013-11-14 17:20:33 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2013-11-14 17:20:17 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-11-14 17:20:17 366592 ----a-w- C:\Windows\System32\qdvd.dll
2013-11-14 17:20:17 1572864 ----a-w- C:\Windows\System32\quartz.dll
2013-11-14 17:20:17 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2013-11-14 17:17:42 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2013-11-14 17:16:57 642944 ----a-w- C:\Windows\System32\winload.efi
2013-11-14 17:13:02 -------- d-----w- C:\Program Files (x86)\ASUS
2013-11-14 17:12:35 -------- d-sh--w- C:\Windows\Installer
2013-11-14 17:10:42 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2013-11-14 17:09:15 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\IDM
2013-11-14 17:09:15 -------- d-----w- C:\Users\cat.SuperCat\AppData\Roaming\DMCache
2013-11-14 17:09:15 -------- d-----w- C:\ProgramData\IDM
2013-11-14 17:09:12 -------- d-----w- C:\Program Files (x86)\Internet Download Manager
2013-11-14 16:55:59 77312 ----a-w- C:\Windows\System32\packager.dll
2013-11-14 16:55:59 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2013-11-14 16:40:22 -------- d-----w- C:\Users\cat.SuperCat\AppData\Local\Mozilla
2013-11-14 16:30:48 20992 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2013-11-14 16:30:48 162816 ----a-w- C:\Windows\System32\rdpudd.dll
2013-11-14 16:30:48 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-11-14 16:30:47 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-11-14 16:30:47 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-11-14 16:27:32 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-11-14 16:27:20 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-11-14 16:27:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-11-14 16:27:12 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-11-14 16:26:41 -------- d-sh--w- C:\Recovery
.
==================== Find3M  ====================
.
2013-12-04 22:30:24 72748 ----a-w- C:\Windows\unins000.exe
2013-12-04 06:44:32 6656 ----a-w- C:\Windows\System32\lpcio.dll
2013-11-28 11:50:26 332288 ----a-w- C:\Windows\System32\uxtheme.dll
2013-11-28 11:50:24 44544 ----a-w- C:\Windows\System32\themeservice.dll
2013-11-28 11:50:21 2851840 ----a-w- C:\Windows\System32\themeui.dll
2013-11-23 17:42:12 6674208 ----a-w- C:\Windows\System32\nvcpl.dll
2013-11-23 17:42:12 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-11-23 17:42:10 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-11-23 17:42:10 67072 ----a-w- C:\Windows\System32\nv3dappshextr.dll
2013-11-23 17:42:10 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-11-23 17:42:10 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-11-23 17:42:10 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2013-11-23 17:42:10 1065248 ----a-w- C:\Windows\System32\nv3dappshext.dll
2013-11-22 16:28:31 3498475 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-11-16 07:47:18 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-15 18:53:46 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2013-11-15 18:53:45 175616 ----a-w- C:\Windows\System32\msclmd.dll
2013-11-12 07:38:50 549520 ----a-w- C:\Windows\apppatch\EMET.dll
2013-11-12 07:38:50 150672 ----a-w- C:\Windows\apppatch\AppPatch64\EMET64.dll
2013-11-05 17:47:54 3707864 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2013-11-05 16:54:54 38385664 ----a-w- C:\Windows\System32\RCoRes64.dat
2013-11-04 17:26:24 153304 ----a-w- C:\Windows\System32\RCoInstII64.dll
2013-11-04 09:11:44 2587864 ----a-w- C:\Windows\System32\RtkAPO64.dll
2013-10-30 14:31:04 929080 ----a-w- C:\Windows\System32\NAHIMICAPOSettingsIPC.dll
2013-10-28 15:29:50 1021656 ----a-w- C:\Windows\System32\RtkApi64.dll
2013-10-25 08:49:08 5751576 ----a-w- C:\Windows\System32\NAHIMICAPOlfx.dll
2013-10-18 14:41:34 1286360 ----a-w- C:\Windows\System32\RTCOM64.dll
2013-10-18 10:44:58 80464 ----a-w- C:\Windows\System32\vmnetbridge.dll
2013-10-18 10:44:58 49232 ----a-w- C:\Windows\System32\vnetinst.dll
2013-10-18 10:44:58 46160 ----a-w- C:\Windows\System32\drivers\vmnetbridge.sys
2013-10-18 10:44:58 24656 ----a-w- C:\Windows\System32\drivers\vmnet.sys
2013-10-18 10:44:58 20560 ----a-w- C:\Windows\System32\drivers\vmnetadapter.sys
2013-10-16 01:43:50 209096 ----a-w- C:\Windows\System32\AERTAC64.dll
2013-10-15 11:53:44 672256 ----a-w- C:\Windows\System32\ndm-fre.exe
2013-10-11 10:47:14 113576 ----a-w- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
2013-10-11 09:31:16 947760 ----a-w- C:\Windows\System32\SFSS_APO.dll
2013-10-09 18:13:56 1286400 ----a-w- C:\Windows\System32\MaxxSpeechAPO64.dll
2013-10-09 18:13:44 1345280 ----a-w- C:\Windows\System32\MaxxAudioAPO5064.dll
2013-10-09 18:13:28 1921792 ----a-w- C:\Windows\System32\MaxxAudioRealtek264.dll
2013-10-09 18:12:56 2103040 ----a-w- C:\Windows\System32\WavesGUILib64.dll
2013-10-09 18:12:54 1012992 ----a-w- C:\Windows\System32\MaxxAudioAPOShell64.dll
2013-10-09 18:12:26 2036992 ----a-w- C:\Windows\System32\MaxxAudioEQ64.dll
2013-10-09 18:12:16 3714304 ----a-w- C:\Windows\System32\MaxxAudioVnN64.dll
2013-10-09 18:12:14 27644160 ----a-w- C:\Windows\System32\MaxxAudioVnA64.dll
2013-10-09 18:12:12 14152960 ----a-w- C:\Windows\System32\MaxxAudioRealtek64.dll
2013-10-07 09:05:20 2810072 ----a-w- C:\Windows\System32\RtPgEx64.dll
2013-10-06 22:26:58 501184 ----a-w- C:\Windows\System32\DTSU2PLFX64.dll
2013-10-06 22:26:58 487360 ----a-w- C:\Windows\System32\DTSU2PGFX64.dll
2013-10-06 22:26:58 415680 ----a-w- C:\Windows\System32\DTSU2PREC64.dll
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-10-02 15:10:54 617176 ----a-w- C:\Windows\System32\RtDataProc64.dll
2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
2013-09-18 20:08:56 94208 ----a-w- C:\Windows\SysWow64\dpl100.dll
2013-09-11 19:21:54 863344 ----a-w- C:\Windows\SysWow64\msvcr110_clr0400.dll
2013-09-11 19:21:54 501872 ----a-w- C:\Windows\SysWow64\msvcp110_clr0400.dll
2013-09-11 19:21:54 28776 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll
2013-09-11 19:21:54 18000 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
2013-09-11 17:39:06 855664 ----a-w- C:\Windows\System32\msvcr110_clr0400.dll
2013-09-11 17:39:06 614000 ----a-w- C:\Windows\System32\msvcp110_clr0400.dll
2013-09-11 17:39:06 30312 ----a-w- C:\Windows\System32\aspnet_counters.dll
2013-09-11 17:39:06 18000 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
2013-09-10 02:02:00 6217904 ----a-w- C:\Windows\System32\DDPP64A.dll
2013-09-10 02:02:00 313520 ----a-w- C:\Windows\System32\DDPO64A.dll
2013-09-10 02:01:58 260272 ----a-w- C:\Windows\System32\DDPA64.dll
2013-09-10 02:01:58 1938608 ----a-w- C:\Windows\System32\DDPD64A.dll
.
============= FINISH:  0:50:23,64 ===============
 


Edited by hamluis, 04 December 2013 - 08:04 PM.
Moved from AII to MRL - Hamluis.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,954 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:25 AM

Posted 09 December 2013 - 02:40 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
==============

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: Turorial
Link 1
Link 2

IMPORTANT !!! Save ComboFix.exe to your Desktop

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe and follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note: Do not mouse click ComboFix's window while it's running. That may cause it to stall

Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Please paste the logs in your next reply DO NOT ATTACH THEM.
Let me know what problem persists.

#3 Lioness1009

Lioness1009
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:25 PM

Posted 09 December 2013 - 05:36 PM

Thank you, I managed to clean it a few days ago 100% but I have issues after the cleanup....permissions issues, some programs stopped working....I will do as you  said, appreciate your help! Maybe there are some remains of the virus....






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users