Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't update windows, blue screen during MBAM and ESET scans


  • This topic is locked This topic is locked
52 replies to this topic

#1 signofzeta

signofzeta

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 28 April 2014 - 11:52 AM

My computer runs windows vista SP2 32 bit.

 

I was trying to get help on how to fix the problem of the 0x80096001 error that pops up when I try to update windows vista and microsoft security essentials here:

 

http://www.bleepingcomputer.com/forums/t/532226/is-there-a-virus-that-causes-windows-vista-error-code-0x80096001/

 

Someone told me to make a new thread here because I might need some experts on this.

 

Here is the situation here.

 

The scans, like Malwarebytes full scan, ESET scan, seatools short scan, all lead to the 0x000000F4 blue screen of death,  It is pretty much described in the link above.

 

 

A problem has been detected an windows has been shut down to prevent damage to your computer.

 

A process or thread crucial to system operation has unexpectedly exited or been terminated.

 

If this is the first time you've seen this stop error screen, restart your computer.  If this screen appears again, follow these steps:

 

Check to make sure any new hardware or software is properly installed.  If this is a new installation, ask your hardware or software manufacturer for any windows updates you might need.

 

If problems continue, disable or remove any newly installed hardware or software.  Disable BIOS memory options such as caching or shadowing. If you need to use Safe Mode to remove or disable components, restart your computer, press F8 to select Advanced startup Options, and then select Safe Mode.

 

Technical Information:

 

*** STOP: 0x000000F4 (0x00000003, 0x88AB3368, 0x88AB34B4, 0x83270A60)

 

Collecting data for crash dump...

Initializing disk for crash dump...

 

Seatools for DOS doesn't work because it couldn't load BCDW.ini  I get the one of the following messages when I try to boot into the CD that has Seatools for DOS burned onto it.

 

 

Starting BCDW... ok.

 

Error! Cannot load file (code: 100Bh):

\bcdw\bcdw.ini

Press any ket to boot from hard disk or ESCape to reboot...

 

 

Starting BCDW... ok.

 

Error! Cannot load file (code: 10FDh):

\bcdw\bcdw.bin

Press any ket to boot from hard disk or ESCape to reboot...

 

 

Chkdsk doesn't work because there is a registry file failure.  There are two different blue screens that show up, but not at the same time.

 

 

STOP: c0000218 {Registry File Failure}

The registry cannot load the hive (file):

\SystemRoot\System32\Config\SECURITY

or its log or alternate.

It is corrupt, absent, or not writable.

 

 

STOP: c0000218 {Registry File Failure}

The registry cannot load the hive (file):

\SystemRoot\System32\Config\SOFTWARE

or its log or alternate.

It is corrupt, absent, or not writable.

 

During the Malwarebytes full scan, my computer makes noises.

 

What I want to know is this.  Could there be a virus that causes all these blue screen problems, and the 0x80096001 error in updating windows?  I trying to narrow down all the problems, where if my computer is truly clean, then I can narrow it down to my hard drive dying, so maybe I can get help in the hardware section of the forums.

 

DDS and attach logs will follow.

 

 

 

 

 

 

 

 

 

 

 

 

 

DDS.txt log

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6002.18005  BrowserJavaVersion: 10.55.2
Run by George at 11:33:05 on 2014-04-28
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.2.1033.18.3070.1817 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\seagate\Sync\FreeAgentService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ATK Hotkey\MsgTranAgt.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Windows\System32\ACEngSvr.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Winamp\winampa.exe
C:\seagate\FreeAgent Status\stxmenumgr.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\NetWorx\networx.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
mRun: [Microsoft Pinyin IME Migration] c:\progra~1\common~1\micros~1\ime12\imesc\IMSCMIG.EXE /INSTALL
mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"
mRun: [P2Go_Menu] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [HControlUser] "c:\program files\atk hotkey\HcontrolUser.exe"
mRun: [ATKOSD2] c:\program files\asus\atkosd2\ATKOSD2.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ADSMTray] c:\program files\asus\asus data security manager\ADSMTray.exe
mRun: [ATKMEDIA] c:\program files\asus\atk media\DMedia.exe
mRun: [ASUSTPE] c:\windows\system32\ASUSTPE.exe
mRun: [ASUS Camera ScreenSaver] c:\windows\AsScrProlog.exe
mRun: [ASUS Screen Saver Protector] c:\windows\ASScrPro.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [fssui] "c:\program files\windows live\family safety\fsui.exe" -autorun
mRun: [MaxMenuMgr] "c:\seagate\freeagent status\StxMenuMgr.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [KeePass 2 PreLoad] "c:\program files\keepass password safe 2\KeePass.exe" --preload
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logon
mRun: [IJNetworkScannerSelectorEX] c:\program files\canon\ij network scanner selector ex\CNMNSST.exe /FORCE
mRun: [NetWorx] "c:\program files\networx\networx.exe" /auto
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
StartupFolder: c:\users\george\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\fancys~1.lnk - c:\windows\installer\{dc905847-d537-427f-bf91-47cc7accde58}\_DF3A81D17C478A2A6C60A5.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{387CE45C-756D-4E83-8D35-904B8B415E29} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{A0BBAC67-483F-495C-AC61-DBB492CA07A9} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F30F37EC-794C-4650-A5AB-1880BB88B0BA} : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
AppInit_DLLs= c:\progra~1\google\google~1\googledesktopnetwork3.dll c:\progra~1\google\google~1\GOEC62~1.DLL
LSA: Notification Packages =  scecli c:\program files\asus\asus data security manager\ASPWDFLT
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\george\appdata\roaming\mozilla\firefox\profiles\tkl96nqs.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\picasa2\npPicasa2.dll
FF - plugin: c:\program files\vistacodecpack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\vistacodecpack\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\id software\quakelive\npquakezero.dll
FF - plugin: c:\users\george\appdata\roaming\mozilla\plugins\npicaN.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
FF - ExtSQL: !HIDDEN! 2009-09-02 02:02; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 lullaby;lullaby;c:\windows\system32\drivers\lullaby.sys [2009-4-7 15416]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 networx;networx;c:\windows\system32\drivers\networx.sys [2013-5-9 52728]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 FreeAgentGoNext Service;Seagate Service;c:\seagate\sync\FreeAgentService.exe [2009-9-25 189736]
R2 NvNetworkService;NVIDIA Network Service;c:\program files\nvidia corporation\netservice\NvNetworkService.exe [2014-2-23 1593632]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.sys [2009-11-19 5120]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\drivers\SiSGB6.sys [2008-9-8 48128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-3-1 54632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-4-7 30192]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-4-25 107736]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2014-04-28 07:52:35    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2014-04-28 07:27:43    --------    d-----w-    c:\programdata\Package Cache
2014-04-28 07:27:30    --------    d-----w-    c:\program files\Seagate
2014-04-27 23:33:12    --------    d-----w-    c:\program files\ESET
2014-04-27 23:20:57    740840    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{806cf27c-ce33-4df7-af0b-e43e16c10cc9}\gapaengine.dll
2014-04-27 23:20:21    8050496    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{7133d884-92be-4a3b-8190-b65e9271437e}\mpengine.dll
2014-04-25 23:11:24    --------    d-----w-    C:\AdwCleaner
2014-04-25 18:50:12    107736    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-25 18:49:35    73432    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-04-25 18:49:35    51416    ----a-w-    c:\windows\system32\drivers\mwac.sys
2014-04-25 18:49:35    --------    d-----w-    c:\program files\Malwarebytes Anti-Malware
2014-04-10 04:18:21    86016    ----a-w-    c:\windows\unvise32.exe
2014-04-06 20:15:01    --------    d--h--w-    c:\programdata\CanonIJEGV
.
==================== Find3M  ====================
.
2014-04-28 07:39:36    45056    ----a-w-    c:\windows\system32\acovcnt.exe
2014-04-28 07:10:07    189744    ----a-w-    c:\windows\system32\PnkBstrB.xtr
2014-04-03 14:50:56    23256    ----a-w-    c:\windows\system32\drivers\mbam.sys
2008-07-02 02:28:38    61440    ----a-w-    c:\program files\common files\CPInstallAction.dll
.
============= FINISH: 11:34:04.77 ===============
 


Edited by signofzeta, 28 April 2014 - 11:54 AM.


BC AdBot (Login to Remove)

 


#2 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 28 April 2014 - 11:53 AM

Attach.txt log

 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 4/7/2009 9:35:04 AM
System Uptime: 4/28/2014 2:38:28 AM (9 hours ago)
.
Motherboard: PEGATRON CORPORATION          |  | F50SV     
Processor: Pentium® Dual-Core CPU       T4200  @ 2.00GHz | CPU 1 | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 116 GiB total, 49.892 GiB free.
D: is FIXED (NTFS) - 105 GiB total, 33.375 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Flash Player 9 ActiveX
Adobe Reader X (10.0.1)
Apple Application Support
Apple Software Update
ASUS CopyProtect
ASUS Data Security Manager
ASUS FancyStart
ASUS LifeFrame3
ASUS Live Update
ASUS MultiFrame
ASUS Power4Gear eXtreme
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Touch Pad Extra
ASUS Virtual Camera
Asus_Camera_ScreenSaver
Atheros Client Installation Program
ATK Generic Function Service
ATK Hotkey
ATK Media
ATKOSD2
BitComet 1.12
Canon Easy-PhotoPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon MG5300 series MP Drivers
Canon MG5300 series On-screen Manual
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
CDBurnerXP
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Citrix XenApp Web Plugin
CyberLink LabelPrint
CyberLink Power2Go
Dolby Control Center
Doom 3
Doom 3 ™ Demo
DOOM 3: BFG Edition
DOOM 3: Resurrection of Evil
DOOM II: Hell on Earth
ESET Online Scanner v3
Explorer Suite III
Express Gate
Google Desktop
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2484841)
Java 7 Update 55
Java Auto Updater
Junk Mail filter update
KeePass Password Safe 2.18
LightScribe System Software  1.14.17.1
Logitech Gaming Software
Malwarebytes Anti-Malware version 2.0.1.1004
MATLAB R2009b
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (Chinese (Simplified)) 2007
Microsoft Office Access MUI (Chinese (Traditional)) 2007
Microsoft Office Access MUI (English) 2007
Microsoft Office Access MUI (French) 2007
Microsoft Office Access MUI (Spanish) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel 2007 Help ¸üР(KB963678)
Microsoft Office Excel 2007 Help Actualización (KB963678)
Microsoft Office Excel 2007 Help §ó·sµ{¦¡ (KB963678)
Microsoft Office Excel MUI (Chinese (Simplified)) 2007
Microsoft Office Excel MUI (Chinese (Traditional)) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (French) 2007
Microsoft Office Excel MUI (Spanish) 2007
Microsoft Office IME (Chinese (Simplified)) 2007
Microsoft Office IME (Chinese (Traditional)) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office Outlook 2007 Help ¸üР(KB963677)
Microsoft Office Outlook 2007 Help Actualización (KB963677)
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Chinese (Simplified)) 2007
Microsoft Office Outlook MUI (Chinese (Traditional)) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Outlook MUI (French) 2007
Microsoft Office Outlook MUI (Spanish) 2007
Microsoft Office Powerpoint 2007 Help ¸üР(KB963669)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669)
Microsoft Office Powerpoint 2007 Help §ó·sµ{¦¡ (KB963669)
Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (French) 2007
Microsoft Office PowerPoint MUI (Spanish) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (Basque) 2007
Microsoft Office Proof (Catalan) 2007
Microsoft Office Proof (Chinese (Simplified)) 2007
Microsoft Office Proof (Chinese (Traditional)) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Galician) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Portuguese (Brazil)) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (Chinese (Simplified)) 2007
Microsoft Office Proofing (Chinese (Traditional)) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (French) 2007
Microsoft Office Proofing (Spanish) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (Chinese (Simplified)) 2007
Microsoft Office Publisher MUI (Chinese (Traditional)) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Publisher MUI (French) 2007
Microsoft Office Publisher MUI (Spanish) 2007
Microsoft Office Shared MUI (Chinese (Simplified)) 2007
Microsoft Office Shared MUI (Chinese (Traditional)) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (French) 2007
Microsoft Office Shared MUI (Spanish) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word 2007 Help ¸üР(KB963665)
Microsoft Office Word 2007 Help Actualización (KB963665)
Microsoft Office Word 2007 Help §ó·sµ{¦¡ (KB963665)
Microsoft Office Word MUI (Chinese (Simplified)) 2007
Microsoft Office Word MUI (Chinese (Traditional)) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (French) 2007
Microsoft Office Word MUI (Spanish) 2007
Microsoft Search Enhancement Pack
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Mise à jour Microsoft Office Excel 2007 Help  (KB963678)
Mise à jour Microsoft Office Outlook 2007 Help  (KB963677)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669)
Mise à jour Microsoft Office Word 2007 Help  (KB963665)
Mozilla Firefox 28.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Card Reader
NetWorx 5.2.7
NVIDIA Drivers
NVIDIA Install Application
NVIDIA Network Service
NVIDIA PhysX
Oblivion
OpenOffice.org 3.1
Picasa 2
Pokémon Trading Card Game Online
PunkBuster Services
Python 2.5.2
Quake 4™ Demo
Quake III Arena Demo
Quake III Arena Point Release 1.32
Quake III: Team Arena Demo
Quake Live
Quake Live Mozilla Plugin
QuickTime
Realtek High Definition Audio Driver
Revo Uninstaller 1.93
Samsung SCX-4x21 Series
Seagate Manager Installer
SeaTools for Windows
SecureW2 EAP Suite 1.1.3 for Windows
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Speccy
Steam
Synaptics Pointing Device Driver
TextPad 4.7
Unlocker 1.9.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB 2.0 1.3M UVC WebCam
Vista Codec Package
Winamp
WinDirStat 1.1.2
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
WinFlash
WinRAR archiver
Wireless Console 2
Wolfenstein - Enemy Territory
Wolfenstein™ 1.1 Patch
Wolfenstein™ 1.2 Patch
wxPython 2.8.7.1 (ansi) for Python 2.5
YDKJ The 5th Dementia
You Don't Know Jack - Sports 1.0
You Don't Know Jack - Volume 2 1.0
You Don't Know Jack - XL 1.0
You Don't Know Jack 4 1.00
YOU DON'T KNOW JACK Louder! Faster! Funnier!
YOU DON'T KNOW JACK Offline
YOU DON'T KNOW JACK Volume 3
You Don't Know Jack®
Yu-Gi-Oh! ONLINE 3
.
==== End Of File ===========================
 



#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:30 AM

Posted 03 May 2014 - 11:55 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/532565 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 07 May 2014 - 11:00 AM

Here are the problems.

 

1.  When I update windows, or microsoft security essentials, I get an error code x80096001, and windows and MSE won't update.

 

2.  When I try to do a full virus scan, or a chkdsk scan, or any scan that actually thoroughly scans the hard drive, I get a blue screen of death.  The contents of said blue screen of death are described in the first opening post in this thread.

 

 

 

 

 

 

 

 

 

DDS log

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6002.18005  BrowserJavaVersion: 10.55.2
Run by George at 10:57:37 on 2014-05-07
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.2.1033.18.3070.1410 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\seagate\Sync\FreeAgentService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ATK Hotkey\MsgTranAgt.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Windows\System32\ACEngSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Winamp\winampa.exe
C:\seagate\FreeAgent Status\stxmenumgr.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\NetWorx\networx.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_7_700_224_Plugin.exe -update plugin
mRun: [Microsoft Pinyin IME Migration] c:\progra~1\common~1\micros~1\ime12\imesc\IMSCMIG.EXE /INSTALL
mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"
mRun: [P2Go_Menu] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [HControlUser] "c:\program files\atk hotkey\HcontrolUser.exe"
mRun: [ATKOSD2] c:\program files\asus\atkosd2\ATKOSD2.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ADSMTray] c:\program files\asus\asus data security manager\ADSMTray.exe
mRun: [ATKMEDIA] c:\program files\asus\atk media\DMedia.exe
mRun: [ASUSTPE] c:\windows\system32\ASUSTPE.exe
mRun: [ASUS Camera ScreenSaver] c:\windows\AsScrProlog.exe
mRun: [ASUS Screen Saver Protector] c:\windows\ASScrPro.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [fssui] "c:\program files\windows live\family safety\fsui.exe" -autorun
mRun: [MaxMenuMgr] "c:\seagate\freeagent status\StxMenuMgr.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [KeePass 2 PreLoad] "c:\program files\keepass password safe 2\KeePass.exe" --preload
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logon
mRun: [IJNetworkScannerSelectorEX] c:\program files\canon\ij network scanner selector ex\CNMNSST.exe /FORCE
mRun: [NetWorx] "c:\program files\networx\networx.exe" /auto
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
StartupFolder: c:\users\george\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\fancys~1.lnk - c:\windows\installer\{dc905847-d537-427f-bf91-47cc7accde58}\_DF3A81D17C478A2A6C60A5.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{387CE45C-756D-4E83-8D35-904B8B415E29} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{A0BBAC67-483F-495C-AC61-DBB492CA07A9} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F30F37EC-794C-4650-A5AB-1880BB88B0BA} : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
AppInit_DLLs= c:\progra~1\google\google~1\googledesktopnetwork3.dll c:\progra~1\google\google~1\GOEC62~1.DLL
LSA: Notification Packages =  scecli c:\program files\asus\asus data security manager\ASPWDFLT
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\george\appdata\roaming\mozilla\firefox\profiles\tkl96nqs.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\picasa2\npPicasa2.dll
FF - plugin: c:\program files\vistacodecpack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\vistacodecpack\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\id software\quakelive\npquakezero.dll
FF - plugin: c:\users\george\appdata\roaming\mozilla\plugins\npicaN.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
FF - ExtSQL: !HIDDEN! 2009-09-02 02:02; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 lullaby;lullaby;c:\windows\system32\drivers\lullaby.sys [2009-4-7 15416]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 networx;networx;c:\windows\system32\drivers\networx.sys [2013-5-9 52728]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 FreeAgentGoNext Service;Seagate Service;c:\seagate\sync\FreeAgentService.exe [2009-9-25 189736]
R2 NvNetworkService;NVIDIA Network Service;c:\program files\nvidia corporation\netservice\NvNetworkService.exe [2014-2-23 1593632]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.sys [2009-11-19 5120]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\drivers\SiSGB6.sys [2008-9-8 48128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-3-1 54632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-4-7 30192]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-4-25 107736]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2014-05-07 07:33:01    62576    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{3949c96e-13da-49f8-b25d-76ac3c78a7bf}\offreg.dll
2014-05-07 06:53:20    740840    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{082e570b-d492-40d4-b6e9-14d0a0e377ce}\gapaengine.dll
2014-05-07 06:52:47    8050496    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{3949c96e-13da-49f8-b25d-76ac3c78a7bf}\mpengine.dll
2014-04-28 07:52:35    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2014-04-28 07:27:43    --------    d-----w-    c:\programdata\Package Cache
2014-04-28 07:27:30    --------    d-----w-    c:\program files\Seagate
2014-04-27 23:33:12    --------    d-----w-    c:\program files\ESET
2014-04-27 23:20:57    740840    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{806cf27c-ce33-4df7-af0b-e43e16c10cc9}\gapaengine.dll
2014-04-25 23:11:24    --------    d-----w-    C:\AdwCleaner
2014-04-25 18:50:12    107736    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-25 18:49:35    73432    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-04-25 18:49:35    51416    ----a-w-    c:\windows\system32\drivers\mwac.sys
2014-04-25 18:49:35    --------    d-----w-    c:\program files\Malwarebytes Anti-Malware
2014-04-10 04:18:21    86016    ----a-w-    c:\windows\unvise32.exe
.
==================== Find3M  ====================
.
2014-05-07 06:42:29    45056    ----a-w-    c:\windows\system32\acovcnt.exe
2014-04-28 07:10:07    189744    ----a-w-    c:\windows\system32\PnkBstrB.xtr
2014-04-03 14:50:56    23256    ----a-w-    c:\windows\system32\drivers\mbam.sys
2008-07-02 02:28:38    61440    ----a-w-    c:\program files\common files\CPInstallAction.dll
.
============= FINISH: 10:58:33.83 ===============
 

 

 

 

 

 

 

 

attach log

 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 4/7/2009 9:35:04 AM
System Uptime: 5/7/2014 8:44:12 AM (2 hours ago)
.
Motherboard: PEGATRON CORPORATION          |  | F50SV     
Processor: Pentium® Dual-Core CPU       T4200  @ 2.00GHz | CPU 1 | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 116 GiB total, 49.977 GiB free.
D: is FIXED (NTFS) - 105 GiB total, 38.595 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1307: 4/28/2014 2:48:29 AM - Installed Java 7 Update 55
RP1308: 5/7/2014 2:31:31 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Flash Player 9 ActiveX
Adobe Reader X (10.1.9)
Apple Application Support
Apple Software Update
ASUS CopyProtect
ASUS Data Security Manager
ASUS FancyStart
ASUS LifeFrame3
ASUS Live Update
ASUS MultiFrame
ASUS Power4Gear eXtreme
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Touch Pad Extra
ASUS Virtual Camera
Asus_Camera_ScreenSaver
Atheros Client Installation Program
ATK Generic Function Service
ATK Hotkey
ATK Media
ATKOSD2
BitComet 1.12
Canon Easy-PhotoPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon MG5300 series MP Drivers
Canon MG5300 series On-screen Manual
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
CDBurnerXP
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Citrix XenApp Web Plugin
CyberLink LabelPrint
CyberLink Power2Go
Dolby Control Center
Doom 3
Doom 3 ™ Demo
DOOM 3: BFG Edition
DOOM 3: Resurrection of Evil
DOOM II: Hell on Earth
ESET Online Scanner v3
Explorer Suite III
Express Gate
Google Desktop
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2484841)
Java 7 Update 55
Java Auto Updater
Junk Mail filter update
KeePass Password Safe 2.18
LightScribe System Software  1.14.17.1
Logitech Gaming Software
Malwarebytes Anti-Malware version 2.0.1.1004
MATLAB R2009b
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (Chinese (Simplified)) 2007
Microsoft Office Access MUI (Chinese (Traditional)) 2007
Microsoft Office Access MUI (English) 2007
Microsoft Office Access MUI (French) 2007
Microsoft Office Access MUI (Spanish) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel 2007 Help ¸üР(KB963678)
Microsoft Office Excel 2007 Help Actualización (KB963678)
Microsoft Office Excel 2007 Help §ó·sµ{¦¡ (KB963678)
Microsoft Office Excel MUI (Chinese (Simplified)) 2007
Microsoft Office Excel MUI (Chinese (Traditional)) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (French) 2007
Microsoft Office Excel MUI (Spanish) 2007
Microsoft Office IME (Chinese (Simplified)) 2007
Microsoft Office IME (Chinese (Traditional)) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office Outlook 2007 Help ¸üР(KB963677)
Microsoft Office Outlook 2007 Help Actualización (KB963677)
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Chinese (Simplified)) 2007
Microsoft Office Outlook MUI (Chinese (Traditional)) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Outlook MUI (French) 2007
Microsoft Office Outlook MUI (Spanish) 2007
Microsoft Office Powerpoint 2007 Help ¸üР(KB963669)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669)
Microsoft Office Powerpoint 2007 Help §ó·sµ{¦¡ (KB963669)
Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (French) 2007
Microsoft Office PowerPoint MUI (Spanish) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (Basque) 2007
Microsoft Office Proof (Catalan) 2007
Microsoft Office Proof (Chinese (Simplified)) 2007
Microsoft Office Proof (Chinese (Traditional)) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Galician) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Portuguese (Brazil)) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (Chinese (Simplified)) 2007
Microsoft Office Proofing (Chinese (Traditional)) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (French) 2007
Microsoft Office Proofing (Spanish) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (Chinese (Simplified)) 2007
Microsoft Office Publisher MUI (Chinese (Traditional)) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Publisher MUI (French) 2007
Microsoft Office Publisher MUI (Spanish) 2007
Microsoft Office Shared MUI (Chinese (Simplified)) 2007
Microsoft Office Shared MUI (Chinese (Traditional)) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (French) 2007
Microsoft Office Shared MUI (Spanish) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word 2007 Help ¸üР(KB963665)
Microsoft Office Word 2007 Help Actualización (KB963665)
Microsoft Office Word 2007 Help §ó·sµ{¦¡ (KB963665)
Microsoft Office Word MUI (Chinese (Simplified)) 2007
Microsoft Office Word MUI (Chinese (Traditional)) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (French) 2007
Microsoft Office Word MUI (Spanish) 2007
Microsoft Search Enhancement Pack
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Mise à jour Microsoft Office Excel 2007 Help  (KB963678)
Mise à jour Microsoft Office Outlook 2007 Help  (KB963677)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669)
Mise à jour Microsoft Office Word 2007 Help  (KB963665)
Mozilla Firefox 28.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Card Reader
NetWorx 5.2.7
NVIDIA Drivers
NVIDIA Install Application
NVIDIA Network Service
NVIDIA PhysX
Oblivion
OpenOffice.org 3.1
Picasa 2
Pokémon Trading Card Game Online
PunkBuster Services
Python 2.5.2
Quake 4™ Demo
Quake III Arena Demo
Quake III Arena Point Release 1.32
Quake III: Team Arena Demo
Quake Live
Quake Live Mozilla Plugin
QuickTime
Realtek High Definition Audio Driver
Revo Uninstaller 1.93
Samsung SCX-4x21 Series
Seagate Manager Installer
SeaTools for Windows
SecureW2 EAP Suite 1.1.3 for Windows
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Speccy
Steam
Synaptics Pointing Device Driver
TextPad 4.7
Unlocker 1.9.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB 2.0 1.3M UVC WebCam
Vista Codec Package
Winamp
WinDirStat 1.1.2
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
WinFlash
WinRAR archiver
Wireless Console 2
Wolfenstein - Enemy Territory
Wolfenstein™ 1.1 Patch
Wolfenstein™ 1.2 Patch
wxPython 2.8.7.1 (ansi) for Python 2.5
YDKJ The 5th Dementia
You Don't Know Jack - Sports 1.0
You Don't Know Jack - Volume 2 1.0
You Don't Know Jack - XL 1.0
You Don't Know Jack 4 1.00
YOU DON'T KNOW JACK Louder! Faster! Funnier!
YOU DON'T KNOW JACK Offline
YOU DON'T KNOW JACK Volume 3
You Don't Know Jack®
Yu-Gi-Oh! ONLINE 3
.
==== End Of File ===========================
 


Edited by signofzeta, 07 May 2014 - 11:01 AM.


#5 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 07 May 2014 - 11:02 AM

I do not have the windows vista CD/DVD available.  Windows Vista was preinstalled in this laptop, when I first purchased it close to 5 years ago.



#6 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 09 May 2014 - 10:00 PM

Here is another problem that arose.  When I restart my computer, my desktop icons disappeared.  I basically have to hide the desktop and show them to make them reappear.



#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,753 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:30 AM

Posted 10 May 2014 - 09:09 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#8 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 10 May 2014 - 09:40 AM

AdwCleaner[S1].txt

 

 

# AdwCleaner v3.207 - Report created 10/05/2014 at 09:27:05
# Updated 05/05/2014 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : George - GEORGEGAMINGPC
# Running from : C:\Users\George\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6002.18005


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\sbtdhcwb.default\prefs.js ]


[ File : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\tkl96nqs.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [4021 octets] - [25/04/2014 19:21:33]
AdwCleaner[R1].txt - [4081 octets] - [25/04/2014 19:39:54]
AdwCleaner[R2].txt - [4151 octets] - [26/04/2014 18:15:01]
AdwCleaner[R3].txt - [1298 octets] - [10/05/2014 09:21:21]
AdwCleaner[R4].txt - [1358 octets] - [10/05/2014 09:23:44]
AdwCleaner[S0].txt - [4294 octets] - [26/04/2014 18:16:37]
AdwCleaner[S1].txt - [1283 octets] - [10/05/2014 09:27:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1343 octets] ##########
 



#9 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 10 May 2014 - 09:41 AM

FRST.txt

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:10-05-2014
Ran by George (administrator) on GEORGEGAMINGPC on 10-05-2014 09:34:22
Running from C:\Users\George\Desktop\AV logs
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Seagate Technology LLC) C:\seagate\Sync\FreeAgentService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
(ATK0100) C:\Program Files\ATK Hotkey\HControl.exe
() C:\Program Files\ATK Hotkey\MsgTranAgt.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ASUS) C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
() C:\Program Files\ATK Hotkey\ATKOSD.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
() C:\Program Files\ATK Hotkey\KBFiltr.exe
() C:\Program Files\ATK Hotkey\WDC.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
() C:\Program Files\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(ASUS) C:\Windows\System32\ASUSTPE.exe
() C:\Windows\ASScrPro.exe
() C:\Program Files\Winamp\winampa.exe
(Seagate LLC) C:\seagate\FreeAgent Status\stxmenumgr.exe
() C:\Program Files\Unlocker\UnlockerAssistant.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(SoftPerfect Research) C:\Program Files\NetWorx\networx.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\daemon.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Microsoft Pinyin IME Migration] => C:\Program Files\Common Files\microsoft shared\IME12\IMESC\IMSCMIG.EXE [33128 2008-11-04] (Microsoft Corporation)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [104936 2008-07-18] (CyberLink)
HKLM\...\Run: [P2Go_Menu] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-06-23] (Google)
HKLM\...\Run: [HControlUser] => C:\Program Files\ATK Hotkey\HcontrolUser.exe [98304 2008-01-12] ()
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [7651328 2008-07-15] (ASUS)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6253088 2008-07-16] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-12-06] (Synaptics, Inc.)
HKLM\...\Run: [ADSMTray] => C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [266240 2008-04-01] (ASUSTek Computer Inc.)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMedia.exe [159744 2008-06-24] (ASUS)
HKLM\...\Run: [ASUSTPE] => C:\Windows\system32\ASUSTPE.exe [106496 2007-10-11] (ASUS)
HKLM\...\Run: [ASUS Camera ScreenSaver] => C:\Windows\AsScrProlog.exe [47672 2009-04-07] ()
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\ASScrPro.exe [33136 2009-04-07] ()
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [37888 2009-07-01] ()
HKLM\...\Run: [fssui] => C:\Program Files\Windows Live\Family Safety\fsui.exe [647528 2010-04-28] (Microsoft Corporation)
HKLM\...\Run: [MaxMenuMgr] => C:\seagate\FreeAgent Status\StxMenuMgr.exe [185640 2009-09-25] (Seagate LLC)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [13789728 2009-07-02] (NVIDIA Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-09-08] (Apple Inc.)
HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [997920 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [1823744 2012-01-05] (Dominik Reichl)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2565520 2011-03-14] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenuEx] => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [3256720 2013-01-18] (SoftPerfect Research)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-2042005289-950038496-3332287716-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKU\S-1-5-21-2042005289-950038496-3332287716-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-04-07] (Google Inc.)
HKU\S-1-5-21-2042005289-950038496-3332287716-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\daemon.exe [691656 2009-04-23] (DT Soft Ltd)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-06-23] (Google)
AppInit_DLLs:  C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-06-23] (Google)
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{DC905847-D537-427F-BF91-47CC7ACCDE58}\_DF3A81D17C478A2A6C60A5.exe ()
Startup: C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_enCA330
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_enCA330
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Plug-In - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [223232] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\tkl96nqs.default
FF Homepage: hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 - C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF Plugin: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\George\AppData\Roaming\mozilla\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\George\AppData\Roaming\mozilla\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\George\AppData\Roaming\mozilla\plugins\confmgr.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\George\AppData\Roaming\mozilla\plugins\ctxlogging.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\George\AppData\Roaming\mozilla\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\George\AppData\Roaming\mozilla\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\George\AppData\Roaming\mozilla\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\George\AppData\Roaming\mozilla\plugins\msvcm80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\George\AppData\Roaming\mozilla\plugins\msvcp80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\George\AppData\Roaming\mozilla\plugins\msvcr80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\George\AppData\Roaming\mozilla\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\George\AppData\Roaming\mozilla\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\George\AppData\Roaming\mozilla\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF Extension: Battlefield Heroes Updater - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\tkl96nqs.default\Extensions\battlefieldheroespatcher@ea.com [2009-12-07]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\tkl96nqs.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-03-18]
FF Extension: WOT - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\tkl96nqs.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: BitComet Video Downloader - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\tkl96nqs.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2009-06-10]
FF Extension: DownloadHelper - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\tkl96nqs.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-24]
FF Extension: Adblock Plus - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\tkl96nqs.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKCU\...\Firefox\Extensions: [{6C028C61-1644-4D51-B6C5-E47F4688180E}] - C:\Users\George\AppData\Local\{6C028C61-1644-4D51-B6C5-E47F4688180E}\

========================== Services (Whitelisted) =================

R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.)
R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-02] ()
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 FreeAgentGoNext Service; C:\seagate\Sync\FreeAgentService.exe [189736 2009-09-25] (Seagate Technology LLC)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-06-23] (Google)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2011-04-27] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [208944 2011-04-27] (Microsoft Corporation)
R2 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2009-07-13] ()
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75064 2010-01-20] ()

==================== Drivers (Whitelisted) ====================

R0 AsDsm; C:\Windows\system32\Drivers\AsDsm.sys [29752 2007-08-10] (Windows ® Codename Longhorn DDK provider)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [25280 2009-08-01] (LogMeIn, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15928 2008-06-03] ( )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2008-05-29] (Windows ® Codename Longhorn DDK provider)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-27] (Malwarebytes Corporation)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [165648 2011-04-18] (Microsoft Corporation)
S3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [43392 2011-04-18] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
R1 networx; C:\Windows\System32\drivers\networx.sys [52728 2012-11-26] (NetFilterSDK.com)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1752704 2008-08-10] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2009-07-18] ()
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [21216 2003-05-14] (Logitech Inc.)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [521216 2008-01-20] (Microsoft Corporation)
U3 a6somauc; C:\Windows\system32\Drivers\a6somauc.sys [0 ] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-10 09:31 - 2014-05-10 09:31 - 00001423 _____ () C:\Users\George\Desktop\AdwCleaner[S1].txt
2014-05-10 09:26 - 2014-05-10 09:26 - 00001358 _____ () C:\Users\George\Desktop\AdwCleaner[R4].txt
2014-05-10 09:16 - 2014-05-10 09:16 - 01316991 _____ () C:\Users\George\Desktop\adwcleaner.exe
2014-05-07 10:58 - 2014-05-07 10:58 - 00016150 _____ () C:\Users\George\Desktop\dds.txt
2014-05-07 10:58 - 2014-05-07 10:58 - 00011873 _____ () C:\Users\George\Desktop\attach.txt
2014-05-07 10:52 - 2014-04-28 11:30 - 00688992 ____R (Swearware) C:\Users\George\Desktop\dds.com
2014-04-29 04:32 - 2014-04-29 04:33 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-04-29 04:32 - 2014-04-29 04:32 - 00001899 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-04-28 02:52 - 2014-04-28 02:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-28 02:52 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-28 02:52 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-28 02:52 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-28 02:52 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-28 02:50 - 2014-04-28 02:52 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-28 02:27 - 2014-04-28 02:27 - 00001185 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk
2014-04-28 02:27 - 2014-04-28 02:27 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-28 02:27 - 2014-04-28 02:27 - 00000000 ____D () C:\Program Files\Seagate
2014-04-28 01:11 - 2014-04-28 01:11 - 00000060 _____ () C:\Windows\game.ini
2014-04-27 18:33 - 2014-04-27 18:33 - 00000000 ____D () C:\Program Files\ESET
2014-04-26 18:23 - 2014-04-26 18:23 - 00004294 _____ () C:\Users\George\Desktop\AdwCleaner[S0].txt
2014-04-26 02:06 - 2014-04-26 02:06 - 00000000 ____D () C:\Users\George\Desktop\TCPview
2014-04-25 18:11 - 2014-05-10 09:27 - 00000000 ____D () C:\AdwCleaner
2014-04-25 13:50 - 2014-04-27 11:18 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-25 13:50 - 2014-04-25 13:50 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-25 13:49 - 2014-04-25 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-25 13:49 - 2014-04-25 13:49 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-25 13:49 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-25 13:49 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-12 01:48 - 2014-04-12 01:48 - 00000000 ____D () C:\Users\Public\CyberLink
2014-04-12 01:48 - 2014-04-12 01:48 - 00000000 ____D () C:\Users\George\AppData\Roaming\CyberLink

==================== One Month Modified Files and Folders =======

2014-05-10 09:34 - 2012-04-01 17:52 - 00000000 ____D () C:\FRST
2014-05-10 09:33 - 2009-04-07 09:32 - 01254594 _____ () C:\Windows\WindowsUpdate.log
2014-05-10 09:31 - 2014-05-10 09:31 - 00001423 _____ () C:\Users\George\Desktop\AdwCleaner[S1].txt
2014-05-10 09:31 - 2013-03-19 22:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-10 09:31 - 2010-10-06 12:50 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-10 09:30 - 2009-06-07 19:08 - 00220834 _____ () C:\ProgramData\nvModes.001
2014-05-10 09:29 - 2009-06-07 19:06 - 00220834 _____ () C:\ProgramData\nvModes.dat
2014-05-10 09:29 - 2006-11-02 07:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-10 09:29 - 2006-11-02 07:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-10 09:28 - 2008-01-20 21:47 - 00521396 _____ () C:\Windows\PFRO.log
2014-05-10 09:28 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-10 09:27 - 2014-04-25 18:11 - 00000000 ____D () C:\AdwCleaner
2014-05-10 09:27 - 2008-04-13 22:50 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-05-10 09:27 - 2006-11-02 08:01 - 00032572 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-10 09:26 - 2014-05-10 09:26 - 00001358 _____ () C:\Users\George\Desktop\AdwCleaner[R4].txt
2014-05-10 09:16 - 2014-05-10 09:16 - 01316991 _____ () C:\Users\George\Desktop\adwcleaner.exe
2014-05-10 08:56 - 2010-10-06 12:51 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-09 23:29 - 2009-04-07 11:17 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-05-09 23:28 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-05-09 23:27 - 2009-08-08 22:20 - 00000000 ____D () C:\Users\Administrator
2014-05-09 23:27 - 2009-06-07 17:39 - 00000000 ____D () C:\Users\George
2014-05-09 23:27 - 2009-04-07 11:07 - 00000000 ____D () C:\ProgramData\P4G
2014-05-09 23:27 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\spool
2014-05-09 23:27 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\registration
2014-05-09 23:27 - 2006-11-02 05:22 - 49020928 _____ () C:\Windows\system32\config\software_previous
2014-05-09 23:27 - 2006-11-02 05:22 - 41156608 _____ () C:\Windows\system32\config\components_previous
2014-05-09 23:27 - 2006-11-02 05:22 - 37224448 _____ () C:\Windows\system32\config\system_previous
2014-05-09 23:27 - 2006-11-02 05:22 - 00524288 _____ () C:\Windows\system32\config\default_previous
2014-05-09 23:27 - 2006-11-02 05:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-05-09 23:27 - 2006-11-02 05:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-05-07 10:58 - 2014-05-07 10:58 - 00016150 _____ () C:\Users\George\Desktop\dds.txt
2014-05-07 10:58 - 2014-05-07 10:58 - 00011873 _____ () C:\Users\George\Desktop\attach.txt
2014-04-29 14:48 - 2009-11-17 03:51 - 00000000 ____D () C:\Users\George\Desktop\idbleep
2014-04-29 14:47 - 2009-07-19 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oblivion Mod Manager
2014-04-29 14:46 - 2009-06-07 21:47 - 00000000 ____D () C:\Users\George\AppData\Local\id Software
2014-04-29 14:46 - 2009-06-07 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\id Software
2014-04-29 14:45 - 2010-09-10 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETTEST
2014-04-29 04:33 - 2014-04-29 04:32 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-04-29 04:33 - 2011-03-07 22:50 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-04-29 04:32 - 2014-04-29 04:32 - 00001899 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-04-29 04:31 - 2009-06-07 17:41 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-29 04:31 - 2009-06-07 17:41 - 00000000 ____D () C:\Program Files\Adobe
2014-04-28 11:30 - 2014-05-07 10:52 - 00688992 ____R (Swearware) C:\Users\George\Desktop\dds.com
2014-04-28 02:52 - 2014-04-28 02:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-28 02:52 - 2014-04-28 02:50 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-28 02:52 - 2009-06-07 18:52 - 00000000 ____D () C:\Program Files\Java
2014-04-28 02:27 - 2014-04-28 02:27 - 00001185 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk
2014-04-28 02:27 - 2014-04-28 02:27 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-28 02:27 - 2014-04-28 02:27 - 00000000 ____D () C:\Program Files\Seagate
2014-04-28 02:27 - 2010-03-16 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2014-04-28 02:10 - 2009-08-14 09:03 - 00189744 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-04-28 02:10 - 2009-08-08 21:36 - 00000000 ____D () C:\Games
2014-04-28 01:38 - 2009-08-08 23:25 - 00000000 ____D () C:\Users\George\Desktop\bullbleep
2014-04-28 01:29 - 2009-07-29 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
2014-04-28 01:16 - 2009-04-07 09:59 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-04-28 01:14 - 2012-07-17 15:47 - 00000000 ____D () C:\Users\George\AppData\Local\Deployment
2014-04-28 01:12 - 2006-11-02 06:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-28 01:11 - 2014-04-28 01:11 - 00000060 _____ () C:\Windows\game.ini
2014-04-28 01:11 - 2009-08-23 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2014-04-28 00:57 - 2009-08-11 01:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein Multiplayer DEMO
2014-04-28 00:45 - 2010-12-25 23:51 - 00000000 ___RD () C:\Program Files\Skype
2014-04-28 00:45 - 2010-12-25 23:51 - 00000000 ____D () C:\Users\George\AppData\Roaming\Skype
2014-04-28 00:44 - 2009-08-09 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory
2014-04-28 00:42 - 2009-06-07 22:35 - 00000000 ____D () C:\Users\George\AppData\Local\PunkBuster
2014-04-27 18:33 - 2014-04-27 18:33 - 00000000 ____D () C:\Program Files\ESET
2014-04-27 11:18 - 2014-04-25 13:50 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-26 18:23 - 2014-04-26 18:23 - 00004294 _____ () C:\Users\George\Desktop\AdwCleaner[S0].txt
2014-04-26 14:11 - 2009-06-07 22:42 - 00000420 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{25D39F52-AFBC-4213-A160-F2C344AEDA86}.job
2014-04-26 02:06 - 2014-04-26 02:06 - 00000000 ____D () C:\Users\George\Desktop\TCPview
2014-04-25 13:50 - 2014-04-25 13:50 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-25 13:50 - 2011-02-28 20:51 - 00000000 ____D () C:\Users\George\AppData\Roaming\Malwarebytes
2014-04-25 13:50 - 2011-02-28 20:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-25 13:49 - 2014-04-25 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-25 13:49 - 2014-04-25 13:49 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-14 20:13 - 2014-04-28 02:52 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-14 20:05 - 2014-04-28 02:52 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-14 20:05 - 2014-04-28 02:52 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-14 20:04 - 2014-04-28 02:52 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-12 01:49 - 2006-11-02 05:33 - 00821662 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-12 01:48 - 2014-04-12 01:48 - 00000000 ____D () C:\Users\Public\CyberLink
2014-04-12 01:48 - 2014-04-12 01:48 - 00000000 ____D () C:\Users\George\AppData\Roaming\CyberLink
2014-04-12 01:48 - 2009-04-07 10:01 - 00000000 ____D () C:\ProgramData\CyberLink
2014-04-12 01:48 - 2006-11-02 06:18 - 00000000 ___RD () C:\Users\Public

Some content of TEMP:
====================
C:\Users\George\AppData\Local\temp\drm_dialogs.dll
C:\Users\George\AppData\Local\temp\drm_dyndata_7400009.dll
C:\Users\George\AppData\Local\temp\jre-7u17-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u25-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u45-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u5-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u51-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u55-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u7-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\MSETUP4.EXE
C:\Users\George\AppData\Local\temp\MSVBVM60.DLL
C:\Users\George\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-10 09:36

==================== End Of Log ============================



#10 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 10 May 2014 - 09:43 AM

Addition.txt

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:10-05-2014
Ran by George at 2014-05-10 09:36:21
Running from C:\Users\George\Desktop\AV logs
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM\...\ShockwaveFlash) (Version: 9 - Adobe Systems)
Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}) (Version: 1.3.2 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ASUS CopyProtect (HKLM\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0007 - ASUS)
ASUS Data Security Manager (HKLM\...\{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}) (Version: 1.00.0007 - ASUS)
ASUS FancyStart (HKLM\...\{DC905847-D537-427F-BF91-47CC7ACCDE58}) (Version: 1.0.1 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.13 - ASUS)
ASUS Live Update (HKLM\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.7 - ASUS)
ASUS MultiFrame (HKLM\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0018 - )
ASUS Power4Gear eXtreme (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.0.19 - ASUS)
ASUS SmartLogon (HKLM\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0006 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0021 - ASUS)
ASUS Touch Pad Extra (HKLM\...\{DB891739-2EB3-45A8-9CBD-941C255CECD4}) (Version:  - )
ASUS Virtual Camera (HKLM\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.11 - ASUS)
Asus_Camera_ScreenSaver (HKLM\...\Asus_Camera_ScreenSaver) (Version: 2.0.0008 - ASUS)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
ATK Generic Function Service (HKLM\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM\...\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}) (Version: 1.00.0034 - ATK)
ATK Media (HKLM\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0000 - ASUS)
ATKOSD2 (HKLM\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0001 - ASUS)
BitComet 1.12 (HKLM\...\BitComet) (Version: 1.12 - ~RnySmile~)
Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - )
Canon MG5300 series On-screen Manual (HKLM\...\Canon MG5300 series On-screen Manual) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version:  - )
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.2.4.1430 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Citrix XenApp Web Plugin (HKLM\...\{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}) (Version: 11.0.0.5357 - Citrix Systems, Inc.)
CyberLink LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.0.2908 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.1924 - CyberLink Corp.)
CyberLink Power2Go (Version: 6.0.1924 - CyberLink Corp.) Hidden
Dolby Control Center (HKLM\...\{0F3C61B5-3051-4DE6-8A6A-45100BCC1F41}) (Version: 1.2.0704 - Dolby)
Doom 3 (HKLM\...\InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}) (Version: 1.2 - Activision)
Doom 3 ™ Demo (HKLM\...\Doom 3 ™ Demo) (Version:  - )
Doom 3 (Version: 1.2 - Activision) Hidden
DOOM 3: BFG Edition (HKLM\...\Steam App 208200) (Version:  - id Software)
DOOM 3: Resurrection of Evil (HKLM\...\InstallShield_{04347DFD-87B6-4E30-B14D-5DF2888AD8F5}) (Version: 1.0 - Activision)
DOOM 3: Resurrection of Evil (Version: 1.0 - Activision) Hidden
DOOM II: Hell on Earth (HKLM\...\Steam App 2300) (Version:  - id Software)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version:  - )
Express Gate (HKLM\...\{1E3A9C30-6399-4293-AEAD-3C6A4D6F927C}) (Version: 1.0.5.10 - DeviceVM, Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.2.2427.2330 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
KeePass Password Safe 2.18 (HKLM\...\KeePassPasswordSafe2_is1) (Version:  - Dominik Reichl)
LightScribe System Software  1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
Logitech Gaming Software (HKLM\...\{93EC14D5-7AAA-4EAD-BB75-013817A96598}) (Version: 4.30 - )
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MATLAB R2009b (HKLM\...\MatlabR2009b) (Version: 7.9 - The MathWorks, Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2656353) (HKLM\...\M2656353) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Antimalware (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (French) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Spanish) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel 2007 Help ¸üР(KB963678) (HKLM\...\{90120000-0016-0804-0000-0000000FF1CE}_PROHYBRIDR_{CECF0828-8F1F-4205-86B9-61683BAF0321}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help §ó·sµ{¦¡ (KB963678) (HKLM\...\{90120000-0016-0404-0000-0000000FF1CE}_PROHYBRIDR_{15EEA099-97F0-4952-8597-88472FF062D2}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office Excel MUI (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (French) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Spanish) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.3 (HKLM\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help ¸üР(KB963677) (HKLM\...\{90120000-001A-0804-0000-0000000FF1CE}_PROHYBRIDR_{CB739C4F-6ABE-4CB2-BC90-57583893094F}) (Version:  - Microsoft)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0409-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Outlook MUI (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (French) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Spanish) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Powerpoint 2007 Help ¸üР(KB963669) (HKLM\...\{90120000-0018-0804-0000-0000000FF1CE}_PROHYBRIDR_{833A1F95-EEEB-47D3-B13F-3243AB2E7FA5}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help §ó·sµ{¦¡ (KB963669) (HKLM\...\{90120000-0018-0404-0000-0000000FF1CE}_PROHYBRIDR_{A7688131-70CB-4945-BAFA-11053AC34D75}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (French) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Spanish) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Arabic) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Basque) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Catalan) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Galician) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Chinese (Simplified)) 2007 (Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Chinese (Traditional)) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (French) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Spanish) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 Help ¸üР(KB963665) (HKLM\...\{90120000-001B-0804-0000-0000000FF1CE}_PROHYBRIDR_{53A3BCC0-3278-4729-8718-D17DEC19DE48}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help §ó·sµ{¦¡ (KB963665) (HKLM\...\{90120000-001B-0404-0000-0000000FF1CE}_PROHYBRIDR_{AD30F628-2AAE-43E0-A0D8-CDFA976E6A9E}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Office Word MUI (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (French) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Spanish) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Search Enhancement Pack (Version: 3.0.127.0 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 2.1.1116.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60831.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Mise à jour Microsoft Office Excel 2007 Help  (KB963678) (HKLM\...\{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version:  - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help  (KB963677) (HKLM\...\{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version:  - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669) (HKLM\...\{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version:  - Microsoft)
Mise à jour Microsoft Office Word 2007 Help  (KB963665) (HKLM\...\{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version:  - Microsoft)
Mozilla Firefox 28.0 (x86 en-US) (HKLM\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM\...\USB Mass Storage Filter Driver) (Version: 1.01.0000.00 -  )
Multimedia Card Reader (Version: 1.01.0000.00 -  ) Hidden
NetWorx 5.2.7 (HKLM\...\NetWorx_is1) (Version:  - Softperfect Research)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
Oblivion (HKLM\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenOffice.org 3.1 (HKLM\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9420 - OpenOffice.org)
Picasa 2 (HKLM\...\Picasa2) (Version: 2.0 - Google, Inc.)
Pokémon Trading Card Game Online (HKLM\...\{D81F39D4-FDA9-4356-92B1-16081D8BF71A}) (Version: 1.0.0 - The Pokémon Company International)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Python 2.5.2 (HKLM\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation)
Quake 4™ Demo (HKLM\...\InstallShield_{BAB004F0-F04C-49DD-8118-AE4A7697C469}) (Version: 1.0 - Activision)
Quake 4™ Demo (Version: 1.0 - Activision) Hidden
Quake III Arena Demo (HKLM\...\Steam App 9080) (Version:  - id Software)
Quake III Arena Point Release 1.32 (HKLM\...\Quake III Arena Point Release 1.32) (Version:  - )
Quake III: Team Arena Demo (HKLM\...\Steam App 9090) (Version:  - id Software)
Quake Live (HKLM\...\Quake Live) (Version:  - id Software)
Quake Live Mozilla Plugin (HKLM\...\{A10D9B03-AABB-47D7-8A30-2FEA97E70BC7}) (Version: 1.0.277 - id Software)
QuickTime (HKLM\...\{E7004147-2CCA-431C-AA05-2AB166B9785D}) (Version: 7.68.75.0 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5667 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.93 (HKLM\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)
Samsung SCX-4x21 Series (HKLM\...\Samsung SCX-4x21 Series) (Version:  - Samsung Electronics CO.,LTD)
Seagate Manager Installer (HKLM\...\InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}) (Version: 2.01.0600 - Seagate)
Seagate Manager Installer (Version: 2.01.0600 - Seagate) Hidden
SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version:  - Seagate Technology)
SecureW2 EAP Suite 1.1.3 for Windows (HKLM\...\SecureW2 EAP Suite) (Version:  - )
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.8.0 - Synaptics)
TextPad 4.7 (HKLM\...\{B510A987-487E-4C66-9F4F-D386AC275715}) (Version: 4.7.2 - Helios)
Unlocker 1.9.0 (HKLM\...\Unlocker) (Version: 1.9.0 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{B7873DF5-9E1C-45EE-8895-D29C6AE01202}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{48202D27-A6D4-4264-A184-51A6E8AD7C40}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C20964A7-5181-45E5-9E82-72F5D400DEBF}) (Version:  - Microsoft)
Update for Microsoft Office 2007 System (KB2539530) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{567103D1-96CD-4B76-93B9-2681A187DEFF}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2583910) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{BDC21583-5601-4B2B-88F3-7919F6DE8FB1}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version:  - )
Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 5.4.9.5 - Shark007)
Winamp (HKLM\...\Winamp) (Version: 5.56  - Nullsoft, Inc)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8118.427 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Toolbar (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
WinFlash (HKLM\...\{DE10AB76-4756-4913-BE25-55D1C1051F9A}) (Version:  - )
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Wireless Console 2 (HKLM\...\{83F73CB1-7705-49D1-9852-84D839CA2A45}) (Version: 2.0.10 - ATK)
Wolfenstein - Enemy Territory (HKLM\...\Wolfenstein - Enemy Territory) (Version:  - )
Wolfenstein™ 1.1 Patch (Version:  - ) Hidden
Wolfenstein™ 1.2 Patch (Version:  - ) Hidden
wxPython 2.8.7.1 (ansi) for Python 2.5 (HKLM\...\wxPython2.8-ansi-py25_is1) (Version: 2.8.7.1-ansi - Total Control Software)
YDKJ The 5th Dementia (HKLM\...\YDKJ The 5th Dementia) (Version:  - )
You Don't Know Jack - Sports 1.0 (HKLM\...\You Don't Know Jack - Sports) (Version: 1.0 - Jellyvision)
You Don't Know Jack - Volume 2 1.0 (HKLM\...\You Don't Know Jack - Volume 2) (Version: 1.0 - Jellyvision)
You Don't Know Jack - XL 1.0 (HKLM\...\You Don't Know Jack - XL) (Version: 1.0 - Jellyvision)
You Don't Know Jack 4 1.00 (HKLM\...\You Don't Know Jack 4) (Version: 1.00 - Take 2 Interactive)
YOU DON'T KNOW JACK Louder! Faster! Funnier! (HKLM\...\YDKJ LFF) (Version:  - )
YOU DON'T KNOW JACK Offline (HKLM\...\YDKJ Offline) (Version:  - )
YOU DON'T KNOW JACK Volume 3 (HKLM\...\YOU DON'T KNOW JACK Volume 3) (Version:  - )
You Don't Know Jack® (HKLM\...\{CE75C837-4BA9-4CF8-B912-C3ED5BD0EAAC}) (Version: 1.00.0000 - THQ)
Yu-Gi-Oh! ONLINE 3 (HKLM\...\{22439E2F-1CF7-4F8B-992A-3AA3C0553929}) (Version: 1.00.3000 - Konami Digital Entertainment)

==================== Restore Points  =========================

07-05-2014 07:31:31 Scheduled Checkpoint
10-05-2014 04:22:18 Restore Operation

==================== Hosts content: ==========================

2012-02-20 23:14 - 2012-04-01 22:32 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {081658C6-77BE-455C-ADBB-04AA54D2DC13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-29] (Adobe Systems Incorporated)
Task: {183050BF-4BF3-48FE-B3B0-F97955D398AB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {184B934E-9A4D-4C4C-91B6-70CE96EF1CFA} - System32\Tasks\{22116563-108C-42c0-A7CE-60161B75E508} => C:\Users\George\AppData\Local\Temp\Egn.exe <==== ATTENTION
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3356C838-A55B-46EC-9D3C-7E77852F3A72} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27] (Microsoft Corporation)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {7899DD41-824D-4A86-9AD5-8F776D12138A} - System32\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A} => C:\Users\George\AppData\Local\Temp\Egl.exe <==== ATTENTION
Task: {7F33D2C5-243A-4EDF-83A7-9A8A2EABAD68} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-06] (Google Inc.)
Task: {801C1280-B828-4600-A204-E1A4E218E27C} - System32\Tasks\Microsoft\Windows\RestartManager\{3A502804-3B74-49a9-AE8F-FDA876D57F74} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {83DDFA5A-48CE-4C16-AF9F-3BE5A7B67CBE} - System32\Tasks\{10D242EA-A567-481B-8C77-F876D0445A3F} => C:\Program Files\Skype\\Phone\Skype.exe
Task: {9887F316-E213-424E-9A2E-CF8A8EDD83A9} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {B08E4213-6241-4011-A852-370A2F1667AC} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {D6814FCC-6F51-4AFB-A798-F1640308A263} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files\ASUS\SmartLogon\sensorsrv.exe [2008-12-09] (ASUS)
Task: {DF76B806-C632-496F-8FD1-0D49097CBCA8} - System32\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A} => C:\Users\George\AppData\Local\Temp\Egp.exe <==== ATTENTION
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {F1FE8005-2F0A-4D1F-AEF7-12D09952F649} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {F4B41DB9-247F-4477-A39B-40CF47E1C201} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-06] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ASUS SmartLogon Console Sensor.job => C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{25D39F52-AFBC-4213-A160-F2C344AEDA86}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2009-04-07 10:43 - 2007-10-02 23:53 - 00094208 _____ () C:\Program Files\ATK Hotkey\ASLDRSrv.exe
2009-04-07 11:02 - 2007-08-08 02:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2009-11-19 05:01 - 2009-11-19 05:01 - 00022723 _____ () C:\Windows\System32\sugw2l3.dll
2009-07-18 20:50 - 2009-07-13 23:18 - 00071096 _____ () C:\Program Files\CDBurnerXP\NMSAccessU.exe
2009-06-07 21:32 - 2010-01-20 12:39 - 00075064 _____ () C:\Windows\system32\PnkBstrA.exe
2010-07-04 16:32 - 2010-07-04 16:32 - 00004608 _____ () C:\Program Files\Unlocker\UnlockerHook.dll
2009-04-07 11:05 - 2007-11-30 13:20 - 00051768 _____ () C:\Program Files\ASUS\ASUS Live Update\ALU.exe
2009-04-07 11:03 - 2007-06-15 12:28 - 00147456 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
2009-04-07 11:03 - 2007-06-01 19:08 - 00143360 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
2009-06-09 21:36 - 2009-06-08 01:27 - 00140800 _____ () C:\Program Files\WinRAR\rarext.dll
2009-04-07 10:43 - 2004-05-27 20:13 - 00057344 _____ () C:\Program Files\ATK Hotkey\CMSSC.dll
2009-04-07 10:43 - 2007-11-04 21:48 - 00106496 _____ () C:\Program Files\ATK Hotkey\MsgTranAgt.exe
2009-04-07 10:49 - 2007-07-05 18:53 - 01040384 _____ () C:\Program Files\Wireless Console 2\wcourier.exe
2007-07-10 00:48 - 2007-07-10 00:48 - 00009216 _____ () C:\Program Files\ASUS\Splendid\GLCDdll.dll
2009-04-07 10:43 - 2007-12-04 12:57 - 02486272 _____ () C:\Program Files\ATK Hotkey\ATKOSD.exe
2009-04-07 10:43 - 2007-08-15 13:20 - 00106496 _____ () C:\Program Files\ATK Hotkey\KBFiltr.exe
2009-04-07 10:43 - 2008-01-23 12:51 - 00151552 _____ () C:\Program Files\ATK Hotkey\WDC.exe
2008-07-18 21:52 - 2008-07-18 21:52 - 00649704 _____ () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2008-06-09 11:55 - 2008-06-09 11:55 - 00013096 _____ () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2009-04-07 10:43 - 2008-01-12 00:40 - 00098304 _____ () C:\Program Files\ATK Hotkey\HControlUser.exe
2009-04-07 10:43 - 2007-11-12 17:41 - 00106496 _____ () C:\Program Files\ATK Hotkey\MsgTran.dll
2009-04-07 11:11 - 2009-04-07 11:11 - 00033136 _____ () C:\Windows\ASScrPro.exe
2009-07-01 11:37 - 2009-07-01 11:37 - 00037888 _____ () C:\Program Files\Winamp\winampa.exe
2010-07-04 14:51 - 2010-07-04 14:51 - 00017408 _____ () C:\Program Files\Unlocker\UnlockerAssistant.exe
2013-05-09 01:25 - 2011-09-17 10:48 - 00480256 _____ () C:\Program Files\NetWorx\sqlite.dll
2007-07-12 15:55 - 2007-07-12 15:55 - 01581056 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2007-08-14 15:59 - 2007-08-14 15:59 - 06365184 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2007-07-12 15:55 - 2007-07-12 15:55 - 00131072 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2009-08-18 15:54 - 2009-08-18 15:54 - 00970752 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/07/2014 04:13:40 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Faulting application firefox.exe, version 28.0.0.5186, time stamp 0x53240e37, faulting module xul.dll, version 28.0.0.5186, time stamp 0x53240e04, exception code 0xc0000005, fault offset 0x00184729,
process id 0xcec, application start time 0xfirefox.exe0.

Error: (05/07/2014 10:43:48 AM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Faulting application SoftwareUpdate.exe, version 2.1.1.116, time stamp 0x488a4f1f, faulting module ntdll.dll, version 6.0.6002.18327, time stamp 0x4cb73436, exception code 0xc0000005, fault offset 0x000443ca,
process id 0x1578, application start time 0xSoftwareUpdate.exe0.

Error: (04/28/2014 00:37:59 AM) (Source: VSS) (User: ) (EventID: 8194)
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {1e7d0556-44f6-4435-9527-e3613a29582a}

Error: (04/28/2014 00:32:31 AM) (Source: VSS) (User: ) (EventID: 8194)
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {1e7d0556-44f6-4435-9527-e3613a29582a}

Error: (04/27/2014 06:24:27 PM) (Source: EventSystem) (User: ) (EventID: 4609)
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/27/2014 11:16:38 AM) (Source: EventSystem) (User: ) (EventID: 4609)
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/24/2014 05:22:53 PM) (Source: System Restore) (User: ) (EventID: 8210)
Description: The scheduled restore point could not be created.  Additional information: (0x8007000e).

Error: (04/24/2014 05:22:53 PM) (Source: System Restore) (User: ) (EventID: 8193)
Description: Failed to create restore point on volume (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Descripton = Scheduled Checkpoint; Hr = 0x8007000e).

Error: (04/24/2014 05:22:53 PM) (Source: VSS) (User: ) (EventID: 8193)
Description: Volume Shadow Copy Service error: Unexpected error calling routine IMultiInterfaceEventControl::GetSubscriptions.  hr = 0x800700a4.


Operation:
   Abort Backup

Context:
   Execution Context: Requestor
   Current State: SnapshotSetCreated

Error: (04/24/2014 05:22:23 PM) (Source: VSS) (User: ) (EventID: 12346)
Description: Volume Shadow Copy Error: An error 0x8007000e was encountered while trying to initialize the Registry Writer.  This may cause
future shadow-copy creations to fail.


System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-05-10 09:36:07.233
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-10 09:36:05.931
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-10 09:36:05.390
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-10 09:36:04.856
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-10 09:36:04.098
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-10 09:36:03.556
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-10 09:36:03.046
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-10 09:36:02.279
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-10 09:35:39.582
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-10 09:35:39.073
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 36%
Total physical RAM: 3070.33 MB
Available physical RAM: 1960.19 MB
Total Pagefile: 6342.91 MB
Available Pagefile: 5383.3 MB
Total Virtual: 2047.88 MB
Available Virtual: 1920.93 MB

==================== Drives ================================

Drive c: (VistaOS) (Fixed) (Total:116.44 GB) (Free:48.32 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:104.73 GB) (Free:38.51 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=12 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=105 GB) - (Type=OF Extended)

==================== End Of Log ============================



#11 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 10 May 2014 - 02:36 PM

I'd like to add that I booted the computer with last known good configuration to re-enable that dialog box that says that I don't have permission to access the C:\windows\system32\config folder.  I don't know if rebooting with last known good configuration will mess with the results or not.

 

I would also like to know if it is a security risk that I can easily get into the C:\windows\system32\config folder without any warning messages getting in the way.  I'm pretty sure you have tried to access C:\windows\system32\config folder and there is a message that pops up saying you don't have permission to access this folder, with the option to continue and take permanent ownership of the folder, or to cancel and back out.  Basically saying, ever since I clicked on continue for that dialog box, that dialog box never appears again every time I try to access that folder, which is why I tried to reboot with last known good configuration in hopes that everyting resets itself back to before I tried to access that folder, but that didn't work.
 



#12 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 10 May 2014 - 02:57 PM

Just an update, I fixed the problem of having easy access to the C:\windows\system32\config folder by denying permission to read, write, and list folder contents to the account I am currently using.  Even so, I still rebooted the computer with last known good configuration, so I don't know if that will affect the results or not.



#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,753 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:30 AM

Posted 11 May 2014 - 07:34 AM


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start
SearchScopes: HKLM - DefaultScope value is missing.
U3 a6somauc; C:\Windows\system32\Drivers\a6somauc.sys [0 ] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
Task: {184B934E-9A4D-4C4C-91B6-70CE96EF1CFA} - System32\Tasks\{22116563-108C-42c0-A7CE-60161B75E508} => C:\Users\George\AppData\Local\Temp\Egn.exe <==== ATTENTION
Task: {7899DD41-824D-4A86-9AD5-8F776D12138A} - System32\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A} => C:\Users\George\AppData\Local\Temp\Egl.exe <==== ATTENTION
Task: {DF76B806-C632-496F-8FD1-0D49097CBCA8} - System32\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A} => C:\Users\George\AppData\Local\Temp\Egp.exe <==== ATTENTION
C:\Users\George\AppData\Local\temp\drm_dialogs.dll
C:\Users\George\AppData\Local\temp\drm_dyndata_7400009.dll
C:\Users\George\AppData\Local\temp\jre-7u17-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u25-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u45-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u5-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u51-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u55-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u7-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\MSETUP4.EXE
C:\Users\George\AppData\Local\temp\MSVBVM60.DLL

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Let me know what problem persists.

Edited by nasdaq, 11 May 2014 - 07:35 AM.


#14 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 11 May 2014 - 11:48 AM

fixlog.txt

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:11-05-2014
Ran by George at 2014-05-11 11:33:11 Run:3
Running from C:\Users\George\Desktop\AV logs
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
SearchScopes: HKLM - DefaultScope value is missing.
U3 a6somauc; C:\Windows\system32\Drivers\a6somauc.sys [0 ] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
Task: {184B934E-9A4D-4C4C-91B6-70CE96EF1CFA} - System32\Tasks\{22116563-108C-42c0-A7CE-60161B75E508} => C:\Users\George\AppData\Local\Temp\Egn.exe <==== ATTENTION
Task: {7899DD41-824D-4A86-9AD5-8F776D12138A} - System32\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A} => C:\Users\George\AppData\Local\Temp\Egl.exe <==== ATTENTION
Task: {DF76B806-C632-496F-8FD1-0D49097CBCA8} - System32\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A} => C:\Users\George\AppData\Local\Temp\Egp.exe <==== ATTENTION
C:\Users\George\AppData\Local\temp\drm_dialogs.dll
C:\Users\George\AppData\Local\temp\drm_dyndata_7400009.dll
C:\Users\George\AppData\Local\temp\jre-7u17-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u25-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u45-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u5-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u51-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u55-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\jre-7u7-windows-i586-iftw.exe
C:\Users\George\AppData\Local\temp\MSETUP4.EXE
C:\Users\George\AppData\Local\temp\MSVBVM60.DLL

End
*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
a6somauc => Service not found.
IpInIp => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{184B934E-9A4D-4C4C-91B6-70CE96EF1CFA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{184B934E-9A4D-4C4C-91B6-70CE96EF1CFA} => Key deleted successfully.
C:\Windows\System32\Tasks\{22116563-108C-42c0-A7CE-60161B75E508} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{22116563-108C-42c0-A7CE-60161B75E508} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7899DD41-824D-4A86-9AD5-8F776D12138A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7899DD41-824D-4A86-9AD5-8F776D12138A} => Key deleted successfully.
C:\Windows\System32\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DF76B806-C632-496F-8FD1-0D49097CBCA8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF76B806-C632-496F-8FD1-0D49097CBCA8} => Key deleted successfully.
C:\Windows\System32\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A} => Key deleted successfully.
C:\Users\George\AppData\Local\temp\drm_dialogs.dll => Moved successfully.
C:\Users\George\AppData\Local\temp\drm_dyndata_7400009.dll => Moved successfully.
C:\Users\George\AppData\Local\temp\jre-7u17-windows-i586-iftw.exe => Moved successfully.
C:\Users\George\AppData\Local\temp\jre-7u25-windows-i586-iftw.exe => Moved successfully.
C:\Users\George\AppData\Local\temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.
C:\Users\George\AppData\Local\temp\jre-7u5-windows-i586-iftw.exe => Moved successfully.
C:\Users\George\AppData\Local\temp\jre-7u51-windows-i586-iftw.exe => Moved successfully.
C:\Users\George\AppData\Local\temp\jre-7u55-windows-i586-iftw.exe => Moved successfully.
C:\Users\George\AppData\Local\temp\jre-7u7-windows-i586-iftw.exe => Moved successfully.
C:\Users\George\AppData\Local\temp\MSETUP4.EXE => Moved successfully.
C:\Users\George\AppData\Local\temp\MSVBVM60.DLL => Moved successfully.

==== End of Fixlog ====

 

 

 

 

 

 

 

 

checkup.txt

 

 

 Results of screen317's Security Check version 0.99.83  
 Windows Vista Service Pack 2 x86   
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 55  
 Adobe Flash Player 9 Flash Player out of Date!
  Adobe Flash Player     11.7.700.224 Flash Player out of Date!  
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Mozilla Firefox (29.0.1)
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials msseces.exe
 Windows Defender MSMpEng.exe
 Microsoft Security Client Antimalware MsMpEng.exe  
 Microsoft Security Client Antimalware MpCmdRun.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1 %
````````````````````End of Log``````````````````````
 


Edited by signofzeta, 11 May 2014 - 11:49 AM.


#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,753 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:30 AM

Posted 11 May 2014 - 12:48 PM

Critical vulnerabilities have been identified in old version of Adobe Flash Player please get the latest version.

Flash test site:
http://www.adobe.com/software/flash/about/
Install the new version or if you have the latest close the windows.

Flash Player Help / Find version
http://helpx.adobe.com/flash-player/kb/find-version-flash-player.html#main_Find_the_Flash_Player_version_installed_on_your_machine

Remove these old versions of Flash.
Adobe Flash Player 9 Flash Player out of Date!
Adobe Flash Player 11.7.700.224 Flash Player out of Date!


How to Manually Remove Programs from the Add/Remove Programs List (Windows 7)
http://windows.microsoft.com/en-ca/windows/uninstall-change-program#uninstall-change-program=windows-7
===

Get the latest version of the Adobe Reader.
http://get.adobe.com/reader/
Before your download I suggest you unckeck the box on the top right "Yes, install McAfee Security Scan Plus - optional" this is not required if you are not a McAfee subscriber. While the installation is in progress you can also deny the installation of any other programs that may be suggested.

When installed remove your old version of the Reader using the Add/Remove Programs applet if present.
<<<>>>

If all is well:

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful add-ons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===

Edited by nasdaq, 11 May 2014 - 12:49 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users