TechSpot

Multiple iexplorer ieuser help please? frst logs below!

By tigercomps
Jun 2, 2014
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-05-2014
    Ran by User (administrator) on USER-PC on 02-06-2014 09:44:05
    Running from E:\
    Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: English(US)
    Internet Explorer Version 7
    Boot Mode: Safe Mode (minimal)
    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
    ==================== Processes (Whitelisted) =================
    (Microsoft Corporation) C:\Windows\HelpPane.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

    ==================== Registry (Whitelisted) ==================
    HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2013-02-06] (Realtek Semiconductor)
    HKU\S-1-5-21-3635456568-1188737137-2692596235-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
    ==================== Internet (Whitelisted) ====================
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    FireFox:
    ========
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
    FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
    Chrome:
    =======
    CHR HomePage: hxxp://www.google.co.uk/
    CHR StartupUrls: "hxxp://www.google.co.uk/"
    CHR DefaultSearchKeyword: google.co.uk
    CHR Plugin: (Shockwave Flash) - C:\Users\User\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Users\User\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Users\User\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
    CHR Plugin: (Google Update) - C:\Users\User\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
    CHR Extension: (Angry Birds) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-04-30]
    CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-06]
    CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-06]
    CHR Extension: (Private Joe - Dungeons) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bddhcbcefccaggaloclldffhobmecjfj [2013-04-30]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
    CHR Extension: (Brushed) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg [2013-04-30]
    CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-06]
    CHR Extension: (Chromoji - Emoji for Google Chrome™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahedbegdkagmcjfolhdlechbkeaieki [2014-03-20]
    CHR Extension: (Kingdom Rush) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim [2013-04-30]
    CHR Extension: (FARMERAMA) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\clkfdgnfefjmciocbhnffnbpkjpdleca [2013-04-30]
    CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-06]
    CHR Extension: (Realm of the Mad God) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp [2013-04-30]
    CHR Extension: (SiteAdvisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-05-25]
    CHR Extension: (Lord of Ultima) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced [2013-04-30]
    CHR Extension: (Skype Click to Call) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-04-29]
    CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
    CHR Extension: (Atari - Missile Command) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oobnopfjjndfekinfcddimnjbhjdgmbg [2013-04-30]
    CHR Extension: (Edgeworld) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfmpdiaehhnljpdomnggcbfofdgkmbp [2013-04-30]
    CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-06]
    CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
    ========================== Services (Whitelisted) =================
    S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
    S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
    S2 ekrn; "C:\Program Files\ESET\ESET Smart Security\ekrn.exe" [X]
    S4 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
    ==================== Drivers (Whitelisted) ====================
    S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [30976 2014-06-02] ()
    S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [553344 2007-10-03] (DiBcom SA)
    R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [6144 2007-01-09] (Chic)
    R3 QIOMem; C:\Windows\System32\DRIVERS\QIOMem.sys [8192 2013-02-05] (TOSHIBA)
    S3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-04-16] (Chicony Electronics Co., Ltd.)
    S3 catchme; \??\C:\Users\User\AppData\Local\Temp\catchme.sys [X]
    S1 fraqjbtz; \??\C:\Windows\system32\drivers\fraqjbtz.sys [X]
    S0 iaStor; system32\DRIVERS\iaStor.sys [X]
    S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
    S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
    U4 TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [X]
    ==================== NetSvcs (Whitelisted) ===================

    ==================== One Month Created Files and Folders ========
    2014-06-02 09:43 - 2014-06-02 09:44 - 00000000 ____D () C:\FRST
    2014-06-02 09:22 - 2014-06-02 09:29 - 00000000 ____D () C:\!KillBox
    2014-06-02 09:19 - 2014-06-02 09:19 - 00030976 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
    2014-05-31 14:45 - 2014-06-02 10:06 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
    2014-05-31 13:32 - 2014-06-02 09:36 - 00004050 _____ () C:\Windows\PFRO.log
    2014-05-31 12:34 - 2014-02-27 18:24 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-05-31 12:34 - 2014-02-27 18:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-05-31 12:34 - 2014-02-27 18:24 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
    2014-05-31 12:34 - 2014-02-27 18:24 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-05-31 12:34 - 2014-02-27 18:24 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-05-31 12:34 - 2014-02-27 18:24 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-05-31 12:34 - 2014-02-27 18:23 - 06119424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-05-31 12:34 - 2014-02-27 18:23 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-05-31 12:34 - 2014-02-27 18:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-05-31 12:34 - 2014-02-27 18:23 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-05-31 12:34 - 2014-02-27 18:23 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-05-31 12:34 - 2014-02-27 18:23 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
    2014-05-31 12:34 - 2014-02-27 17:01 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-05-31 12:34 - 2013-12-13 03:13 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-05-31 12:33 - 2014-05-07 01:26 - 03627520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-05-31 12:33 - 2014-05-07 01:26 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-05-31 12:33 - 2014-05-06 23:58 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-05-31 11:15 - 2014-05-31 11:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\ESET
    2014-05-31 11:15 - 2014-05-31 11:15 - 00000000 ____D () C:\Users\User\AppData\Local\ESET
    2014-05-31 11:11 - 2014-05-31 11:11 - 00001204 _____ () C:\Windows\system32\.crusader
    2014-05-31 11:05 - 2014-05-31 11:12 - 00000000 ____D () C:\ProgramData\HitmanPro
    2014-05-31 10:25 - 2014-05-31 10:25 - 00000000 ____D () C:\Users\User\{75fe5221-60a3-4c1a-9ea9-6165c3f54710}
    2014-05-31 10:18 - 2014-05-31 10:18 - 00000000 ____D () C:\ProgramData\ESET
    2014-05-31 10:15 - 2014-05-31 10:15 - 01595776 _____ (ESET) C:\Users\User\Downloads\eset_smart_security_live_installer_.exe
    2014-05-30 15:24 - 2014-05-31 11:04 - 00000000 ____D () C:\Program Files\ESET
    2014-05-30 15:23 - 2014-05-30 15:23 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_enu.exe
    2014-05-30 14:51 - 2014-05-30 14:52 - 103148824 _____ (Microsoft Corporation) C:\Users\User\Downloads\msert.exe
    2014-05-30 14:42 - 2014-06-02 09:39 - 00268331 _____ () C:\Windows\WindowsUpdate.log
    2014-05-30 12:53 - 2014-06-02 09:25 - 00000390 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{091118B9-CDB0-4F13-93FB-A30DC94C8A65}.job
    2014-05-30 12:46 - 2014-05-30 12:46 - 00000000 __RSH () C:\MSDOS.SYS
    2014-05-30 12:46 - 2014-05-30 12:46 - 00000000 __RSH () C:\IO.SYS
    2014-05-30 12:44 - 2014-05-30 12:44 - 00000109 _____ () C:\Windows\wininit.ini
    2014-05-30 11:47 - 2014-05-30 14:02 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-05-30 11:47 - 2014-05-30 11:55 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
    2014-05-30 11:47 - 2014-05-30 11:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
    2014-05-30 11:39 - 2014-05-30 12:58 - 00000000 ____D () C:\Program Files\HijackThis
    2014-05-29 15:55 - 2014-05-29 15:55 - 00060320 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-05-29 15:27 - 2014-05-29 15:51 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2014-05-29 15:26 - 2014-05-30 16:28 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-05-29 15:26 - 2014-05-29 15:51 - 00000000 ____D () C:\Users\User\Desktop\mbar
    2014-05-29 14:22 - 2014-05-29 14:22 - 00000000 ____D () C:\Users\User\AppData\Roaming\VS Revo Group
    2014-05-29 14:14 - 2014-05-29 14:14 - 00000000 ____D () C:\Users\User\AppData\Local\VS Revo Group
    2014-05-29 13:53 - 2013-02-06 10:57 - 00172032 _____ (Intel Corporation) C:\Windows\system32\igfxres.dll
    2014-05-29 13:48 - 2014-06-02 09:44 - 00000000 ____D () C:\Users\User\AppData\Local\temp
    2014-05-29 13:48 - 2014-05-29 13:48 - 00018646 _____ () C:\ComboFix.txt
    2014-05-29 13:48 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
    2014-05-29 13:48 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
    2014-05-29 13:48 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
    2014-05-29 13:28 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
    2014-05-29 13:28 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
    2014-05-29 13:28 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2014-05-29 13:28 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2014-05-29 13:28 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2014-05-29 13:28 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
    2014-05-29 13:28 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
    2014-05-29 13:28 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
    2014-05-29 13:25 - 2014-05-29 13:48 - 00000000 ____D () C:\Qoobox
    2014-05-29 13:22 - 2014-05-29 13:47 - 00000000 ____D () C:\Windows\erdnt
    2014-05-29 11:37 - 2014-05-31 10:24 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
    2014-05-29 11:19 - 2014-05-29 11:19 - 00000000 ____D () C:\ProgramData\RogueKiller
    2014-05-29 10:48 - 2014-05-29 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2014-05-29 10:47 - 2014-05-29 12:31 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2014-05-29 10:45 - 2009-06-04 00:56 - 00675152 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
    2014-05-29 09:11 - 2014-05-29 09:11 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-05-29 09:11 - 2014-05-29 09:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes
    2014-05-29 09:11 - 2014-05-29 09:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    2014-05-29 09:11 - 2014-05-29 09:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-05-29 09:11 - 2014-05-29 09:11 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
    2014-05-29 09:11 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-05-27 14:44 - 2014-05-29 11:16 - 00000000 ___RD () C:\Users\User\Dropbox
    2014-05-27 14:40 - 2014-05-27 14:40 - 00318776 _____ (Dropbox, Inc.) C:\Users\User\Downloads\DropboxInstaller.exe
    2014-05-25 13:17 - 2014-05-25 13:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ziexbief
    2014-05-25 12:25 - 2014-05-31 13:32 - 00000000 ____D () C:\ProgramData\McAfee
    2014-05-25 12:24 - 2014-05-25 12:24 - 05152368 _____ (McAfee, Inc.) C:\Users\User\Downloads\McAfeeSetup-Serial.exe
    2014-05-24 14:47 - 2014-05-29 09:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\Etkezi
    2014-05-24 10:22 - 2014-05-24 10:22 - 00000804 _____ () C:\Users\Public\Desktop\CCleaner.lnk
    2014-05-24 10:22 - 2014-05-24 10:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2014-05-24 10:22 - 2014-05-24 10:22 - 00000000 ____D () C:\Program Files\CCleaner
    2014-05-24 10:20 - 2014-05-24 10:21 - 04748896 _____ (Piriform Ltd) C:\Users\User\Downloads\ccsetup414.exe
    2014-05-24 10:12 - 2014-05-24 18:49 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
    2014-05-23 00:01 - 2014-05-23 00:01 - 00000000 ____D () C:\ProgramData\WindowsSearch
    2014-05-22 23:15 - 2014-05-22 23:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com
    2014-05-22 23:13 - 2014-05-23 17:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ufypek
    2014-05-22 23:08 - 2014-05-22 23:10 - 19245656 _____ (SUPERAntiSpyware) C:\Users\User\Downloads\SUPERAntiSpyware (1).exe
    2014-05-22 23:04 - 2014-05-22 23:08 - 19245656 _____ (SUPERAntiSpyware) C:\Users\User\Downloads\SUPERAntiSpyware.exe
    2014-05-22 21:13 - 2014-05-22 21:13 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ahqaqy
    2014-05-22 20:04 - 2014-05-22 20:04 - 00000000 ____D () C:\Users\User\AppData\Roaming\TuneUp Software
    2014-05-22 19:52 - 2014-05-25 12:58 - 00000000 ____D () C:\ProgramData\AVG2014
    2014-05-22 19:33 - 2014-05-25 12:58 - 00000000 ____D () C:\ProgramData\MFAData
    2014-05-22 19:33 - 2014-05-22 19:33 - 00000000 ____D () C:\Users\User\AppData\Local\MFAData
    2014-05-22 19:19 - 2014-05-22 19:29 - 04485528 _____ (AVG Technologies) C:\Users\User\Downloads\avg_free_stb_all_2014_4577_cnet.exe
    2014-05-22 19:10 - 2014-05-22 22:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\Xaanzyb
    2014-05-22 18:47 - 2014-05-22 21:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ekuzug
    2014-05-22 15:20 - 2014-05-22 17:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\Syolovko
    2014-05-22 14:54 - 2014-05-22 17:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\Viozti
    2014-05-22 13:20 - 2014-05-22 22:04 - 00000000 ____D () C:\Users\User\AppData\Roaming\Bolabegi
    2014-05-22 11:19 - 2014-05-22 16:45 - 00000000 ____D () C:\Users\User\AppData\Roaming\Vuetrili
    2014-05-22 10:50 - 2014-05-22 22:04 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ekdyda
    2014-05-22 10:11 - 2014-05-22 17:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\Habupyo
    2014-05-21 15:26 - 2014-05-22 17:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\Kyymibiv
    2014-05-21 14:27 - 2014-05-22 17:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\Nyabyl
    2014-05-21 14:25 - 2014-05-21 14:25 - 00000000 _____ () C:\Users\User\AppData\Roaming\SharedSettings.ccs
    2014-05-21 14:24 - 2014-05-23 18:09 - 00000000 ____D () C:\Users\User\Downloads\DC_Court_Notice_LN_SN7149
    2014-05-19 11:57 - 2014-05-19 11:57 - 00000000 ____D () C:\OneDriveTemp
    2014-05-15 10:11 - 2014-05-15 10:11 - 00000000 ____D () C:\a99562aa-58d4-4cb7-8c86-31080aeb5dee
    2014-05-14 12:29 - 2014-03-25 14:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2014-05-07 14:40 - 2014-05-07 14:40 - 00000000 ____D () C:\Users\User\Downloads\Administrative Assistant Job Application Zettria_files
    2014-05-04 10:16 - 2014-05-04 10:17 - 18458912 _____ () C:\Users\User\Downloads\upd-ps-x32-5.8.0.17508.exe
    2014-05-04 10:13 - 2014-05-04 10:17 - 00000000 ____D () C:\HP Universal Print Driver
    2014-05-04 10:08 - 2014-05-04 10:08 - 18409760 _____ () C:\Users\User\Downloads\upd-pcl6-x64-5.8.0.17508.exe
    ==================== One Month Modified Files and Folders =======
    2014-06-02 10:06 - 2014-05-31 14:45 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
    2014-06-02 09:44 - 2014-06-02 09:43 - 00000000 ____D () C:\FRST
    2014-06-02 09:44 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\User\AppData\Local\temp
    2014-06-02 09:39 - 2014-05-30 14:42 - 00268331 _____ () C:\Windows\WindowsUpdate.log
    2014-06-02 09:39 - 2013-02-06 12:28 - 00000012 _____ () C:\Windows\bthservsdp.dat
    2014-06-02 09:39 - 2006-11-02 14:01 - 00032606 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-06-02 09:39 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-06-02 09:36 - 2014-05-31 13:32 - 00004050 _____ () C:\Windows\PFRO.log
    2014-06-02 09:36 - 2013-04-30 15:21 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-06-02 09:36 - 2006-11-02 13:47 - 00006048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2014-06-02 09:36 - 2006-11-02 13:47 - 00006048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2014-06-02 09:29 - 2014-06-02 09:22 - 00000000 ____D () C:\!KillBox
    2014-06-02 09:29 - 2013-02-06 10:36 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635456568-1188737137-2692596235-1000UA.job
    2014-06-02 09:25 - 2014-05-30 12:53 - 00000390 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{091118B9-CDB0-4F13-93FB-A30DC94C8A65}.job
    2014-06-02 09:21 - 2006-11-02 11:33 - 00758854 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-06-02 09:19 - 2014-06-02 09:19 - 00030976 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
    2014-06-02 09:17 - 2013-04-30 15:21 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-05-31 13:32 - 2014-05-25 12:25 - 00000000 ____D () C:\ProgramData\McAfee
    2014-05-31 13:29 - 2013-02-06 11:14 - 00000000 ____D () C:\Program Files\Intel
    2014-05-31 13:26 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
    2014-05-31 11:15 - 2014-05-31 11:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\ESET
    2014-05-31 11:15 - 2014-05-31 11:15 - 00000000 ____D () C:\Users\User\AppData\Local\ESET
    2014-05-31 11:12 - 2014-05-31 11:05 - 00000000 ____D () C:\ProgramData\HitmanPro
    2014-05-31 11:11 - 2014-05-31 11:11 - 00001204 _____ () C:\Windows\system32\.crusader
    2014-05-31 11:04 - 2014-05-30 15:24 - 00000000 ____D () C:\Program Files\ESET
    2014-05-31 10:25 - 2014-05-31 10:25 - 00000000 ____D () C:\Users\User\{75fe5221-60a3-4c1a-9ea9-6165c3f54710}
    2014-05-31 10:24 - 2014-05-29 11:37 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
    2014-05-31 10:18 - 2014-05-31 10:18 - 00000000 ____D () C:\ProgramData\ESET
    2014-05-31 10:15 - 2014-05-31 10:15 - 01595776 _____ (ESET) C:\Users\User\Downloads\eset_smart_security_live_installer_.exe
    2014-05-30 16:28 - 2014-05-29 15:26 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-05-30 15:29 - 2013-02-06 10:35 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635456568-1188737137-2692596235-1000Core.job
    2014-05-30 15:23 - 2014-05-30 15:23 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_enu.exe
    2014-05-30 14:52 - 2014-05-30 14:51 - 103148824 _____ (Microsoft Corporation) C:\Users\User\Downloads\msert.exe
    2014-05-30 14:02 - 2014-05-30 11:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-05-30 13:18 - 2007-04-26 11:48 - 00000000 ____D () C:\Windows\Panther
    2014-05-30 12:58 - 2014-05-30 11:39 - 00000000 ____D () C:\Program Files\HijackThis
    2014-05-30 12:46 - 2014-05-30 12:46 - 00000000 __RSH () C:\MSDOS.SYS
    2014-05-30 12:46 - 2014-05-30 12:46 - 00000000 __RSH () C:\IO.SYS
    2014-05-30 12:44 - 2014-05-30 12:44 - 00000109 _____ () C:\Windows\wininit.ini
    2014-05-30 11:55 - 2014-05-30 11:47 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
    2014-05-30 11:47 - 2014-05-30 11:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
    2014-05-29 15:55 - 2014-05-29 15:55 - 00060320 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-05-29 15:51 - 2014-05-29 15:27 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2014-05-29 15:51 - 2014-05-29 15:26 - 00000000 ____D () C:\Users\User\Desktop\mbar
    2014-05-29 15:05 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
    2014-05-29 14:41 - 2006-11-02 12:18 - 00000000 ___RD () C:\Windows\Offline Web Pages
    2014-05-29 14:28 - 2013-02-06 11:04 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
    2014-05-29 14:22 - 2014-05-29 14:22 - 00000000 ____D () C:\Users\User\AppData\Roaming\VS Revo Group
    2014-05-29 14:14 - 2014-05-29 14:14 - 00000000 ____D () C:\Users\User\AppData\Local\VS Revo Group
    2014-05-29 13:48 - 2014-05-29 13:48 - 00018646 _____ () C:\ComboFix.txt
    2014-05-29 13:48 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
    2014-05-29 13:48 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
    2014-05-29 13:48 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
    2014-05-29 13:48 - 2014-05-29 13:25 - 00000000 ____D () C:\Qoobox
    2014-05-29 13:48 - 2006-11-02 12:18 - 00000000 __RHD () C:\Users\Default
    2014-05-29 13:47 - 2014-05-29 13:22 - 00000000 ____D () C:\Windows\erdnt
    2014-05-29 13:46 - 2006-11-02 11:23 - 00000215 _____ () C:\Windows\system.ini
    2014-05-29 12:31 - 2014-05-29 10:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2014-05-29 12:20 - 2014-05-29 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2014-05-29 11:19 - 2014-05-29 11:19 - 00000000 ____D () C:\ProgramData\RogueKiller
    2014-05-29 11:16 - 2014-05-27 14:44 - 00000000 ___RD () C:\Users\User\Dropbox
    2014-05-29 11:15 - 2013-04-30 15:23 - 00000000 ___RD () C:\Users\User\Google Drive
    2014-05-29 11:15 - 2013-04-29 22:37 - 00000000 ___RD () C:\Users\User\SkyDrive
    2014-05-29 11:11 - 2007-04-26 02:02 - 00000000 ____D () C:\Windows\pss
    2014-05-29 09:32 - 2014-05-24 14:47 - 00000000 ____D () C:\Users\User\AppData\Roaming\Etkezi
    2014-05-29 09:11 - 2014-05-29 09:11 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-05-29 09:11 - 2014-05-29 09:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes
    2014-05-29 09:11 - 2014-05-29 09:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    2014-05-29 09:11 - 2014-05-29 09:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-05-29 09:11 - 2014-05-29 09:11 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
    2014-05-27 14:40 - 2014-05-27 14:40 - 00318776 _____ (Dropbox, Inc.) C:\Users\User\Downloads\DropboxInstaller.exe
    2014-05-27 13:51 - 2013-04-30 15:15 - 00002595 _____ () C:\Users\User\Desktop\Microsoft Word.lnk
    2014-05-25 13:40 - 2014-05-25 13:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ziexbief
    2014-05-25 13:03 - 2013-02-06 14:33 - 00001945 _____ () C:\Windows\epplauncher.mif
    2014-05-25 12:58 - 2014-05-22 19:52 - 00000000 ____D () C:\ProgramData\AVG2014
    2014-05-25 12:58 - 2014-05-22 19:33 - 00000000 ____D () C:\ProgramData\MFAData
    2014-05-25 12:24 - 2014-05-25 12:24 - 05152368 _____ (McAfee, Inc.) C:\Users\User\Downloads\McAfeeSetup-Serial.exe
    2014-05-25 12:02 - 2013-04-29 16:00 - 00000000 ____D () C:\Program Files\epson
    2014-05-24 18:49 - 2014-05-24 10:12 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
    2014-05-24 12:49 - 2013-09-06 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
    2014-05-24 12:49 - 2013-04-29 16:01 - 00000000 ____D () C:\ProgramData\EPSON
    2014-05-24 12:48 - 2013-10-13 13:24 - 00000000 ____D () C:\Program Files\VideoLAN
    2014-05-24 12:43 - 2006-11-02 13:37 - 00000000 ____D () C:\Windows\twain_32
    2014-05-24 10:22 - 2014-05-24 10:22 - 00000804 _____ () C:\Users\Public\Desktop\CCleaner.lnk
    2014-05-24 10:22 - 2014-05-24 10:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2014-05-24 10:22 - 2014-05-24 10:22 - 00000000 ____D () C:\Program Files\CCleaner
    2014-05-24 10:21 - 2014-05-24 10:20 - 04748896 _____ (Piriform Ltd) C:\Users\User\Downloads\ccsetup414.exe
    2014-05-23 18:37 - 2013-02-06 10:37 - 00002037 _____ () C:\Users\User\Desktop\Google Chrome.lnk
    2014-05-23 18:09 - 2014-05-21 14:24 - 00000000 ____D () C:\Users\User\Downloads\DC_Court_Notice_LN_SN7149
    2014-05-23 17:33 - 2006-11-02 13:37 - 00000000 ____D () C:\Windows\system32\FxsTmp
    2014-05-23 17:23 - 2014-05-22 23:13 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ufypek
    2014-05-23 00:01 - 2014-05-23 00:01 - 00000000 ____D () C:\ProgramData\WindowsSearch
    2014-05-22 23:15 - 2014-05-22 23:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com
    2014-05-22 23:10 - 2014-05-22 23:08 - 19245656 _____ (SUPERAntiSpyware) C:\Users\User\Downloads\SUPERAntiSpyware (1).exe
    2014-05-22 23:08 - 2014-05-22 23:04 - 19245656 _____ (SUPERAntiSpyware) C:\Users\User\Downloads\SUPERAntiSpyware.exe
    2014-05-22 22:48 - 2013-04-29 16:03 - 00000000 ____D () C:\Program Files\Common Files\EPSON
    2014-05-22 22:04 - 2014-05-22 13:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\Bolabegi
    2014-05-22 22:04 - 2014-05-22 10:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ekdyda
    2014-05-22 22:01 - 2014-05-22 19:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\Xaanzyb
    2014-05-22 22:00 - 2013-10-13 13:28 - 00000000 ____D () C:\Users\User\Desktop\Unused
    2014-05-22 21:36 - 2014-05-22 18:47 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ekuzug
    2014-05-22 21:13 - 2014-05-22 21:13 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ahqaqy
    2014-05-22 20:04 - 2014-05-22 20:04 - 00000000 ____D () C:\Users\User\AppData\Roaming\TuneUp Software
    2014-05-22 19:33 - 2014-05-22 19:33 - 00000000 ____D () C:\Users\User\AppData\Local\MFAData
    2014-05-22 19:29 - 2014-05-22 19:19 - 04485528 _____ (AVG Technologies) C:\Users\User\Downloads\avg_free_stb_all_2014_4577_cnet.exe
    2014-05-22 18:09 - 2013-05-01 13:47 - 00000000 ____D () C:\Users\User\AppData\Roaming\mozilla
    2014-05-22 18:09 - 2013-02-06 10:35 - 00000000 ____D () C:\Users\User\AppData\Local\Google
    2014-05-22 17:21 - 2014-05-22 15:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\Syolovko
    2014-05-22 17:21 - 2014-05-21 15:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\Kyymibiv
    2014-05-22 17:12 - 2014-05-22 14:54 - 00000000 ____D () C:\Users\User\AppData\Roaming\Viozti
    2014-05-22 17:12 - 2014-05-22 10:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Habupyo
    2014-05-22 17:12 - 2014-05-21 14:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\Nyabyl
    2014-05-22 16:45 - 2014-05-22 11:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\Vuetrili
    2014-05-21 14:50 - 2007-04-26 02:58 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
    2014-05-21 14:25 - 2014-05-21 14:25 - 00000000 _____ () C:\Users\User\AppData\Roaming\SharedSettings.ccs
    2014-05-21 10:19 - 2007-04-26 06:53 - 00000000 ____D () C:\Windows\Minidump
    2014-05-21 10:04 - 2013-08-16 03:08 - 00000000 ____D () C:\Windows\system32\MRT
    2014-05-20 15:44 - 2013-04-30 15:15 - 00002593 _____ () C:\Users\User\Desktop\Microsoft Excel.lnk
    2014-05-19 11:57 - 2014-05-19 11:57 - 00000000 ____D () C:\OneDriveTemp
    2014-05-16 13:30 - 2013-05-06 14:49 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
    2014-05-16 13:30 - 2013-05-06 14:47 - 00000000 ____D () C:\Program Files\Common Files\Adobe
    2014-05-16 03:34 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
    2014-05-16 03:03 - 2006-11-02 11:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
    2014-05-15 14:33 - 2014-02-20 14:12 - 00001946 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
    2014-05-15 10:11 - 2014-05-15 10:11 - 00000000 ____D () C:\a99562aa-58d4-4cb7-8c86-31080aeb5dee
    2014-05-08 11:19 - 2013-04-30 15:58 - 00000000 ____D () C:\Users\User\Desktop\Stationery
    2014-05-07 14:40 - 2014-05-07 14:40 - 00000000 ____D () C:\Users\User\Downloads\Administrative Assistant Job Application Zettria_files
    2014-05-07 01:26 - 2014-05-31 12:33 - 03627520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-05-07 01:26 - 2014-05-31 12:33 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-05-06 23:58 - 2014-05-31 12:33 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-05-06 15:26 - 2013-04-30 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
    2014-05-04 10:17 - 2014-05-04 10:16 - 18458912 _____ () C:\Users\User\Downloads\upd-ps-x32-5.8.0.17508.exe
    2014-05-04 10:17 - 2014-05-04 10:13 - 00000000 ____D () C:\HP Universal Print Driver
    2014-05-04 10:08 - 2014-05-04 10:08 - 18409760 _____ () C:\Users\User\Downloads\upd-pcl6-x64-5.8.0.17508.exe
    ==================== Bamital & volsnap Check =================
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\system32\winlogon.exe => MD5 is legit
    C:\Windows\system32\wininit.exe => MD5 is legit
    C:\Windows\system32\svchost.exe => MD5 is legit
    C:\Windows\system32\services.exe => MD5 is legit
    C:\Windows\system32\User32.dll => MD5 is legit
    C:\Windows\system32\userinit.exe => MD5 is legit
    C:\Windows\system32\rpcss.dll => MD5 is legit
    C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

    LastRegBack: 2014-06-02 09:13
    ==================== End Of Log ============================
     
  2. tigercomps

    tigercomps TS Rookie Topic Starter

    ADDITION.....
    Additional scan result of Farbar Recovery Scan Tool (x86) Version:30-05-2014
    Ran by User at 2014-06-02 09:45:09
    Running from E:\
    Boot Mode: Safe Mode (minimal)
    ==========================================================

    ==================== Security Center ========================
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    ==================== Installed Programs ======================
    Adobe Reader X (10.1.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
    Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
    Bluetooth Monitor 3 (HKLM\...\{61539202-097E-487E-9237-B291AB56D54C}) (Version: 3.01.000 - TOSHIBA)
    Camera Assistant Software for Toshiba (HKLM\...\{37C866E4-AA67-4725-9E95-A39968DD7960}) (Version: 1.7.138.0426 - Chicony Electronics Co.,Ltd.)
    CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
    Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
    Google Drive (HKLM\...\{418BAAD1-754D-48B4-B078-46EF4F25AF42}) (Version: 1.15.6556.8063 - Google, Inc.)
    Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
    Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
    Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
    Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
    Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    OpenOffice.org 3.4.1 (HKLM\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5473 - Realtek Semiconductor Corp.)
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
    Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
    Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.0.0 - Synaptics)
    TOSHIBA Hardware Setup (HKLM\...\InstallShield_{8B81CF96-0223-40E9-B6E7-1461F450B605}) (Version: 2.01.01.00 - TOSHIBA)
    TOSHIBA Hardware Setup (Version: 2.01.01.00 - TOSHIBA) Hidden
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    ==================== Restore Points =========================
    24-05-2014 11:45:46 Removed EpsonNet Setup 3.3
    24-05-2014 11:46:56 Removed Skype Click to Call
    24-05-2014 11:47:28 Removed Skype Click to Call
    25-05-2014 11:29:50 Removed AVG 2014
    25-05-2014 11:43:51 Removed AVG 2014
    26-05-2014 09:08:35 Scheduled Checkpoint
    29-05-2014 09:43:38 Windows Update
    29-05-2014 10:49:23 Windows Update
    29-05-2014 11:16:20 Windows Update
    29-05-2014 12:54:19 Removed Drv
    29-05-2014 12:54:55 Removed DVD Decoder Pak for Windows XP
    29-05-2014 13:25:08 Removed HiJackThis
    31-05-2014 09:20:55 Device Driver Package Install: Eset spol s r. o.
    31-05-2014 09:23:54 Device Driver Package Install: Eset spol s r. o.
    31-05-2014 11:44:11 Windows Update
    ==================== Hosts content: ==========================
    2006-11-02 11:23 - 2014-05-29 13:46 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    ==================== Scheduled Tasks (whitelisted) =============
    Task: {01B8EDCB-E5D2-4702-A0C0-EB85A2A9FAA6} - \Security Center Update - 9143982 No Task File <==== ATTENTION
    Task: {082F5D11-7C97-4F51-9FB7-49293C5C7B66} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
    Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
    Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
    Task: {266EB3B9-B7CA-47AA-AB07-828F514E9D00} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-30] (Google Inc.)
    Task: {28CBEE04-A82A-4928-BA57-1CED7A631FC2} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
    Task: {2B5E1B13-9542-4376-B3EC-427E2E540EF8} - \Security Center Update - 2197030450 No Task File <==== ATTENTION
    Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
    Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
    Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
    Task: {5417571E-F711-40C0-8EC3-95597DAAB1C8} - \Security Center Update - 2814707753 No Task File <==== ATTENTION
    Task: {5796FC18-C1C1-4BC1-A40C-AB98E8739DF2} - \Security Center Update - 1234093072 No Task File <==== ATTENTION
    Task: {5C93FC6F-B101-4DDE-98D3-9BB98CBACDC1} - System32\Tasks\Security Center Update - 508543240 => C:\Users\User\AppData\Roaming\Xaanzyb\avwux.exe <==== ATTENTION
    Task: {605969AD-0168-4A5B-80B0-37C0A34DFEB6} - System32\Tasks\{0F274158-C080-4DC9-B003-659568D12EFB} => Chrome.exe http://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?page=tsProgressBar
    Task: {616B5FA4-8AA3-4339-890E-F7F043112D3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-30] (Google Inc.)
    Task: {622BE97C-1C9C-4BAF-92B6-12E97FE1FF1E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3635456568-1188737137-2692596235-1000UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-06] (Google Inc.)
    Task: {6594DCA9-5CE2-4F77-BFB7-1487BDAAB1FF} - \Security Center Update - 3072434708 No Task File <==== ATTENTION
    Task: {683CDC74-B9B1-45E3-8F67-0B405C6621CC} - \Security Center Update - 1931468449 No Task File <==== ATTENTION
    Task: {6EEE6DEE-0697-40D7-88FE-70F3D0C47217} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
    Task: {743CCD1E-C74F-455F-A921-F528DF486DE6} - \Security Center Update - 3438891529 No Task File <==== ATTENTION
    Task: {8F5F6304-F6A5-46BD-8A25-47CB370BAD83} - System32\Tasks\{2919DB6B-765C-420F-9849-83E59B34BA48} => Chrome.exe http://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?page=tsProgressBar
    Task: {A304EE12-D474-4B6E-AE42-333C24275F67} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
    Task: {C94C37A7-26AE-4C8E-893A-8B4B5A6DE623} - System32\Tasks\{2598F6B5-B0F6-4059-9592-6A2462CD5366} => Chrome.exe http://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?page=tsProgressBar
    Task: {CB17B4C6-E6F3-4145-9C1C-FD1180FA7103} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3635456568-1188737137-2692596235-1000Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-06] (Google Inc.)
    Task: {CE82BB64-6630-4DBF-9924-9B7065863580} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
    Task: {F49C9161-5C0F-4105-8D6D-F3D848909060} - \Security Center Update - 613521005 No Task File <==== ATTENTION
    Task: {FFD04665-9390-4BD9-9DB2-66172A5F86B9} - \Security Center Update - 2438445472 No Task File <==== ATTENTION
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635456568-1188737137-2692596235-1000Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635456568-1188737137-2692596235-1000UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\User_Feed_Synchronization-{091118B9-CDB0-4F13-93FB-A30DC94C8A65}.job => C:\Windows\system32\msfeedssync.exe
    ==================== Loaded Modules (whitelisted) =============

    ==================== Alternate Data Streams (whitelisted) =========
    AlternateDataStreams: C:\ProgramData\TEMP:373E1720
    ==================== Safe Mode (whitelisted) ===================
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
    ==================== EXE Association (whitelisted) =============

    ==================== Disabled items from MSCONFIG ==============
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: HomeNetSvc => 2
    MSCONFIG\Services: McAfee SiteAdvisor Service => 2
    MSCONFIG\Services: McAPExe => 2
    MSCONFIG\Services: McNaiAnn => 2
    MSCONFIG\Services: McODS => 3
    MSCONFIG\Services: mcpltsvc => 2
    MSCONFIG\Services: McProxy => 2
    MSCONFIG\Services: Skype C2C Service => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Monitor.lnk => C:\Windows\pss\Bluetooth Monitor.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
    MSCONFIG\startupreg: 3C315CB7C05A2A2BFAEAFA05AE1603CA95A938F0._service_run => "C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: Camera Assistant Software => "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
    MSCONFIG\startupreg: Google Update => "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    MSCONFIG\startupreg: GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE => "C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
    MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
    MSCONFIG\startupreg: SkyDrive => "C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
    MSCONFIG\startupreg: Skytel => Skytel.exe
    MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    ==================== Faulty Device Manager Devices =============

    ==================== Event log errors: =========================
    Application errors:
    ==================
    Error: (06/02/2014 09:41:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
    Error: (06/02/2014 09:40:48 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
    Error: (06/02/2014 09:36:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
    Error: (06/02/2014 09:33:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
    Error: (06/02/2014 09:32:59 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
    Error: (06/02/2014 09:30:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
    Error: (06/02/2014 09:24:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
    Error: (06/02/2014 09:20:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
    Error: (06/02/2014 09:19:50 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
    Error: (06/02/2014 09:07:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    System errors:
    =============
    Error: (06/02/2014 09:41:52 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: FaxPrint Spooler%%1068
    Error: (06/02/2014 09:41:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Network List ServiceNetwork Location Awareness%%1068
    Error: (06/02/2014 09:41:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Network List ServiceNetwork Location Awareness%%1068
    Error: (06/02/2014 09:41:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Network List ServiceNetwork Location Awareness%%1068
    Error: (06/02/2014 09:41:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Network List ServiceNetwork Location Awareness%%1068
    Error: (06/02/2014 09:41:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: AFD
    CSC
    DfsC
    iaStor
    NetBIOS
    netbt
    nsiproxy
    PSched
    RasAcd
    rdbss
    Smb
    spldr
    tdx
    Wanarpv6
    ws2ifsl
    Error: (06/02/2014 09:41:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Network List ServiceNetwork Location Awareness%%1068
    Error: (06/02/2014 09:41:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Network Location AwarenessNetwork Store Interface Service%%1068
    Error: (06/02/2014 09:41:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Network ConnectionsNetwork Store Interface Service%%1068
    Error: (06/02/2014 09:41:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: IP HelperNetwork Store Interface Service%%1068

    Microsoft Office Sessions:
    =========================
    Error: (06/02/2014 09:41:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
    Error: (06/02/2014 09:40:48 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
    Error: (06/02/2014 09:36:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
    Error: (06/02/2014 09:33:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
    Error: (06/02/2014 09:32:59 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
    Error: (06/02/2014 09:30:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
    Error: (06/02/2014 09:24:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
    Error: (06/02/2014 09:20:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
    Error: (06/02/2014 09:19:50 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
    Error: (06/02/2014 09:07:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    CodeIntegrity Errors:
    ===================================
    Date: 2014-06-02 09:45:01.906
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
    Date: 2014-06-02 09:45:01.781
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
    Date: 2014-06-02 09:45:01.641
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
    Date: 2014-06-02 09:45:01.516
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
    Date: 2014-06-02 09:45:01.375
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
    Date: 2014-06-02 09:45:01.251
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
    Date: 2014-06-02 09:45:01.110
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
    Date: 2014-06-02 09:45:00.970
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
    Date: 2014-05-30 13:56:10.049
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.
    Date: 2014-05-30 13:56:09.909
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

    ==================== Memory info ===========================
    Percentage of memory in use: 22%
    Total physical RAM: 2037.68 MB
    Available physical RAM: 1579.25 MB
    Total Pagefile: 4308.41 MB
    Available Pagefile: 4014.17 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1944.91 MB
    ==================== Drives ================================
    Drive c: () (Fixed) (Total:74.53 GB) (Free:40.64 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive e: (PASSCAPE) (Removable) (Total:3.72 GB) (Free:0.08 GB) FAT32
    ==================== MBR & Partition Table ==================
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 75 GB) (Disk ID: BE19335E)
    Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)
    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 4 GB) (Disk ID: 00000000)
    Partition: GPT Partition Type.
    ==================== End Of Log ============================
     
  3. Broni

    Broni Malware Annihilator Posts: 52,891   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ===========================================

    Download TDSSKiller and save it to your desktop.
    • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
     
  4. tigercomps

    tigercomps TS Rookie Topic Starter

    Thanks Broni! TDSSkiller did the trick for me, unfortunately the hard drive has now failed grrrr. Oh well, time to reinstall on a replacement hard drive. MANY thank for your time though much appreciated!!
     
  5. Broni

    Broni Malware Annihilator Posts: 52,891   +344

    I'm sorry for your loss :(
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...