Inactive Multiple iexplorer ieuser help please? frst logs below!

T

tigercomps

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-05-2014
Ran by User (administrator) on USER-PC on 02-06-2014 09:44:05
Running from E:\
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Safe Mode (minimal)
The only official download link for FRST:
Download link for 32-Bit version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link for 64-Bit Version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2013-02-06] (Realtek Semiconductor)
HKU\S-1-5-21-3635456568-1188737137-2692596235-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: hxxp://www.google.co.uk/
CHR StartupUrls: "hxxp://www.google.co.uk/"
CHR DefaultSearchKeyword: google.co.uk
CHR Plugin: (Shockwave Flash) - C:\Users\User\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\User\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\User\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Google Update) - C:\Users\User\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Extension: (Angry Birds) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-04-30]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-06]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-06]
CHR Extension: (Private Joe - Dungeons) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bddhcbcefccaggaloclldffhobmecjfj [2013-04-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (Brushed) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg [2013-04-30]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-06]
CHR Extension: (Chromoji - Emoji for Google Chrome™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahedbegdkagmcjfolhdlechbkeaieki [2014-03-20]
CHR Extension: (Kingdom Rush) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim [2013-04-30]
CHR Extension: (FARMERAMA) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\clkfdgnfefjmciocbhnffnbpkjpdleca [2013-04-30]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-06]
CHR Extension: (Realm of the Mad God) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp [2013-04-30]
CHR Extension: (SiteAdvisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-05-25]
CHR Extension: (Lord of Ultima) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced [2013-04-30]
CHR Extension: (Skype Click to Call) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-04-29]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Atari - Missile Command) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oobnopfjjndfekinfcddimnjbhjdgmbg [2013-04-30]
CHR Extension: (Edgeworld) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfmpdiaehhnljpdomnggcbfofdgkmbp [2013-04-30]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-06]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
========================== Services (Whitelisted) =================
S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S2 ekrn; "C:\Program Files\ESET\ESET Smart Security\ekrn.exe" [X]
S4 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
==================== Drivers (Whitelisted) ====================
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [30976 2014-06-02] ()
S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [553344 2007-10-03] (DiBcom SA)
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [6144 2007-01-09] (Chic)
R3 QIOMem; C:\Windows\System32\DRIVERS\QIOMem.sys [8192 2013-02-05] (TOSHIBA)
S3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-04-16] (Chicony Electronics Co., Ltd.)
S3 catchme; \??\C:\Users\User\AppData\Local\Temp\catchme.sys [X]
S1 fraqjbtz; \??\C:\Windows\system32\drivers\fraqjbtz.sys [X]
S0 iaStor; system32\DRIVERS\iaStor.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U4 TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [X]
==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========
2014-06-02 09:43 - 2014-06-02 09:44 - 00000000 ____D () C:\FRST
2014-06-02 09:22 - 2014-06-02 09:29 - 00000000 ____D () C:\!KillBox
2014-06-02 09:19 - 2014-06-02 09:19 - 00030976 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-05-31 14:45 - 2014-06-02 10:06 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-05-31 13:32 - 2014-06-02 09:36 - 00004050 _____ () C:\Windows\PFRO.log
2014-05-31 12:34 - 2014-02-27 18:24 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-31 12:34 - 2014-02-27 18:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-31 12:34 - 2014-02-27 18:24 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-05-31 12:34 - 2014-02-27 18:24 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-31 12:34 - 2014-02-27 18:24 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-31 12:34 - 2014-02-27 18:24 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-31 12:34 - 2014-02-27 18:23 - 06119424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-31 12:34 - 2014-02-27 18:23 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-31 12:34 - 2014-02-27 18:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-31 12:34 - 2014-02-27 18:23 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-05-31 12:34 - 2014-02-27 18:23 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-31 12:34 - 2014-02-27 18:23 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-05-31 12:34 - 2014-02-27 17:01 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-05-31 12:34 - 2013-12-13 03:13 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-31 12:33 - 2014-05-07 01:26 - 03627520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-31 12:33 - 2014-05-07 01:26 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-31 12:33 - 2014-05-06 23:58 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-31 11:15 - 2014-05-31 11:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\ESET
2014-05-31 11:15 - 2014-05-31 11:15 - 00000000 ____D () C:\Users\User\AppData\Local\ESET
2014-05-31 11:11 - 2014-05-31 11:11 - 00001204 _____ () C:\Windows\system32\.crusader
2014-05-31 11:05 - 2014-05-31 11:12 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-31 10:25 - 2014-05-31 10:25 - 00000000 ____D () C:\Users\User\{75fe5221-60a3-4c1a-9ea9-6165c3f54710}
2014-05-31 10:18 - 2014-05-31 10:18 - 00000000 ____D () C:\ProgramData\ESET
2014-05-31 10:15 - 2014-05-31 10:15 - 01595776 _____ (ESET) C:\Users\User\Downloads\eset_smart_security_live_installer_.exe
2014-05-30 15:24 - 2014-05-31 11:04 - 00000000 ____D () C:\Program Files\ESET
2014-05-30 15:23 - 2014-05-30 15:23 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_enu.exe
2014-05-30 14:51 - 2014-05-30 14:52 - 103148824 _____ (Microsoft Corporation) C:\Users\User\Downloads\msert.exe
2014-05-30 14:42 - 2014-06-02 09:39 - 00268331 _____ () C:\Windows\WindowsUpdate.log
2014-05-30 12:53 - 2014-06-02 09:25 - 00000390 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{091118B9-CDB0-4F13-93FB-A30DC94C8A65}.job
2014-05-30 12:46 - 2014-05-30 12:46 - 00000000 __RSH () C:\MSDOS.SYS
2014-05-30 12:46 - 2014-05-30 12:46 - 00000000 __RSH () C:\IO.SYS
2014-05-30 12:44 - 2014-05-30 12:44 - 00000109 _____ () C:\Windows\wininit.ini
2014-05-30 11:47 - 2014-05-30 14:02 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-30 11:47 - 2014-05-30 11:55 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-05-30 11:47 - 2014-05-30 11:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-05-30 11:39 - 2014-05-30 12:58 - 00000000 ____D () C:\Program Files\HijackThis
2014-05-29 15:55 - 2014-05-29 15:55 - 00060320 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-29 15:27 - 2014-05-29 15:51 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-29 15:26 - 2014-05-30 16:28 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-29 15:26 - 2014-05-29 15:51 - 00000000 ____D () C:\Users\User\Desktop\mbar
2014-05-29 14:22 - 2014-05-29 14:22 - 00000000 ____D () C:\Users\User\AppData\Roaming\VS Revo Group
2014-05-29 14:14 - 2014-05-29 14:14 - 00000000 ____D () C:\Users\User\AppData\Local\VS Revo Group
2014-05-29 13:53 - 2013-02-06 10:57 - 00172032 _____ (Intel Corporation) C:\Windows\system32\igfxres.dll
2014-05-29 13:48 - 2014-06-02 09:44 - 00000000 ____D () C:\Users\User\AppData\Local\temp
2014-05-29 13:48 - 2014-05-29 13:48 - 00018646 _____ () C:\ComboFix.txt
2014-05-29 13:48 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-29 13:48 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-29 13:48 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-29 13:28 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-29 13:28 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-29 13:28 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-29 13:28 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-29 13:28 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-29 13:28 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-29 13:28 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-29 13:28 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-29 13:25 - 2014-05-29 13:48 - 00000000 ____D () C:\Qoobox
2014-05-29 13:22 - 2014-05-29 13:47 - 00000000 ____D () C:\Windows\erdnt
2014-05-29 11:37 - 2014-05-31 10:24 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-05-29 11:19 - 2014-05-29 11:19 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-05-29 10:48 - 2014-05-29 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-29 10:47 - 2014-05-29 12:31 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-29 10:45 - 2009-06-04 00:56 - 00675152 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2014-05-29 09:11 - 2014-05-29 09:11 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-29 09:11 - 2014-05-29 09:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes
2014-05-29 09:11 - 2014-05-29 09:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-05-29 09:11 - 2014-05-29 09:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-29 09:11 - 2014-05-29 09:11 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-05-29 09:11 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-27 14:44 - 2014-05-29 11:16 - 00000000 ___RD () C:\Users\User\Dropbox
2014-05-27 14:40 - 2014-05-27 14:40 - 00318776 _____ (Dropbox, Inc.) C:\Users\User\Downloads\DropboxInstaller.exe
2014-05-25 13:17 - 2014-05-25 13:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ziexbief
2014-05-25 12:25 - 2014-05-31 13:32 - 00000000 ____D () C:\ProgramData\McAfee
2014-05-25 12:24 - 2014-05-25 12:24 - 05152368 _____ (McAfee, Inc.) C:\Users\User\Downloads\McAfeeSetup-Serial.exe
2014-05-24 14:47 - 2014-05-29 09:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\Etkezi
2014-05-24 10:22 - 2014-05-24 10:22 - 00000804 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-24 10:22 - 2014-05-24 10:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-05-24 10:22 - 2014-05-24 10:22 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-24 10:20 - 2014-05-24 10:21 - 04748896 _____ (Piriform Ltd) C:\Users\User\Downloads\ccsetup414.exe
2014-05-24 10:12 - 2014-05-24 18:49 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-05-23 00:01 - 2014-05-23 00:01 - 00000000 ____D () C:\ProgramData\WindowsSearch
2014-05-22 23:15 - 2014-05-22 23:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com
2014-05-22 23:13 - 2014-05-23 17:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ufypek
2014-05-22 23:08 - 2014-05-22 23:10 - 19245656 _____ (SUPERAntiSpyware) C:\Users\User\Downloads\SUPERAntiSpyware (1).exe
2014-05-22 23:04 - 2014-05-22 23:08 - 19245656 _____ (SUPERAntiSpyware) C:\Users\User\Downloads\SUPERAntiSpyware.exe
2014-05-22 21:13 - 2014-05-22 21:13 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ahqaqy
2014-05-22 20:04 - 2014-05-22 20:04 - 00000000 ____D () C:\Users\User\AppData\Roaming\TuneUp Software
2014-05-22 19:52 - 2014-05-25 12:58 - 00000000 ____D () C:\ProgramData\AVG2014
2014-05-22 19:33 - 2014-05-25 12:58 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-22 19:33 - 2014-05-22 19:33 - 00000000 ____D () C:\Users\User\AppData\Local\MFAData
2014-05-22 19:19 - 2014-05-22 19:29 - 04485528 _____ (AVG Technologies) C:\Users\User\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-05-22 19:10 - 2014-05-22 22:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\Xaanzyb
2014-05-22 18:47 - 2014-05-22 21:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ekuzug
2014-05-22 15:20 - 2014-05-22 17:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\Syolovko
2014-05-22 14:54 - 2014-05-22 17:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\Viozti
2014-05-22 13:20 - 2014-05-22 22:04 - 00000000 ____D () C:\Users\User\AppData\Roaming\Bolabegi
2014-05-22 11:19 - 2014-05-22 16:45 - 00000000 ____D () C:\Users\User\AppData\Roaming\Vuetrili
2014-05-22 10:50 - 2014-05-22 22:04 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ekdyda
2014-05-22 10:11 - 2014-05-22 17:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\Habupyo
2014-05-21 15:26 - 2014-05-22 17:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\Kyymibiv
2014-05-21 14:27 - 2014-05-22 17:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\Nyabyl
2014-05-21 14:25 - 2014-05-21 14:25 - 00000000 _____ () C:\Users\User\AppData\Roaming\SharedSettings.ccs
2014-05-21 14:24 - 2014-05-23 18:09 - 00000000 ____D () C:\Users\User\Downloads\DC_Court_Notice_LN_SN7149
2014-05-19 11:57 - 2014-05-19 11:57 - 00000000 ____D () C:\OneDriveTemp
2014-05-15 10:11 - 2014-05-15 10:11 - 00000000 ____D () C:\a99562aa-58d4-4cb7-8c86-31080aeb5dee
2014-05-14 12:29 - 2014-03-25 14:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-07 14:40 - 2014-05-07 14:40 - 00000000 ____D () C:\Users\User\Downloads\Administrative Assistant Job Application Zettria_files
2014-05-04 10:16 - 2014-05-04 10:17 - 18458912 _____ () C:\Users\User\Downloads\upd-ps-x32-5.8.0.17508.exe
2014-05-04 10:13 - 2014-05-04 10:17 - 00000000 ____D () C:\HP Universal Print Driver
2014-05-04 10:08 - 2014-05-04 10:08 - 18409760 _____ () C:\Users\User\Downloads\upd-pcl6-x64-5.8.0.17508.exe
==================== One Month Modified Files and Folders =======
2014-06-02 10:06 - 2014-05-31 14:45 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-06-02 09:44 - 2014-06-02 09:43 - 00000000 ____D () C:\FRST
2014-06-02 09:44 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\User\AppData\Local\temp
2014-06-02 09:39 - 2014-05-30 14:42 - 00268331 _____ () C:\Windows\WindowsUpdate.log
2014-06-02 09:39 - 2013-02-06 12:28 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-06-02 09:39 - 2006-11-02 14:01 - 00032606 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-02 09:39 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-02 09:36 - 2014-05-31 13:32 - 00004050 _____ () C:\Windows\PFRO.log
2014-06-02 09:36 - 2013-04-30 15:21 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-02 09:36 - 2006-11-02 13:47 - 00006048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-02 09:36 - 2006-11-02 13:47 - 00006048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-02 09:29 - 2014-06-02 09:22 - 00000000 ____D () C:\!KillBox
2014-06-02 09:29 - 2013-02-06 10:36 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635456568-1188737137-2692596235-1000UA.job
2014-06-02 09:25 - 2014-05-30 12:53 - 00000390 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{091118B9-CDB0-4F13-93FB-A30DC94C8A65}.job
2014-06-02 09:21 - 2006-11-02 11:33 - 00758854 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-02 09:19 - 2014-06-02 09:19 - 00030976 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-06-02 09:17 - 2013-04-30 15:21 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-31 13:32 - 2014-05-25 12:25 - 00000000 ____D () C:\ProgramData\McAfee
2014-05-31 13:29 - 2013-02-06 11:14 - 00000000 ____D () C:\Program Files\Intel
2014-05-31 13:26 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2014-05-31 11:15 - 2014-05-31 11:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\ESET
2014-05-31 11:15 - 2014-05-31 11:15 - 00000000 ____D () C:\Users\User\AppData\Local\ESET
2014-05-31 11:12 - 2014-05-31 11:05 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-31 11:11 - 2014-05-31 11:11 - 00001204 _____ () C:\Windows\system32\.crusader
2014-05-31 11:04 - 2014-05-30 15:24 - 00000000 ____D () C:\Program Files\ESET
2014-05-31 10:25 - 2014-05-31 10:25 - 00000000 ____D () C:\Users\User\{75fe5221-60a3-4c1a-9ea9-6165c3f54710}
2014-05-31 10:24 - 2014-05-29 11:37 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-05-31 10:18 - 2014-05-31 10:18 - 00000000 ____D () C:\ProgramData\ESET
2014-05-31 10:15 - 2014-05-31 10:15 - 01595776 _____ (ESET) C:\Users\User\Downloads\eset_smart_security_live_installer_.exe
2014-05-30 16:28 - 2014-05-29 15:26 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-30 15:29 - 2013-02-06 10:35 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635456568-1188737137-2692596235-1000Core.job
2014-05-30 15:23 - 2014-05-30 15:23 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_enu.exe
2014-05-30 14:52 - 2014-05-30 14:51 - 103148824 _____ (Microsoft Corporation) C:\Users\User\Downloads\msert.exe
2014-05-30 14:02 - 2014-05-30 11:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-30 13:18 - 2007-04-26 11:48 - 00000000 ____D () C:\Windows\Panther
2014-05-30 12:58 - 2014-05-30 11:39 - 00000000 ____D () C:\Program Files\HijackThis
2014-05-30 12:46 - 2014-05-30 12:46 - 00000000 __RSH () C:\MSDOS.SYS
2014-05-30 12:46 - 2014-05-30 12:46 - 00000000 __RSH () C:\IO.SYS
2014-05-30 12:44 - 2014-05-30 12:44 - 00000109 _____ () C:\Windows\wininit.ini
2014-05-30 11:55 - 2014-05-30 11:47 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-05-30 11:47 - 2014-05-30 11:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-05-29 15:55 - 2014-05-29 15:55 - 00060320 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-29 15:51 - 2014-05-29 15:27 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-29 15:51 - 2014-05-29 15:26 - 00000000 ____D () C:\Users\User\Desktop\mbar
2014-05-29 15:05 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-05-29 14:41 - 2006-11-02 12:18 - 00000000 ___RD () C:\Windows\Offline Web Pages
2014-05-29 14:28 - 2013-02-06 11:04 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-05-29 14:22 - 2014-05-29 14:22 - 00000000 ____D () C:\Users\User\AppData\Roaming\VS Revo Group
2014-05-29 14:14 - 2014-05-29 14:14 - 00000000 ____D () C:\Users\User\AppData\Local\VS Revo Group
2014-05-29 13:48 - 2014-05-29 13:48 - 00018646 _____ () C:\ComboFix.txt
2014-05-29 13:48 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-29 13:48 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-29 13:48 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-29 13:48 - 2014-05-29 13:25 - 00000000 ____D () C:\Qoobox
2014-05-29 13:48 - 2006-11-02 12:18 - 00000000 __RHD () C:\Users\Default
2014-05-29 13:47 - 2014-05-29 13:22 - 00000000 ____D () C:\Windows\erdnt
2014-05-29 13:46 - 2006-11-02 11:23 - 00000215 _____ () C:\Windows\system.ini
2014-05-29 12:31 - 2014-05-29 10:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-29 12:20 - 2014-05-29 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-29 11:19 - 2014-05-29 11:19 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-05-29 11:16 - 2014-05-27 14:44 - 00000000 ___RD () C:\Users\User\Dropbox
2014-05-29 11:15 - 2013-04-30 15:23 - 00000000 ___RD () C:\Users\User\Google Drive
2014-05-29 11:15 - 2013-04-29 22:37 - 00000000 ___RD () C:\Users\User\SkyDrive
2014-05-29 11:11 - 2007-04-26 02:02 - 00000000 ____D () C:\Windows\pss
2014-05-29 09:32 - 2014-05-24 14:47 - 00000000 ____D () C:\Users\User\AppData\Roaming\Etkezi
2014-05-29 09:11 - 2014-05-29 09:11 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-29 09:11 - 2014-05-29 09:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes
2014-05-29 09:11 - 2014-05-29 09:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-05-29 09:11 - 2014-05-29 09:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-29 09:11 - 2014-05-29 09:11 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-05-27 14:40 - 2014-05-27 14:40 - 00318776 _____ (Dropbox, Inc.) C:\Users\User\Downloads\DropboxInstaller.exe
2014-05-27 13:51 - 2013-04-30 15:15 - 00002595 _____ () C:\Users\User\Desktop\Microsoft Word.lnk
2014-05-25 13:40 - 2014-05-25 13:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ziexbief
2014-05-25 13:03 - 2013-02-06 14:33 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-05-25 12:58 - 2014-05-22 19:52 - 00000000 ____D () C:\ProgramData\AVG2014
2014-05-25 12:58 - 2014-05-22 19:33 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-25 12:24 - 2014-05-25 12:24 - 05152368 _____ (McAfee, Inc.) C:\Users\User\Downloads\McAfeeSetup-Serial.exe
2014-05-25 12:02 - 2013-04-29 16:00 - 00000000 ____D () C:\Program Files\epson
2014-05-24 18:49 - 2014-05-24 10:12 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-05-24 12:49 - 2013-09-06 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-05-24 12:49 - 2013-04-29 16:01 - 00000000 ____D () C:\ProgramData\EPSON
2014-05-24 12:48 - 2013-10-13 13:24 - 00000000 ____D () C:\Program Files\VideoLAN
2014-05-24 12:43 - 2006-11-02 13:37 - 00000000 ____D () C:\Windows\twain_32
2014-05-24 10:22 - 2014-05-24 10:22 - 00000804 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-24 10:22 - 2014-05-24 10:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-05-24 10:22 - 2014-05-24 10:22 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-24 10:21 - 2014-05-24 10:20 - 04748896 _____ (Piriform Ltd) C:\Users\User\Downloads\ccsetup414.exe
2014-05-23 18:37 - 2013-02-06 10:37 - 00002037 _____ () C:\Users\User\Desktop\Google Chrome.lnk
2014-05-23 18:09 - 2014-05-21 14:24 - 00000000 ____D () C:\Users\User\Downloads\DC_Court_Notice_LN_SN7149
2014-05-23 17:33 - 2006-11-02 13:37 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-23 17:23 - 2014-05-22 23:13 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ufypek
2014-05-23 00:01 - 2014-05-23 00:01 - 00000000 ____D () C:\ProgramData\WindowsSearch
2014-05-22 23:15 - 2014-05-22 23:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com
2014-05-22 23:10 - 2014-05-22 23:08 - 19245656 _____ (SUPERAntiSpyware) C:\Users\User\Downloads\SUPERAntiSpyware (1).exe
2014-05-22 23:08 - 2014-05-22 23:04 - 19245656 _____ (SUPERAntiSpyware) C:\Users\User\Downloads\SUPERAntiSpyware.exe
2014-05-22 22:48 - 2013-04-29 16:03 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-05-22 22:04 - 2014-05-22 13:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\Bolabegi
2014-05-22 22:04 - 2014-05-22 10:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ekdyda
2014-05-22 22:01 - 2014-05-22 19:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\Xaanzyb
2014-05-22 22:00 - 2013-10-13 13:28 - 00000000 ____D () C:\Users\User\Desktop\Unused
2014-05-22 21:36 - 2014-05-22 18:47 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ekuzug
2014-05-22 21:13 - 2014-05-22 21:13 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ahqaqy
2014-05-22 20:04 - 2014-05-22 20:04 - 00000000 ____D () C:\Users\User\AppData\Roaming\TuneUp Software
2014-05-22 19:33 - 2014-05-22 19:33 - 00000000 ____D () C:\Users\User\AppData\Local\MFAData
2014-05-22 19:29 - 2014-05-22 19:19 - 04485528 _____ (AVG Technologies) C:\Users\User\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-05-22 18:09 - 2013-05-01 13:47 - 00000000 ____D () C:\Users\User\AppData\Roaming\mozilla
2014-05-22 18:09 - 2013-02-06 10:35 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-05-22 17:21 - 2014-05-22 15:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\Syolovko
2014-05-22 17:21 - 2014-05-21 15:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\Kyymibiv
2014-05-22 17:12 - 2014-05-22 14:54 - 00000000 ____D () C:\Users\User\AppData\Roaming\Viozti
2014-05-22 17:12 - 2014-05-22 10:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Habupyo
2014-05-22 17:12 - 2014-05-21 14:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\Nyabyl
2014-05-22 16:45 - 2014-05-22 11:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\Vuetrili
2014-05-21 14:50 - 2007-04-26 02:58 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-05-21 14:25 - 2014-05-21 14:25 - 00000000 _____ () C:\Users\User\AppData\Roaming\SharedSettings.ccs
2014-05-21 10:19 - 2007-04-26 06:53 - 00000000 ____D () C:\Windows\Minidump
2014-05-21 10:04 - 2013-08-16 03:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-20 15:44 - 2013-04-30 15:15 - 00002593 _____ () C:\Users\User\Desktop\Microsoft Excel.lnk
2014-05-19 11:57 - 2014-05-19 11:57 - 00000000 ____D () C:\OneDriveTemp
2014-05-16 13:30 - 2013-05-06 14:49 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-16 13:30 - 2013-05-06 14:47 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-16 03:34 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-16 03:03 - 2006-11-02 11:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-05-15 14:33 - 2014-02-20 14:12 - 00001946 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-05-15 10:11 - 2014-05-15 10:11 - 00000000 ____D () C:\a99562aa-58d4-4cb7-8c86-31080aeb5dee
2014-05-08 11:19 - 2013-04-30 15:58 - 00000000 ____D () C:\Users\User\Desktop\Stationery
2014-05-07 14:40 - 2014-05-07 14:40 - 00000000 ____D () C:\Users\User\Downloads\Administrative Assistant Job Application Zettria_files
2014-05-07 01:26 - 2014-05-31 12:33 - 03627520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-07 01:26 - 2014-05-31 12:33 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 23:58 - 2014-05-31 12:33 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 15:26 - 2013-04-30 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-05-04 10:17 - 2014-05-04 10:16 - 18458912 _____ () C:\Users\User\Downloads\upd-ps-x32-5.8.0.17508.exe
2014-05-04 10:17 - 2014-05-04 10:13 - 00000000 ____D () C:\HP Universal Print Driver
2014-05-04 10:08 - 2014-05-04 10:08 - 18409760 _____ () C:\Users\User\Downloads\upd-pcl6-x64-5.8.0.17508.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-06-02 09:13
==================== End Of Log ============================
 
ADDITION.....
Additional scan result of Farbar Recovery Scan Tool (x86) Version:30-05-2014
Ran by User at 2014-06-02 09:45:09
Running from E:\
Boot Mode: Safe Mode (minimal)
==========================================================

==================== Security Center ========================
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Reader X (10.1.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
Bluetooth Monitor 3 (HKLM\...\{61539202-097E-487E-9237-B291AB56D54C}) (Version: 3.01.000 - TOSHIBA)
Camera Assistant Software for Toshiba (HKLM\...\{37C866E4-AA67-4725-9E95-A39968DD7960}) (Version: 1.7.138.0426 - Chicony Electronics Co.,Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Drive (HKLM\...\{418BAAD1-754D-48B4-B078-46EF4F25AF42}) (Version: 1.15.6556.8063 - Google, Inc.)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice.org 3.4.1 (HKLM\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5473 - Realtek Semiconductor Corp.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.0.0 - Synaptics)
TOSHIBA Hardware Setup (HKLM\...\InstallShield_{8B81CF96-0223-40E9-B6E7-1461F450B605}) (Version: 2.01.01.00 - TOSHIBA)
TOSHIBA Hardware Setup (Version: 2.01.01.00 - TOSHIBA) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
==================== Restore Points =========================
24-05-2014 11:45:46 Removed EpsonNet Setup 3.3
24-05-2014 11:46:56 Removed Skype Click to Call
24-05-2014 11:47:28 Removed Skype Click to Call
25-05-2014 11:29:50 Removed AVG 2014
25-05-2014 11:43:51 Removed AVG 2014
26-05-2014 09:08:35 Scheduled Checkpoint
29-05-2014 09:43:38 Windows Update
29-05-2014 10:49:23 Windows Update
29-05-2014 11:16:20 Windows Update
29-05-2014 12:54:19 Removed Drv
29-05-2014 12:54:55 Removed DVD Decoder Pak for Windows XP
29-05-2014 13:25:08 Removed HiJackThis
31-05-2014 09:20:55 Device Driver Package Install: Eset spol s r. o.
31-05-2014 09:23:54 Device Driver Package Install: Eset spol s r. o.
31-05-2014 11:44:11 Windows Update
==================== Hosts content: ==========================
2006-11-02 11:23 - 2014-05-29 13:46 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {01B8EDCB-E5D2-4702-A0C0-EB85A2A9FAA6} - \Security Center Update - 9143982 No Task File <==== ATTENTION
Task: {082F5D11-7C97-4F51-9FB7-49293C5C7B66} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {266EB3B9-B7CA-47AA-AB07-828F514E9D00} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-30] (Google Inc.)
Task: {28CBEE04-A82A-4928-BA57-1CED7A631FC2} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {2B5E1B13-9542-4376-B3EC-427E2E540EF8} - \Security Center Update - 2197030450 No Task File <==== ATTENTION
Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {5417571E-F711-40C0-8EC3-95597DAAB1C8} - \Security Center Update - 2814707753 No Task File <==== ATTENTION
Task: {5796FC18-C1C1-4BC1-A40C-AB98E8739DF2} - \Security Center Update - 1234093072 No Task File <==== ATTENTION
Task: {5C93FC6F-B101-4DDE-98D3-9BB98CBACDC1} - System32\Tasks\Security Center Update - 508543240 => C:\Users\User\AppData\Roaming\Xaanzyb\avwux.exe <==== ATTENTION
Task: {605969AD-0168-4A5B-80B0-37C0A34DFEB6} - System32\Tasks\{0F274158-C080-4DC9-B003-659568D12EFB} => Chrome.exe http://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?page=tsProgressBar
Task: {616B5FA4-8AA3-4339-890E-F7F043112D3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-30] (Google Inc.)
Task: {622BE97C-1C9C-4BAF-92B6-12E97FE1FF1E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3635456568-1188737137-2692596235-1000UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-06] (Google Inc.)
Task: {6594DCA9-5CE2-4F77-BFB7-1487BDAAB1FF} - \Security Center Update - 3072434708 No Task File <==== ATTENTION
Task: {683CDC74-B9B1-45E3-8F67-0B405C6621CC} - \Security Center Update - 1931468449 No Task File <==== ATTENTION
Task: {6EEE6DEE-0697-40D7-88FE-70F3D0C47217} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {743CCD1E-C74F-455F-A921-F528DF486DE6} - \Security Center Update - 3438891529 No Task File <==== ATTENTION
Task: {8F5F6304-F6A5-46BD-8A25-47CB370BAD83} - System32\Tasks\{2919DB6B-765C-420F-9849-83E59B34BA48} => Chrome.exe http://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?page=tsProgressBar
Task: {A304EE12-D474-4B6E-AE42-333C24275F67} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {C94C37A7-26AE-4C8E-893A-8B4B5A6DE623} - System32\Tasks\{2598F6B5-B0F6-4059-9592-6A2462CD5366} => Chrome.exe http://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?page=tsProgressBar
Task: {CB17B4C6-E6F3-4145-9C1C-FD1180FA7103} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3635456568-1188737137-2692596235-1000Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-06] (Google Inc.)
Task: {CE82BB64-6630-4DBF-9924-9B7065863580} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {F49C9161-5C0F-4105-8D6D-F3D848909060} - \Security Center Update - 613521005 No Task File <==== ATTENTION
Task: {FFD04665-9390-4BD9-9DB2-66172A5F86B9} - \Security Center Update - 2438445472 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635456568-1188737137-2692596235-1000Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635456568-1188737137-2692596235-1000UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{091118B9-CDB0-4F13-93FB-A30DC94C8A65}.job => C:\Windows\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============

==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HomeNetSvc => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: McAPExe => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: mcpltsvc => 2
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: Skype C2C Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Monitor.lnk => C:\Windows\pss\Bluetooth Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: 3C315CB7C05A2A2BFAEAFA05AE1603CA95A938F0._service_run => "C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Camera Assistant Software => "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE => "C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: SkyDrive => "C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Skytel => Skytel.exe
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (06/02/2014 09:41:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/02/2014 09:40:48 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
Error: (06/02/2014 09:36:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/02/2014 09:33:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/02/2014 09:32:59 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
Error: (06/02/2014 09:30:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/02/2014 09:24:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/02/2014 09:20:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/02/2014 09:19:50 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
Error: (06/02/2014 09:07:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (06/02/2014 09:41:52 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: FaxPrint Spooler%%1068
Error: (06/02/2014 09:41:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068
Error: (06/02/2014 09:41:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068
Error: (06/02/2014 09:41:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068
Error: (06/02/2014 09:41:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068
Error: (06/02/2014 09:41:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: AFD
CSC
DfsC
iaStor
NetBIOS
netbt
nsiproxy
PSched
RasAcd
rdbss
Smb
spldr
tdx
Wanarpv6
ws2ifsl
Error: (06/02/2014 09:41:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068
Error: (06/02/2014 09:41:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Network Location AwarenessNetwork Store Interface Service%%1068
Error: (06/02/2014 09:41:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Network ConnectionsNetwork Store Interface Service%%1068
Error: (06/02/2014 09:41:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: IP HelperNetwork Store Interface Service%%1068

Microsoft Office Sessions:
=========================
Error: (06/02/2014 09:41:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/02/2014 09:40:48 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
Error: (06/02/2014 09:36:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/02/2014 09:33:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/02/2014 09:32:59 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
Error: (06/02/2014 09:30:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/02/2014 09:24:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/02/2014 09:20:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/02/2014 09:19:50 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
Error: (06/02/2014 09:07:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
Date: 2014-06-02 09:45:01.906
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-06-02 09:45:01.781
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-06-02 09:45:01.641
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-06-02 09:45:01.516
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-06-02 09:45:01.375
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-06-02 09:45:01.251
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-06-02 09:45:01.110
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-06-02 09:45:00.970
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-05-30 13:56:10.049
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-05-30 13:56:09.909
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================
Percentage of memory in use: 22%
Total physical RAM: 2037.68 MB
Available physical RAM: 1579.25 MB
Total Pagefile: 4308.41 MB
Available Pagefile: 4014.17 MB
Total Virtual: 2047.88 MB
Available Virtual: 1944.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:74.53 GB) (Free:40.64 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (PASSCAPE) (Removable) (Total:3.72 GB) (Free:0.08 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 75 GB) (Disk ID: BE19335E)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 4 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===========================================

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
 
Thanks Broni! TDSSkiller did the trick for me, unfortunately the hard drive has now failed grrrr. Oh well, time to reinstall on a replacement hard drive. MANY thank for your time though much appreciated!!
 
You must log in or register to reply here.

Similar threads

E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
Nicki
Solved Must have picked up something... some COVID computer variant???
Replies
9
Views
3K
Broni
Broni
NonTechyDad
Solved Malware removal for my son's pc
2
Replies
33
Views
5K
Broni
Broni

Latest posts

Back