TechSpot

Virus turns off installed anti-virus

By maive
Oct 21, 2011
  1. i've tried switching to another anti-virus but still ended up the same. turns off by the virus automatically when you restart my pc.
    the only problem i noticed is i can't turn on kaspersky no matter what i do.
    tried switching to bitdefender, still the same, i can't turn it on after restart.

    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Database version: 7992

    Windows 6.1.7601 Service Pack 1 (Safe Mode)
    Internet Explorer 9.0.8112.16421

    10/21/2011 10:18:10 PM
    mbam-log-2011-10-21 (22-18-10).txt

    Scan type: Full scan (C:\|D:\|E:\|F:\|)
    Objects scanned: 678742
    Time elapsed: 1 hour(s), 32 minute(s), 52 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 26

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    c:\system volume information\systemrestore\frstaging\program files (x86)\internet download manager\patch 5.xx (2008-12-06)(476).exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
    c:\system volume information\systemrestore\frstaging\program files (x86)\internet download manager\sndk&p(477).exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
    c:\system volume information\systemrestore\frstaging\Users\Maive\documents\downloads\compressed\vso.software.convertxtodvd.v4.1.19.365.incl.keygen-lz0\nfoviewer(2946).exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\system volume information\systemrestore\frstaging\Users\Maive\documents\usb backup\applications\tuneup2010-nickkkdon\core10k(2950).exe (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
    c:\system volume information\systemrestore\frstaging\Users\Maive\downloads\internet.download.manager.v6.08.8.final.incl.keygen.and.patch-snd\internet.download.manager.v6.08.8.final.incl.keygen.and.patch-snd\SND\sndk&p(2952).exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
    d:\program files (x86)\electronic arts\battlefield bad company 2\rld-bbc2.exe (RiskWare.Tool.HCK) -> Quarantined and deleted successfully.
    d:\program files (x86)\square enix - eidos interactive\lara croft and the guardian of light\lcgollauncher.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    e:\applications\bitdefender\box_bd2011_3.1\box_bd2011.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
    e:\applications\internet download manager 6.05 build 11\keygen-snd\SnDk&p.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
    e:\applications\iobit.game.booster.premium.v2.0.multilingual.incl.keymaker-core\CORE10k.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
    e:\applications\microsoft windows 7 ultimate retail(final) x86 (32 bit) and x64 (64 bit)\cracks for x64 + x86\all working activators\windows.loader.v1.9.5-sting2324-tp\windows.loader.v1.9.5-sting2324-tp\windows loader\windows loader.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
    e:\applications\winrar_3.93_pro_final_activated_latest_akhilesh910\winrar_3.93_pro_final_activated_latest_akhilesh910\winrar3.93.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
    e:\game installers\alice madness returns-skidrow\t-alimr1c\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
    e:\game installers\bastion.v1.0r11.multi5.cracked.read.nfo-theta\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
    e:\game installers\bastion.v1.0r11.multi5.cracked.read.nfo-theta\bastion.v1.0r12.update.cracked-theta\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
    e:\game installers\bastion.v1.0r11.multi5.cracked.read.nfo-theta\bastion.v1.0r14.update.cracked-theta\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
    e:\game installers\bastion.v1.0r11.multi5.cracked.read.nfo-theta\bastion.v1.0r15.update.cracked-theta\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
    e:\game installers\bastion.v1.0r11.multi5.cracked.read.nfo-theta\bbu\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
    e:\game installers\Dirt 3\dirt.3-skidrow-crack_only\SKIDROW\SKIDROW.dll (Trojan.Downloader.H) -> Quarantined and deleted successfully.
    e:\game installers\Dirt 3\dirt.3.update.1-skidrow\SKIDROW\SKIDROW.dll (Trojan.Downloader.H) -> Quarantined and deleted successfully.
    e:\game installers\limbo.v1.0r4.multi9.cracked-theta\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
    e:\game installers\magicka.multi4-alias\magicka.v1.4.0.2.multi5.cracked.read.nfo-theta\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
    e:\game installers\orcs.must.die-skidrow\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
    e:\game installers\orcs.must.die-skidrow\t-omd2u\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
    e:\game patches\lara.croft.and.the.guardian.of.light.update\sr-lcg12\SKIDROW\lcgollauncher.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    e:\game patches\lara.croft.and.the.guardian.of.light.update\sr-lcgu3\SKIDROW\lcgollauncher.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
     
  2. maive

    maive TS Rookie Topic Starter

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2011-10-21 22:59:00
    Windows 6.1.7601 Service Pack 1
    Running: lv3fbq0n.exe


    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
    Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x23 0x0A 0xD6 0x11 ...
    Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
    Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xD9 0x63 0x1F 0x4F ...
    Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xD8 0xA8 0x61 0x62 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x23 0x0A 0xD6 0x11 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Pro\
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xD9 0x63 0x1F 0x4F ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x7F 0x50 0xF9 0x53 ...
    Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
    Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x23 0x0A 0xD6 0x11 ...
    Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Pro\
    Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xD9 0x63 0x1F 0x4F ...
    Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x7F 0x50 0xF9 0x53 ...

    ---- EOF - GMER 1.0.15 ----
     
  3. maive

    maive TS Rookie Topic Starter

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
    Run by Maive at 23:26:11 on 2011-10-21
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.2143 [GMT 8:00]
    .
    AV: Kaspersky PURE *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Kaspersky PURE *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
    FW: Kaspersky PURE *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\IObit\Game Booster\gbtray.exe
    C:\Fraps\fraps.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\RocketDock\RocketDock.exe
    C:\Program Files (x86)\Internet Download Manager\IDMan.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Fraps\fraps64.dat
    C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
    C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
    C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
    C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    mStart Page = about:blank
    uInternet Settings,ProxyOverride = *.local
    mURLSearchHooks: H - No File
    mURLSearchHooks: H - No File
    BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
    TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB: {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - No File
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
    uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
    mRun: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
    mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    mRun: [Razer Blackwidow Driver] C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
    IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\Microsoft Office\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\Microsoft Office\Office14\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - {17A84966-F1E9-4645-AA9E-5E771EE1C859} - C:\Program Files (x86)\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
    DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} - hxxps://my.levelupgames.ph/keycrypt/npkcx.cab
    DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{8F6277B5-0165-40F7-BFCE-CD07BD657A15} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{956ACF95-93C5-46C5-9EC8-BD1F2350DABB} : DhcpNameServer = 121.1.3.81 121.1.3.16 121.1.3.66
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL
    BHO-X64: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
    BHO-X64: IDM Helper - No File
    BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
    BHO-X64: 0x1 - No File
    BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO-X64: HP Print Enhancer - No File
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
    BHO-X64: IEVkbdBHO - No File
    BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL
    BHO-X64: URLRedirectionBHO - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
    BHO-X64: link filter bho - No File
    BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
    BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    BHO-X64: HP Smart BHO Class - No File
    TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
    TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB-X64: {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - No File
    TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
    mRun-x64: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
    mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    mRun-x64: [Razer Blackwidow Driver] C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
    SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Maive\AppData\Roaming\Mozilla\Firefox\Profiles\8t5dyylu.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://myanimelist.net/animelist/maive
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
    FF - prefs.js: network.proxy.ftp - 203.84.191.215
    FF - prefs.js: network.proxy.ftp_port - 8080
    FF - prefs.js: network.proxy.gopher - proxy.smartbro.net
    FF - prefs.js: network.proxy.gopher_port - 8080
    FF - prefs.js: network.proxy.http - 203.84.191.215
    FF - prefs.js: network.proxy.http_port - 8080
    FF - prefs.js: network.proxy.socks - 203.84.191.215
    FF - prefs.js: network.proxy.socks_port - 8080
    FF - prefs.js: network.proxy.ssl - 203.84.191.215
    FF - prefs.js: network.proxy.ssl_port - 8080
    FF - prefs.js: network.proxy.type - 4
    FF - component: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\components\bdaphff3.6.dll
    FF - component: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\components\bdaphff3.dll
    FF - component: C:\Users\Maive\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
    FF - component: C:\Users\Maive\AppData\Roaming\Mozilla\Firefox\Profiles\8t5dyylu.default\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}\components\RadioWMPCore.dll
    FF - component: C:\Users\Maive\AppData\Roaming\Mozilla\Firefox\Profiles\8t5dyylu.default\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}\components\RadioWMPCoreGecko19.dll
    FF - plugin: C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
    FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    FF - plugin: C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
    FF - plugin: C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
    FF - plugin: C:\Users\Maive\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
    FF - plugin: C:\Users\Maive\AppData\Local\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll
    FF - plugin: C:\Users\Maive\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    FF - user.js: nglayout.initialpaint.delay - 600
    FF - user.js: content.notify.interval - 600000
    FF - user.js: content.max.tokenizing.time - 1800000
    FF - user.js: content.switch.threshold - 600000
    FF - user.js: yahoo.homepage.dontask - true
    FF - user.js: network.http.max-connections-per-server - 8
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    ============= SERVICES / DRIVERS ===============
    .
    R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\system32\DRIVERS\CSCrySec.sys --> C:\Windows\system32\DRIVERS\CSCrySec.sys [?]
    R0 KLBG;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\DRIVERS\klbg.sys --> C:\Windows\system32\DRIVERS\klbg.sys [?]
    R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys --> C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [?]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
    R2 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992]
    R2 IDMWFP;IDMWFP;C:\Windows\system32\DRIVERS\idmwfp.sys --> C:\Windows\system32\DRIVERS\idmwfp.sys [?]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-9-13 366152]
    R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-9-27 2027840]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 avchv;avchv Function Driver;C:\Windows\system32\DRIVERS\avchv.sys --> C:\Windows\system32\DRIVERS\avchv.sys [?]
    R3 DAdderFltr;DeathAdder Mouse;C:\Windows\system32\drivers\dadder.sys --> C:\Windows\system32\drivers\dadder.sys [?]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 RzSynapse;Razer Driver;C:\Windows\system32\DRIVERS\RzSynapse.sys --> C:\Windows\system32\DRIVERS\RzSynapse.sys [?]
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-5-31 11856]
    R3 VKbms;Virtual HID Minidriver;C:\Windows\system32\DRIVERS\VKbms.sys --> C:\Windows\system32\DRIVERS\VKbms.sys [?]
    S2 AVP;Kaspersky PURE;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe [2010-10-1 348760]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 KMService;KMService;C:\Windows\System32\srvany.exe [2010-6-3 8192]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
    S3 bdsandbox;bdsandbox;C:\Windows\system32\Drivers\bdsandbox.sys --> C:\Windows\system32\Drivers\bdsandbox.sys [?]
    S3 COMMONFX.SYS;COMMONFX.SYS;C:\Windows\system32\drivers\COMMONFX.SYS --> C:\Windows\system32\drivers\COMMONFX.SYS [?]
    S3 COMMONFX;COMMONFX;C:\Windows\system32\drivers\COMMONFX.SYS --> C:\Windows\system32\drivers\COMMONFX.SYS [?]
    S3 cpuz134;cpuz134;C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [2011-10-19 21480]
    S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-1-11 79360]
    S3 CTAUDFX.SYS;CTAUDFX.SYS;C:\Windows\system32\drivers\CTAUDFX.SYS --> C:\Windows\system32\drivers\CTAUDFX.SYS [?]
    S3 CTAUDFX;CTAUDFX;C:\Windows\system32\drivers\CTAUDFX.SYS --> C:\Windows\system32\drivers\CTAUDFX.SYS [?]
    S3 CTERFXFX.SYS;CTERFXFX.SYS;C:\Windows\system32\drivers\CTERFXFX.SYS --> C:\Windows\system32\drivers\CTERFXFX.SYS [?]
    S3 CTERFXFX;CTERFXFX;C:\Windows\system32\drivers\CTERFXFX.SYS --> C:\Windows\system32\drivers\CTERFXFX.SYS [?]
    S3 CTSBLFX.SYS;CTSBLFX.SYS;C:\Windows\system32\drivers\CTSBLFX.SYS --> C:\Windows\system32\drivers\CTSBLFX.SYS [?]
    S3 CTSBLFX;CTSBLFX;C:\Windows\system32\drivers\CTSBLFX.SYS --> C:\Windows\system32\drivers\CTSBLFX.SYS [?]
    S3 CYUSB;Cypress Generic USB Driver;C:\Windows\system32\Drivers\CYUSB.sys --> C:\Windows\system32\Drivers\CYUSB.sys [?]
    S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;D:\Program Files (x86)\Dragon Age Origins\bin_ship\daupdatersvc.service.exe [2011-1-27 25832]
    S3 ENTECH64;ENTECH64;C:\Windows\System32\drivers\Entech64.sys [2009-3-30 12744]
    S3 FLASHSYS;FLASHSYS;C:\Program Files (x86)\MSI\Live Update 4\LU4\Flashsys64.sys [2010-7-10 15192]
    S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-5-19 130976]
    S3 libusb0;LibUsb-Win32 - Kernel Driver 08/27/2006, 0.1.12.0;C:\Windows\system32\DRIVERS\libusb0.sys --> C:\Windows\system32\DRIVERS\libusb0.sys [?]
    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
    S3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2009-8-23 19952]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
    .
    =============== File Associations ===============
    .
    inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
    inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
    JSEFile=C:\Windows\SysWow64\WScript.exe "%1" %*
    txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
    .
    =============== Created Last 30 ================
    .
    2011-10-22 00:13:26 -------- d-----w- C:\Boot
    2011-10-21 08:14:55 -------- d-sh--w- C:\$RECYCLE.BIN
    2011-10-20 21:06:29 -------- d-----w- C:\$UPGRADE.~OS
    2011-10-20 04:31:27 -------- d-----w- C:\Users\Maive\AppData\Roaming\Kalypso Media
    2011-10-20 03:40:33 162392 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
    2011-10-20 03:40:33 -------- d--h--we C:\ProgramData\AVP9
    2011-10-20 03:39:58 85048 ----a-w- C:\Windows\System32\drivers\CSCrySec.sys
    2011-10-20 03:39:58 66104 ----a-w- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
    2011-10-20 03:38:40 -------- d-----w- C:\Program Files (x86)\Common Files\InfoWatch
    2011-10-20 02:15:21 120547 ----a-w- C:\ProgramData\1319076678.bdinstall.bin
    2011-10-20 02:13:47 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Pro
    2011-10-20 02:13:08 -------- d-----w- C:\ProgramData\DAEMON Tools Pro
    2011-10-20 02:11:22 -------- d-----w- C:\Program Files\Common Files\BitDefender
    2011-10-20 00:01:11 120401 ----a-w- C:\ProgramData\1319068595.bdinstall.bin
    2011-10-19 23:51:02 115439 ----a-w- C:\ProgramData\1319068173.bdinstall.bin
    2011-10-19 13:51:48 356 ----a-w- C:\ProgramData\1319032305.5376.bin
    2011-10-19 13:51:48 2655 ----a-w- C:\ProgramData\1319032305.4984.bin
    2011-10-19 13:51:48 1870 ----a-w- C:\ProgramData\1319032305.5512.bin
    2011-10-19 13:51:48 11089 ----a-w- C:\ProgramData\1319032305.1792.bin
    2011-10-19 13:51:46 1919 ----a-w- C:\ProgramData\1319032305.2896.bin
    2011-10-19 13:51:46 116 ----a-w- C:\ProgramData\1319032305.5876.bin
    2011-10-19 13:51:45 18852 ----a-w- C:\ProgramData\1319032305.2984.bin
    2011-10-18 20:17:14 0 ----a-w- C:\Windows\ativpsrm.bin
    2011-10-18 16:07:39 -------- d-----w- C:\Program Files (x86)\AMD APP
    2011-10-18 16:07:33 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
    2011-10-18 16:06:21 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
    2011-10-17 14:23:26 -------- d-----w- C:\ProgramData\n7-89-o9-3r-4t-r9
    2011-10-17 14:23:11 -------- d-----w- C:\Users\Maive\AppData\Roaming\GameHouse
    2011-10-16 14:19:30 66048 ----a-w- C:\Windows\System32\OpenVideo64.dll
    2011-10-16 14:19:26 56832 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
    2011-10-12 04:16:52 3138048 ----a-w- C:\Windows\System32\win32k.sys
    2011-10-12 04:16:36 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
    2011-10-12 04:16:36 613888 ----a-w- C:\Windows\System32\psisdecd.dll
    2011-10-12 04:16:36 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
    2011-10-12 04:16:35 108032 ----a-w- C:\Windows\System32\psisrndr.ax
    2011-10-12 04:16:18 861696 ----a-w- C:\Windows\System32\oleaut32.dll
    2011-10-12 04:16:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
    2011-10-12 04:16:18 331776 ----a-w- C:\Windows\System32\oleacc.dll
    2011-10-12 04:16:18 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
    2011-10-11 08:25:57 -------- d-----w- C:\Users\Maive\AppData\Local\ApplicationHistory
    2011-10-11 08:06:53 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
    2011-10-11 08:06:53 565352 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
    2011-10-08 18:22:20 21992 ----a-w- C:\Windows\System32\drivers\cpuz135_x64.sys
    2011-10-08 18:22:20 -------- d-----w- C:\Program Files\CPUID
    2011-10-08 07:57:47 231440 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
    2011-10-06 14:30:36 16787456 ----a-w- C:\Windows\System32\amdocl64.dll
    2011-10-06 14:29:54 13753856 ----a-w- C:\Windows\SysWow64\amdocl.dll
    2011-10-06 14:29:04 51200 ----a-w- C:\Windows\System32\OpenCL.dll
    2011-10-06 14:29:00 43520 ----a-w- C:\Windows\SysWow64\OpenCL.dll
    2011-10-01 14:11:03 145008 ----a-w- C:\Windows\System32\drivers\idmwfp.sys
    2011-10-01 13:03:12 -------- d-----w- C:\Users\Maive\AppData\Roaming\GarenaPlus
    .
    ==================== Find3M ====================
    .
    2011-10-20 02:17:45 27528 ----a-w- C:\Windows\System32\bdsandboxuh.dll
    2011-10-20 02:01:16 300426 ----a-w- C:\ProgramData\bdinstall.bin
    2011-10-17 02:58:54 10207232 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
    2011-10-17 02:16:08 24998912 ----a-w- C:\Windows\System32\atio6axx.dll
    2011-10-17 02:07:06 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
    2011-10-17 02:06:54 736768 ----a-w- C:\Windows\SysWow64\aticfx32.dll
    2011-10-17 02:05:34 867328 ----a-w- C:\Windows\System32\aticfx64.dll
    2011-10-17 02:03:00 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll
    2011-10-17 02:02:50 487936 ----a-w- C:\Windows\System32\atieclxx.exe
    2011-10-17 02:02:14 204288 ----a-w- C:\Windows\System32\atiesrxx.exe
    2011-10-17 02:01:02 120320 ----a-w- C:\Windows\System32\atitmm64.dll
    2011-10-17 02:00:46 423424 ----a-w- C:\Windows\System32\atipdl64.dll
    2011-10-17 02:00:38 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
    2011-10-17 02:00:26 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
    2011-10-17 02:00:22 21504 ----a-w- C:\Windows\System32\atimuixx.dll
    2011-10-17 02:00:16 59392 ----a-w- C:\Windows\System32\atiedu64.dll
    2011-10-17 02:00:12 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
    2011-10-17 02:00:02 18837504 ----a-w- C:\Windows\SysWow64\atioglxx.dll
    2011-10-17 01:57:08 4231680 ----a-w- C:\Windows\SysWow64\atidxx32.dll
    2011-10-17 01:47:24 4960768 ----a-w- C:\Windows\System32\atidxx64.dll
    2011-10-17 01:44:48 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
    2011-10-17 01:44:24 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
    2011-10-17 01:44:12 4023296 ----a-w- C:\Windows\System32\atiumd6a.dll
    2011-10-17 01:39:40 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
    2011-10-17 01:39:38 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
    2011-10-17 01:39:30 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
    2011-10-17 01:39:28 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
    2011-10-17 01:39:18 9809920 ----a-w- C:\Windows\System32\aticaldd64.dll
    2011-10-17 01:36:58 4289024 ----a-w- C:\Windows\SysWow64\atiumdag.dll
    2011-10-17 01:36:18 8390656 ----a-w- C:\Windows\SysWow64\aticaldd.dll
    2011-10-17 01:34:30 4174848 ----a-w- C:\Windows\SysWow64\atiumdva.dll
    2011-10-17 01:31:24 58880 ----a-w- C:\Windows\System32\coinst.dll
    2011-10-17 01:30:58 5431808 ----a-w- C:\Windows\System32\atiumd64.dll
    2011-10-17 01:24:16 479744 ----a-w- C:\Windows\System32\atiadlxx.dll
    2011-10-17 01:24:08 335872 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
    2011-10-17 01:23:58 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
    2011-10-17 01:23:54 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
    2011-10-17 01:23:54 14336 ----a-w- C:\Windows\System32\atiglpxx.dll
    2011-10-17 01:23:50 39936 ----a-w- C:\Windows\System32\atig6txx.dll
    2011-10-17 01:23:44 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
    2011-10-17 01:23:36 317952 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
    2011-10-17 01:22:48 40960 ----a-w- C:\Windows\System32\atiuxp64.dll
    2011-10-17 01:22:40 31744 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
    2011-10-17 01:22:34 38912 ----a-w- C:\Windows\System32\atiu9p64.dll
    2011-10-17 01:22:26 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
    2011-10-17 01:21:40 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
    2011-10-17 01:20:24 54784 ----a-w- C:\Windows\System32\atimpc64.dll
    2011-10-17 01:20:24 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
    2011-10-17 01:20:18 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
    2011-10-17 01:20:18 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
    2011-10-05 17:51:44 107832 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
    2011-10-05 15:24:50 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-09-27 11:53:40 34624 ----a-w- C:\Windows\System32\TURegOpt.exe
    2011-09-27 11:47:02 25920 ----a-w- C:\Windows\System32\authuitu.dll
    2011-09-27 11:46:56 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll
    2011-09-27 11:46:50 36160 ----a-w- C:\Windows\System32\uxtuneup.dll
    2011-09-27 11:46:44 29504 ----a-w- C:\Windows\SysWow64\uxtuneup.dll
    2011-09-14 03:47:42 60416 ----a-w- C:\Windows\System32\OVDecode64.dll
    2011-09-14 03:47:40 53760 ----a-w- C:\Windows\SysWow64\OVDecode.dll
    2011-09-14 03:38:30 44032 ----a-w- C:\Windows\System32\amdoclcl64.dll
    2011-09-14 03:38:28 37376 ----a-w- C:\Windows\SysWow64\amdoclcl.dll
    2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll
    2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll
    2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-08-31 11:12:00 1698408 ----a-w- C:\Windows\RtlExUpd.dll
    2011-08-31 09:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-08-30 09:28:46 3069032 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
    2011-08-30 08:41:22 1501696 ----a-w- C:\Windows\System32\RCoRes64.dat
    2011-08-30 07:09:11 627600 ----a-w- C:\Windows\System32\deployJava1.dll
    2011-08-30 05:37:44 2518632 ----a-w- C:\Windows\System32\RtPgEx64.dll
    2011-08-24 05:30:06 3201128 ------w- C:\Windows\System32\RtkAPO64.dll
    2011-08-23 13:57:24 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
    2011-08-23 09:00:24 603984 ----a-w- C:\Windows\System32\KAAPORT64.dll
    2011-08-23 04:06:12 97896 ----a-w- C:\Windows\System32\RCoInst64.dll
    2011-08-19 06:54:12 1881704 ------w- C:\Windows\System32\RtkApi64.dll
    2011-08-14 01:16:30 8192 ----a-w- C:\Windows\SysWow64\srvany.exe
    2011-08-05 17:29:20 527872 ----a-w- C:\Windows\System32\DTSU2PLFX64.dll
    2011-08-05 17:29:20 515584 ----a-w- C:\Windows\System32\DTSU2PGFX64.dll
    2011-08-05 17:29:20 439808 ------w- C:\Windows\System32\DTSU2PREC64.dll
    2011-07-31 06:51:12 71680 ----a-w- C:\Windows\System32\frapsv64.dll
    2011-07-31 06:51:08 65536 ----a-w- C:\Windows\SysWow64\frapsvid.dll
    2011-07-27 16:55:14 2604376 ----a-w- C:\Windows\System32\WavesGUILib.dll
    2011-07-27 16:55:08 2132824 ----a-w- C:\Windows\System32\MaxxAudioEQ.dll
    2010-07-08 02:37:14 101544 ----a-w- C:\Program Files\Common Files\linkinstaller.exe
    .
    ============= FINISH: 23:26:34.50 ===============
     
  4. maive

    maive TS Rookie Topic Starter

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Ultimate
    Boot Device: \Device\HarddiskVolume1
    Install Date: 4/5/2010 6:35:23 AM
    System Uptime: 10/21/2011 10:19:07 PM (1 hours ago)
    .
    Motherboard: XFX | | MI-XG31-CH79
    Processor: Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz | CPU1 | 3011/267mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 149 GiB total, 57.512 GiB free.
    D: is FIXED (NTFS) - 488 GiB total, 40.841 GiB free.
    E: is FIXED (NTFS) - 443 GiB total, 34.218 GiB free.
    F: is FIXED (NTFS) - 233 GiB total, 11.694 GiB free.
    G: is CDROM ()
    H: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {ff646f80-8def-11d2-9449-00105a075f6b}
    Description: pcouffin device for Amd 64 bits systems
    Device ID: ROOT\PCOUFFIN\0000
    Manufacturer: VSO Software
    Name: pcouffin device for Amd 64 bits systems
    PNP Device ID: ROOT\PCOUFFIN\0000
    Service: pcouffin
    .
    Class GUID: {4d36e969-e325-11ce-bfc1-08002be10318}
    Description: Standard floppy disk controller
    Device ID: ACPI\PNP0700\4&10E0BC55&0
    Manufacturer: (Standard floppy disk controllers)
    Name: Standard floppy disk controller
    PNP Device ID: ACPI\PNP0700\4&10E0BC55&0
    Service: fdc
    .
    Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Description: BitDefender AVC HV
    Device ID: ROOT\SYSTEM\0002
    Manufacturer: (Standard system devices)
    Name: BitDefender AVC HV
    PNP Device ID: ROOT\SYSTEM\0002
    Service: avchv
    .
    ==== System Restore Points ===================
    .
    RP535: 10/21/2011 10:24:33 PM - Removed service pack backup files
    .
    ==== Installed Programs ======================
    .
    µTorrent
    Activision(R)
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.4.6
    Advertising Center
    Alice: Madness Returns
    Alien Breed 2: Assault
    Amnesia - The Dark Descent
    Anno 1404
    ANNO 1404 - Venice
    Apple Application Support
    Apple Software Update
    Assassin's Creed Brotherhood
    AviSynth 2.5
    Bandisoft MPEG-1 Decoder
    Bejeweled 3
    Bing Bar
    Blade Kitten
    Borderlands
    Brink
    BufferChm
    Bulletstorm
    Call of Duty(R) 4 - Modern Warfare(TM)
    Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
    Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
    Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
    Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
    Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
    Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
    Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
    Call of Duty: Black Ops
    Call of Juarez The Cartel
    Catalyst Control Center
    Catalyst Control Center - Branding
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    CDisplay 1.8
    Combined Community Codec Pack 2011-06-26
    Company of Heroes
    Company of Heroes - FAKEMSI
    Conduit Engine
    ConvertXtoDVD 4.1.19.365
    Copy
    Creative Audio Console
    Creative Software AutoUpdate
    Crysis® 2
    Cucusoft Ultimate DVD + Video Converter Suite 8.3.8.3
    D3DX10
    DAEMON Tools Pro
    Dead Space™ 2
    DeathSpank
    Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    Destinations
    Deus Ex - Human Revolution
    Deus Ex Human Revolution - The Missing Link
    DeviceDiscovery
    DeviceManagementQFolder
    DiRT 3
    DiRT2
    Disciples III: Resurrection
    DivX Codec
    DivX Converter
    DivX Player
    DivX Plus DirectShow Filters
    DivX Setup
    DJ_AIO_03_F4200_Software_Min
    DocProc
    DocProcQFolder
    DoWar2R
    Dragon Age II
    Dragon Age: Origins
    Dragon Nest SEA
    Driver Sweeper version 3.2.0
    eSupportQFolder
    EVEREST Ultimate Edition v4.60
    F.E.A.R. 3
    F4200
    Feedback Tool
    Feeding Frenzy 2
    Final Uninstaller
    Fraps (remove only)
    Futuremark SystemInfo
    Game Booster 3
    Garena
    Garena Messenger
    GhostbustersSOS
    Google Chrome
    GPBaseService
    GPBaseService2
    Handy Recovery 4.0
    Hard Reset
    HiJackThis
    HP Update
    HPPhotoGadget
    HPPhotoSmartDiscLabelContent1
    HPPhotosmartEssential
    HPProductAssistant
    HPSSupply
    Hunted The Demons Forge
    HydraVision
    Hydrophobia: Prophecy
    ImgBurn
    Internet Download Manager
    Java Auto Updater
    Java(TM) 6 Update 26
    Java(TM) 6 Update 5
    JCreator LE 5.00
    Just Cause 2
    K-Lite Codec Pack 5.8.3 (Full)
    Kaspersky PURE
    Lara Croft and the Guardian of Light
    Left 4 Dead 2 Demo
    Liveupdate4
    LOST PLANET 2
    Mafia II DLC Joe's Adventures
    Magic The Gathering - Duels of the Planeswalkers
    Malwarebytes' Anti-Malware version 1.51.2.1300
    MarketResearch
    Mass Effect 2
    Metro 2033 Update 2
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB953297)
    Microsoft Games for Windows - LIVE Redistributable
    Microsoft Games for Windows Marketplace
    Microsoft Office 2010 Service Pack 1 (SP1)
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office Live Add-in 1.5
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook Connector
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
    Microsoft Silverlight
    Microsoft SOAP Toolkit 3.0
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Visual J# 2.0 Redistributable Package
    Microsoft WSE 3.0 Runtime
    Microsoft XNA Framework Redistributable 3.1
    Mirror's Edge™
    Mozilla Firefox 7.0.1 (x86 en-US)
    MSI Afterburner 1.6.1
    MSI Kombustor v1.0.10
    MSVCRT
    MSVCSetup
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Nero ControlCenter
    Nero Multimedia Suite
    Nero PhotoSnap
    Nero Recode
    Nero Rescue Agent
    Nero ShowTime
    Nero StartSmart
    Nero Vision
    Nero WaveEditor
    NeroBurningROM
    NeroExpress
    neroxml
    Nexon Game Manager
    Nuclear Coffee - VideoGet
    NVIDIA PhysX
    OpenAL
    Orcs Must Die!
    Pando Media Booster
    PC Wizard 2010.1.96
    Portal 2
    PSP Video 9 6
    PunkBuster Services
    QuickTime
    Rage
    Rapture3D 2.4.8 Game
    Razer BlackWidow Ultimate
    Razer BlackWidow Ultimate Firmware Updater
    Razer DeathAdder(TM) Mouse
    Real Alternative 2.0.2
    Realtek Ethernet Controller Driver
    Realtek HDMI Audio Driver for ATI
    Realtek High Definition Audio Driver
    Red Faction Armageddon
    RESIDENT EVIL 5
    RocketDock 1.3.5
    Scan
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft Excel 2010 (KB2553070)
    Security Update for Microsoft Office 2010 (KB2553091)
    Security Update for Microsoft Office 2010 (KB2553096)
    Security Update for Microsoft Office 2010 (KB2584066)
    Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
    SmartWebPrinting
    SolutionCenter
    SoundTrax
    Spider-Man(TM) - Shattered Dimensions
    Split/Second
    StarCraft II
    Status
    Steam
    Super Mp3 Download
    SUPER STREET FIGHTER IV: ARCADE EDITION
    System Requirements Lab
    The Witcher 2
    The Witcher Enhanced Edition
    The Witcher Grafikmods 1.0
    Tom Clancy's Rainbow Six Vegas 2
    Toolbox
    Total Video Converter 3.21 090220
    TrayApp
    TuneUp Utilities 2011
    TuneUp Utilities Language Pack (en-US)
    Ubisoft Game Launcher
    Unity Web Player
    UnloadSupport
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft Office 2010 (KB2494150)
    Update for Microsoft Office 2010 (KB2553065)
    Update for Microsoft Office 2010 (KB2553092)
    Update for Microsoft Office 2010 (KB2566458)
    Update for Microsoft Outlook Social Connector (KB2583935)
    VC80CRTRedist - 8.0.50727.4053
    Veoh Web Player
    Visual C++ 8.0 CRT (x86) WinSXS MSM
    VLC media player 1.1.11
    Warcraft III
    Warcraft III: All Products
    WebReg
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Media Player Firefox Plugin
    Winrar 3.93
    Xfire (remove only)
    XviD4PSP 5.0
    Yahoo! BrowserPlus 2.8.1
    Yahoo! Messenger
    Yahoo! Software Update
    Yahoo! Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    10/21/2011 8:41:14 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    10/21/2011 8:41:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    10/21/2011 8:41:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    10/21/2011 8:41:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    10/21/2011 8:41:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    10/21/2011 8:40:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSVirtualDiskDrv DfsC discache kl1 KLIF KLIM6 NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx Wanarpv6 WfpLwf
    10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
    10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    10/21/2011 8:40:52 PM, Error: Service Control Manager [7001] - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start.
    10/21/2011 8:40:32 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .
    10/21/2011 8:05:13 PM, Error: Service Control Manager [7034] - The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).
    10/21/2011 6:30:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service HomeGroupProvider with arguments "" in order to run the server: {EA022610-0748-4C24-B229-6C507EBDFDBB}
    10/21/2011 5:18:59 AM, Error: Service Control Manager [7024] - The Distributed Transaction Coordinator service terminated with service-specific error %%-1073737712.
    10/21/2011 4:26:04 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
    10/21/2011 4:16:38 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
    10/21/2011 10:33:58 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004
    10/21/2011 10:19:52 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    10/20/2011 9:30:37 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Type with the following error: Access is denied.
    10/20/2011 8:47:33 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: bdfwfpf
    10/20/2011 8:45:44 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VSSERV service.
    10/20/2011 8:40:11 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
    10/20/2011 8:40:11 AM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    10/20/2011 8:32:28 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
    10/20/2011 8:31:37 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.
    10/20/2011 8:24:31 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avc3 bdfwfpf BDVEDISK DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx Wanarpv6 WfpLwf
    10/20/2011 8:00:24 AM, Error: Service Control Manager [7000] - The bdfwfpf service failed to start due to the following error: The system cannot find the file specified.
    10/20/2011 7:30:29 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for DelayedAutostart with the following error: Access is denied.
    10/20/2011 7:07:22 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.
    10/20/2011 3:46:39 AM, Error: Service Control Manager [7000] - The BDFM service failed to start due to the following error: The system cannot find the file specified.
    10/20/2011 11:33:35 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
    10/20/2011 11:33:35 AM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    10/20/2011 11:33:04 AM, Error: Service Control Manager [7000] - The SafeBox service failed to start due to the following error: The system cannot find the file specified.
    10/20/2011 11:24:13 AM, Error: Service Control Manager [7034] - The BitDefender Virus Shield service terminated unexpectedly. It has done this 2 time(s).
    10/20/2011 11:23:57 AM, Error: Service Control Manager [7034] - The BitDefender Desktop Update Service service terminated unexpectedly. It has done this 1 time(s).
    10/20/2011 11:21:03 AM, Error: Service Control Manager [7016] - The BitDefender Virus Shield service has reported an invalid current state 14.
    10/20/2011 10:51:48 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.
    10/20/2011 10:49:35 AM, Error: Service Control Manager [7034] - The BitDefender Virus Shield service terminated unexpectedly. It has done this 1 time(s).
    10/20/2011 10:34:04 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avc3 BdfNdisf bdfwfpf BDVEDISK DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx Wanarpv6 WfpLwf
    10/20/2011 10:18:00 AM, Error: Service Control Manager [7016] - The VSSERV service has reported an invalid current state 14.
    10/19/2011 4:37:06 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3.
    10/16/2011 12:27:36 PM, Error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
    .
    ==== End Of File ===========================
     
  5. maive

    maive TS Rookie Topic Starter

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:30:02 PM, on 10/21/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\IObit\Game Booster\gbtray.exe
    C:\Fraps\fraps.exe
    C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
    C:\Program Files (x86)\RocketDock\RocketDock.exe
    C:\Program Files (x86)\Internet Download Manager\IDMan.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
    C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
    C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
    C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
    C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
    O4 - HKLM\..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [Razer Blackwidow Driver] C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\Microsoft Office\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\Microsoft Office\Office14\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files (x86)\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll
    O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files (x86)\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll
    O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
    O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - https://my.levelupgames.ph/keycrypt/npkcx.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky PURE (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
    O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
    O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
    O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - D:\Program Files (x86)\Dragon Age Origins\bin_ship\DAUpdaterSvc.Service.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\Windows\SysWOW64\npkcsvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 12860 bytes
     
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    I have closed your duplicate thread. If there was anything in it that is not included in this thread, please paste it in your next reply. If you had waited a minute or 2, you would have seen your thread.

    Please read our instructions carefully Malwarebytes should have been a Quick Scan. HijackThis is not included in the preliminary steps.

    Mist of the active entries in M\bam are from pirated software. You will have to remove it to continue support:

    Download CKScanner and save to your desktop.
    • Doubleclick CKScanner.exe and click Search For Files.
    • When the cursor hourglass disappears, click Save List To File.
    • A message box will verify that the file is saved.
    • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents
      in your next reply.
    ======================================
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.
    • Please let me know if there is any change in the system.

    If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
    =====================================
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...