Solved Hit with something...plz help

N

nibbz

Posts: 113   +0
Not sure what my wife or kids did today but when I came home from work
my pc booted up norml enough but my web browser was gone, program files folder had nothing in them, attemted to restore and it failed, only after a restore attempt in safe mode
was I able to get web browser back, afraid to boot up in norml mode. plus my antivirus want work, wife and kids have non admin accts, but wife did say she was on facebook today.
dunno what they did but I got hit with something bad.......plz help !!
 
Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 10.0.9200.16635
Run by nibbz at 23:01:45 on 2013-07-18
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.5105.4176 [GMT -4:00]
.
AV: COMODO Antivirus *Disabled/Outdated* {458BB331-2324-0753-3D5F-1472EB102AC0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://us.yahoo.com?fr=fp-comodo
uDefault_Search_URL = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: WOT: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
uRun: [cdloader] "C:\Users\nibbz\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
mRun: [LGODDFU] blrun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001025-0002-0025-ABCDEFFEDCBC} - <orphaned>
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {9D1DD603-DCCE-4738-ABAE-B367B170EEB1} - hxxp://192.168.1.9:81/LvrWeb.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{07FEE089-0AB3-4836-8C6F-4FD7505E0D95} : DHCPNameServer = 192.168.1.1
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
x64-BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll
x64-TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
x64-Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
x64-Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\nibbz\AppData\Roaming\Mozilla\Firefox\Profiles\qxl1gisf.default-1358222868749\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://us.yahoo.com?fr=fp-comodo
FF - prefs.js: keyword.URL - hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Users\nibbz\AppData\Local\DIRECTV Player\npPlayerPlugin.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-06-28 21:35; {4cc4a13b-94a6-7568-370d-5f9de54a9c7f}; C:\Users\nibbz\AppData\Roaming\Mozilla\Firefox\Profiles\qxl1gisf.default-1358222868749\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f}.xpi
.
============= SERVICES / DRIVERS ===============
.
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2012-3-11 22736]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2012-3-11 38144]
R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe [2012-8-23 70352]
R2 tvnserver;TightVNC Server;C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe [2012-1-27 828944]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-16 676968]
S1 CFRMD;CFRMD;C:\Windows\System32\drivers\CFRMD.sys [2012-8-3 35064]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdGuard.sys [2012-3-11 584056]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-6-4 2095752]
S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-2-7 660504]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264]
S2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-2-12 93072]
S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-2-7 18456]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-30 19456]
S3 RTCore64;RTCore64;C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [2012-6-29 15176]
S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-2-7 1223704]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;C:\Windows\System32\drivers\silabenm.sys [2012-4-22 27336]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;C:\Windows\System32\drivers\silabser.sys [2012-4-22 71168]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-6-30 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-10 1255736]
.
=============== File Associations ===============
.
.chm: <filetype is not registered>
.
=============== Created Last 30 ================
.
2013-07-19 02:54:11 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-19 00:12:01 -------- d-----w- C:\Windows\System32\MRT
2013-07-18 02:12:37 -------- d-----w- C:\Users\nibbz\AppData\Local\ArmA 2
2013-07-17 03:29:29 -------- d-----w- C:\Users\nibbz\AppData\Local\ArmA 2 OA
2013-07-17 03:29:29 -------- d-----w- C:\ProgramData\Bohemia Interactive Studio
2013-07-16 18:07:37 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F2637C75-4C45-4D29-881B-3E75A33CC0E4}\mpengine.dll
2013-07-15 21:34:10 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-07-15 21:34:09 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-15 21:34:09 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-07-15 21:34:09 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-15 21:34:09 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-15 21:34:09 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-15 21:34:09 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
2013-07-15 21:34:08 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-07-15 21:34:08 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-07-15 21:34:06 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-15 21:34:06 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-15 21:34:00 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-07-15 21:33:58 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-15 21:33:58 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-15 21:33:58 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-15 21:33:58 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-15 21:33:58 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-15 21:33:06 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-15 21:33:06 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-07-01 01:09:17 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-07-01 01:09:16 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-06-30 05:30:31 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-06-30 05:30:31 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-06-30 05:30:31 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-06-30 05:30:31 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-06-30 05:27:58 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-30 05:25:49 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-06-30 05:25:49 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-06-30 05:25:49 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-06-30 05:25:49 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-06-30 05:25:49 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-06-30 05:25:49 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-06-30 05:25:49 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-06-30 05:19:33 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2013-06-30 05:19:33 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2013-06-30 05:19:33 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2013-06-30 05:19:33 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2013-06-30 05:19:14 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-06-30 05:19:14 366592 ----a-w- C:\Windows\System32\qdvd.dll
2013-06-30 05:19:04 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-06-30 05:19:04 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-06-30 05:17:56 46592 ----a-w- C:\Windows\SysWow64\fpb.rs
2013-06-30 05:15:54 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-06-30 05:15:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-06-30 05:15:38 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-06-30 05:15:26 503808 ----a-w- C:\Windows\System32\srcore.dll
2013-06-30 05:15:25 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2013-06-30 05:15:15 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-06-30 05:15:15 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-06-30 05:15:08 67072 ----a-w- C:\Windows\splwow64.exe
2013-06-30 05:15:08 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2013-06-24 04:39:33 -------- d-----r- C:\Users\nibbz\Virtual Machines
2013-06-24 03:49:45 3584 ----a-w- C:\Windows\System32\drivers\fr-FR\vpchbus.sys.mui
2013-06-23 05:38:31 -------- d-----w- C:\Program Files\Windows XP Mode
2013-06-23 04:46:53 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-22 23:22:12 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-06-22 06:26:57 -------- d-sh--w- C:\$RECYCLE.BIN
.
==================== Find3M ====================
.
2013-06-30 05:27:58 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-23 04:46:50 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-06-23 04:46:50 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-14 23:56:09 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-14 23:56:09 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-14 23:12:16 16384 ----a-w- C:\Windows\SysWow64\lgfwunis.exe
2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-06-05 12:37:19 56072 ----a-w- C:\Windows\System32\certsentry.dll
2013-06-05 12:37:19 47368 ----a-w- C:\Windows\SysWow64\certsentry.dll
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
.
============= FINISH: 23:01:50.98 ===============
 
.

DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 4/10/2012 2:51:35 AM
System Uptime: 7/18/2013 9:06:17 PM (2 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P6T SE
Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz | LGA1366 | 2672/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 932 GiB total, 877.941 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: USB Serial Converter
Device ID: ROOT\USB\0000
Manufacturer: FTDI
Name: USB Serial Converter
PNP Device ID: ROOT\USB\0000
Service: FTDIBUS
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
Class GUID:
Description: Motorola Surfboard 5120 USB Cable Modem
Device ID: USB\VID_07B2&PID_5120\5&385A3465&0&1
Manufacturer:
Name: Motorola Surfboard 5120 USB Cable Modem
PNP Device ID: USB\VID_07B2&PID_5120\5&385A3465&0&1
Service:
.
==== System Restore Points ===================
.
RP199: 7/17/2013 10:11:25 PM - Installed DirectX
RP200: 7/18/2013 6:56:23 PM - Restore Operation
RP201: 7/18/2013 8:11:42 PM - Windows Update
RP202: 7/18/2013 8:23:09 PM - Removed Windows XP Mode
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Arma 2
Arma 2: Operation Arrowhead
Arma 2: Operation Arrowhead Beta
Ballistix MOD Utility
Call of Duty 4: Modern Warfare
Comodo Dragon
COMODO Internet Security
Counter-Strike: Source
DIRECTV Player
DivX Setup
EVGA Precision X 3.0.3
FlashPlayer
FLV to AVI Converter
Foxit Reader
Free Video Joiner
Free Video to DVD Converter version 5.0.13.608
GeekBuddy
Google Earth Plug-in
Google Update Helper
ImgBurn
Java 7 Update 25
LG ODD Auto Firmware Update
magicJack
Malwarebytes Anti-Malware version 1.75.0.1300
MaxiLink
Media Player Codec Pack 4.1.9
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Flight Simulator X Demo
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
NETGEAR Live Parental Controls Management Utility 2.1.6
NVIDIA 3D Vision Controller Driver 314.22
NVIDIA 3D Vision Driver 314.22
NVIDIA Control Panel 314.22
NVIDIA Graphics Driver 314.22
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.1031
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.12.12
NVIDIA Update Components
PunkBuster Services
RabbitTV
Realtek High Definition Audio Driver
Secunia PSI (3.0.0.6005)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7
Speccy
SpywareBlaster 5.0
Star Trek Bridge Commander
Steam
Strongvault Online Backup
swMSM
System Requirements Lab for Intel
T6 Configuration
t6config
TaxACT 2011 - 1040 Edition
TaxACT 2011 North Carolina
TeamSpeak 3 Client
TechPowerUp GPU-Z
The Walking Dead
TomTom HOME
TomTom HOME Visual Studio Merge Modules
Total Video Converter 3.71 100812
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
VC80CRTRedist - 8.0.50727.6195
VLC media player 2.0.7
WinAVI All in One Converter
Windows Media Player Firefox Plugin
Windows XP Mode
WinRAR 4.20 (64-bit)
WOT for Internet Explorer
Wrestling MPire 2008 (Career Edition)
.
==== Event Viewer Messages From Past Week ========
.
7/18/2013 9:07:16 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 9:07:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/18/2013 9:07:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/18/2013 9:07:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/18/2013 9:07:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/18/2013 9:06:45 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: CFRMD cmdGuard discache papycpu2 papyjoy spldr vpcvmm Wanarpv6
7/18/2013 9:06:43 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
7/18/2013 9:06:30 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\DRIVERS\papyjoy.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
7/18/2013 9:06:30 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\DRIVERS\papycpu2.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
7/18/2013 8:58:36 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:50:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
7/18/2013 8:50:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
7/18/2013 8:49:31 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CFRMD cmdGuard cmdHlp CSC DfsC discache inspect NetBIOS NetBT nsiproxy papycpu2 papyjoy Psched rdbss spldr tdx vpcnfltr vpcvmm Wanarpv6 WfpLwf ws2ifsl
7/18/2013 8:49:31 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:49:31 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
7/18/2013 8:49:31 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
7/18/2013 8:49:31 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:49:31 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:49:31 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
7/18/2013 8:49:31 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:49:31 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:49:31 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:49:31 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/18/2013 8:49:31 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
7/18/2013 8:42:33 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:41:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
7/18/2013 8:35:25 PM, Error: Service Control Manager [7023] - The WinDefend service terminated with the following error: The specified module could not be found.
7/18/2013 8:35:25 PM, Error: Service Control Manager [7000] - The TightVNC Server service failed to start due to the following error: The system cannot find the file specified.
7/18/2013 8:35:24 PM, Error: Service Control Manager [7000] - The COMODO LPS Launcher service failed to start due to the following error: The system cannot find the file specified.
7/18/2013 8:33:25 PM, Error: Service Control Manager [7001] - The Windows Installer service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:33:25 PM, Error: Service Control Manager [7001] - The Remote Procedure Call (RPC) service depends on the RPC Endpoint Mapper service which failed to start because of the following error: The service has not been started.
7/18/2013 8:32:46 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Peer Networking Identity Manager service, but this action failed with the following error: An instance of the service is already running.
7/18/2013 8:32:46 PM, Error: Service Control Manager [7023] - The Peer Networking Identity Manager service terminated with the following error: %%-2147416213
7/18/2013 8:32:46 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Networking Identity Manager service which failed to start because of the following error: %%-2147416213
7/18/2013 8:32:46 PM, Error: Service Control Manager [7001] - The Peer Name Resolution Protocol service depends on the Peer Networking Identity Manager service which failed to start because of the following error: %%-2147416213
7/18/2013 8:32:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Server service to connect.
7/18/2013 8:32:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Network Store Interface Service service to connect.
7/18/2013 8:32:43 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
7/18/2013 8:32:43 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
7/18/2013 8:32:43 PM, Error: Service Control Manager [7000] - The Server service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/18/2013 8:32:43 PM, Error: Service Control Manager [7000] - The Network Store Interface Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/18/2013 8:32:15 PM, Error: Service Control Manager [7001] - The Windows Connect Now - Config Registrar service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:32:15 PM, Error: Service Control Manager [7001] - The Quality Windows Audio Video Experience service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:32:15 PM, Error: Service Control Manager [7001] - The Function Discovery Resource Publication service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:31:51 PM, Error: Service Control Manager [7001] - The Windows Search service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:31:25 PM, Error: Service Control Manager [7031] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/18/2013 8:31:21 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
7/18/2013 8:31:13 PM, Error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
7/18/2013 8:30:27 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Secure Socket Tunneling Protocol Service service to connect.
7/18/2013 8:30:27 PM, Error: Service Control Manager [7000] - The Secure Socket Tunneling Protocol Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/18/2013 8:30:24 PM, Error: Service Control Manager [7001] - The Telephony service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:30:24 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the Network Store Interface Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
7/18/2013 8:30:20 PM, Error: Service Control Manager [7001] - The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:30:20 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Network Store Interface Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
7/18/2013 8:30:15 PM, Error: Service Control Manager [7031] - The Windows Connect Now - Config Registrar service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/18/2013 8:30:15 PM, Error: Service Control Manager [7031] - The SSDP Discovery service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
7/18/2013 8:30:15 PM, Error: Service Control Manager [7031] - The Quality Windows Audio Video Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/18/2013 8:30:15 PM, Error: Service Control Manager [7031] - The Function Discovery Resource Publication service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/18/2013 8:30:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SSDP Discovery service to connect.
7/18/2013 8:30:15 PM, Error: Service Control Manager [7000] - The SSDP Discovery service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/18/2013 8:30:00 PM, Error: Service Control Manager [7001] - The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:30:00 PM, Error: Service Control Manager [7001] - The Base Filtering Engine service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:29:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Driver Foundation - User-mode Driver Framework service to connect.
7/18/2013 8:29:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Human Interface Device Access service to connect.
7/18/2013 8:29:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Desktop Window Manager Session Manager service to connect.
7/18/2013 8:29:51 PM, Error: Service Control Manager [7001] - The Offline Files service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:29:51 PM, Error: Service Control Manager [7001] - The Distributed Link Tracking Client service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error: The dependency service or group failed to start.
7/18/2013 8:29:51 PM, Error: Service Control Manager [7000] - The Windows Driver Foundation - User-mode Driver Framework service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
 
Sorry....... this safe mode huge letters, icons ect, is killing me...not to mention
having to use IExplorer when im use to firefox, plz bear with me on this one :)
 
redtarget.gif
Download RogueKiller for 32bit or Roguekiller for 64bit to your Desktop.
  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

redtarget.gif
Create new restore point before proceeding with the next step....
How to:
- Windows 8: http://www.vikitech.com/11302/system-restore-windows-8
- Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
- Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
- XP: http://support.microsoft.com/kb/948247

Download Malwarebytes Anti-Rootkit (MBAR) from HERE
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
 
RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode with network support
User : nibbz [Admin rights]
Mode : Remove -- Date : 07/18/2013 23:37:14
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 6 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified.
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: Hitachi HDT721010SLA360 ATA Device +++++
--- User ---
[MBR] 33e9f5c87420a69f0cbd9f36244ec1d0
[BSP] 71a07554f7e8e2a2e59c9919941791a8 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_D_07182013_233714.txt >>
RKreport[0]_S_07182013_233626.txt
 
Ok , will do.....hopefully my antivirus will work ect....assuming disastus happens ill report back, wish me luck !!
 
Ok, my program files folder is back and seems full, but my web browser Firefox doesn't work, nor does my
antivirus software, which is Comodo....haven't tried anything else yet, should I just re download comodo
and Mozilla ? the files are there, but its like they were uninstalled or something, yet it looked like comodo
defense and firewall was enabled but the antivirus wasn't, I deleted all other guest accounts and files until I find out more, I been thinking about switching to windows security essentials vs commodo, and as far as firefox, im not sure what the safest web browser is....been using firefox for a couple yrs now
 
Cant remove firefox via uninstall programs, nor will it start, get cant start xp.com error, I think im done with commodo paid antivrus also,
gonna try windows security essentials, how do I remove these programs
safely ? windows uninstall feature doesn't work
 
Ok thanks...got everything done except choosing web browser, MS Security Essentials installed, I seem to have all my other programs working okay ect......thank you Broni !!!! again...... for helping me out of a tight spot, wifey is banned from facebook and kids are banned from pc lol
I wish ......tomorrow is payday and I feel the need to send a donation to you again, I thought I lost everything, I had no web browser, system restore only werked when I went to safe mode with networking saved my ***.....first thing I noticed was my program files folder was empty, or invisible, guest cant delete those files so it must have been web attack or
wifey clicked something she shouldn't have...dunno. Broni thanks !!!!!!!
 
You must log in or register to reply here.

Similar threads

midian182
Tom's back! Upcoming documentary to revisit MySpace's glory days
Replies
1
Views
288
Dunkerton
Dunkerton
J
What if Nvidia had acquired Arm?
Replies
12
Views
265
Disiw
D
Cal Jeffrey
PlayStation 5 users can now use pointers to help friends find hidden loot
Replies
2
Views
169
Disiw
D

Latest posts

Back