Inactive Virus turns off installed anti-virus

[maive]

i've tried switching to another anti-virus but still ended up the same. turns off by the virus automatically when you restart my pc.
the only problem i noticed is i can't turn on kaspersky no matter what i do.
tried switching to bitdefender, still the same, i can't turn it on after restart.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7992

Windows 6.1.7601 Service Pack 1 (Safe Mode)
Internet Explorer 9.0.8112.16421

10/21/2011 10:18:10 PM
mbam-log-2011-10-21 (22-18-10).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Objects scanned: 678742
Time elapsed: 1 hour(s), 32 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 26

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\system volume information\systemrestore\frstaging\program files (x86)\internet download manager\patch 5.xx (2008-12-06)(476).exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\program files (x86)\internet download manager\sndk&p(477).exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\Maive\documents\downloads\compressed\vso.software.convertxtodvd.v4.1.19.365.incl.keygen-lz0\nfoviewer(2946).exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\Maive\documents\usb backup\applications\tuneup2010-nickkkdon\core10k(2950).exe (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\Maive\downloads\internet.download.manager.v6.08.8.final.incl.keygen.and.patch-snd\internet.download.manager.v6.08.8.final.incl.keygen.and.patch-snd\SND\sndk&p(2952).exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
d:\program files (x86)\electronic arts\battlefield bad company 2\rld-bbc2.exe (RiskWare.Tool.HCK) -> Quarantined and deleted successfully.
d:\program files (x86)\square enix - eidos interactive\lara croft and the guardian of light\lcgollauncher.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
e:\applications\bitdefender\box_bd2011_3.1\box_bd2011.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
e:\applications\internet download manager 6.05 build 11\keygen-snd\SnDk&p.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
e:\applications\iobit.game.booster.premium.v2.0.multilingual.incl.keymaker-core\CORE10k.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
e:\applications\microsoft windows 7 ultimate retail(final) x86 (32 bit) and x64 (64 bit)\cracks for x64 + x86\all working activators\windows.loader.v1.9.5-sting2324-tp\windows.loader.v1.9.5-sting2324-tp\windows loader\windows loader.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
e:\applications\winrar_3.93_pro_final_activated_latest_akhilesh910\winrar_3.93_pro_final_activated_latest_akhilesh910\winrar3.93.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
e:\game installers\alice madness returns-skidrow\t-alimr1c\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
e:\game installers\bastion.v1.0r11.multi5.cracked.read.nfo-theta\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
e:\game installers\bastion.v1.0r11.multi5.cracked.read.nfo-theta\bastion.v1.0r12.update.cracked-theta\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
e:\game installers\bastion.v1.0r11.multi5.cracked.read.nfo-theta\bastion.v1.0r14.update.cracked-theta\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
e:\game installers\bastion.v1.0r11.multi5.cracked.read.nfo-theta\bastion.v1.0r15.update.cracked-theta\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
e:\game installers\bastion.v1.0r11.multi5.cracked.read.nfo-theta\bbu\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
e:\game installers\Dirt 3\dirt.3-skidrow-crack_only\SKIDROW\SKIDROW.dll (Trojan.Downloader.H) -> Quarantined and deleted successfully.
e:\game installers\Dirt 3\dirt.3.update.1-skidrow\SKIDROW\SKIDROW.dll (Trojan.Downloader.H) -> Quarantined and deleted successfully.
e:\game installers\limbo.v1.0r4.multi9.cracked-theta\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
e:\game installers\magicka.multi4-alias\magicka.v1.4.0.2.multi5.cracked.read.nfo-theta\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
e:\game installers\orcs.must.die-skidrow\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
e:\game installers\orcs.must.die-skidrow\t-omd2u\nfoviewer.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
e:\game patches\lara.croft.and.the.guardian.of.light.update\sr-lcg12\SKIDROW\lcgollauncher.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
e:\game patches\lara.croft.and.the.guardian.of.light.update\sr-lcgu3\SKIDROW\lcgollauncher.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

 

[maive]

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-21 22:59:00
Windows 6.1.7601 Service Pack 1
Running: lv3fbq0n.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x23 0x0A 0xD6 0x11 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xD9 0x63 0x1F 0x4F ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xD8 0xA8 0x61 0x62 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x23 0x0A 0xD6 0x11 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Pro\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xD9 0x63 0x1F 0x4F ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x7F 0x50 0xF9 0x53 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x23 0x0A 0xD6 0x11 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Pro\
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xD9 0x63 0x1F 0x4F ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x7F 0x50 0xF9 0x53 ...

---- EOF - GMER 1.0.15 ----

 

[maive]

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Maive at 23:26:11 on 2011-10-21
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.2143 [GMT 8:00]
.
AV: Kaspersky PURE *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky PURE *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky PURE *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\IObit\Game Booster\gbtray.exe
C:\Fraps\fraps.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Fraps\fraps64.dat
C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
mRun: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [Razer Blackwidow Driver] C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\Microsoft Office\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\Microsoft Office\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - {17A84966-F1E9-4645-AA9E-5E771EE1C859} - C:\Program Files (x86)\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} - hxxps://my.levelupgames.ph/keycrypt/npkcx.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{8F6277B5-0165-40F7-BFCE-CD07BD657A15} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{956ACF95-93C5-46C5-9EC8-BD1F2350DABB} : DhcpNameServer = 121.1.3.81 121.1.3.16 121.1.3.66
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL
BHO-X64: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO-X64: IDM Helper - No File
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
BHO-X64: IEVkbdBHO - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
BHO-X64: link filter bho - No File
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun-x64: [Razer Blackwidow Driver] C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Maive\AppData\Roaming\Mozilla\Firefox\Profiles\8t5dyylu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://myanimelist.net/animelist/maive
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - prefs.js: network.proxy.ftp - 203.84.191.215
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - proxy.smartbro.net
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - 203.84.191.215
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 203.84.191.215
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 203.84.191.215
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 4
FF - component: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\components\bdaphff3.6.dll
FF - component: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\components\bdaphff3.dll
FF - component: C:\Users\Maive\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: C:\Users\Maive\AppData\Roaming\Mozilla\Firefox\Profiles\8t5dyylu.default\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}\components\RadioWMPCore.dll
FF - component: C:\Users\Maive\AppData\Roaming\Mozilla\Firefox\Profiles\8t5dyylu.default\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}\components\RadioWMPCoreGecko19.dll
FF - plugin: C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\Maive\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Users\Maive\AppData\Local\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll
FF - plugin: C:\Users\Maive\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\system32\DRIVERS\CSCrySec.sys --> C:\Windows\system32\DRIVERS\CSCrySec.sys [?]
R0 KLBG;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\DRIVERS\klbg.sys --> C:\Windows\system32\DRIVERS\klbg.sys [?]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys --> C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
R2 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992]
R2 IDMWFP;IDMWFP;C:\Windows\system32\DRIVERS\idmwfp.sys --> C:\Windows\system32\DRIVERS\idmwfp.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-9-13 366152]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-9-27 2027840]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 avchv;avchv Function Driver;C:\Windows\system32\DRIVERS\avchv.sys --> C:\Windows\system32\DRIVERS\avchv.sys [?]
R3 DAdderFltr;DeathAdder Mouse;C:\Windows\system32\drivers\dadder.sys --> C:\Windows\system32\drivers\dadder.sys [?]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 RzSynapse;Razer Driver;C:\Windows\system32\DRIVERS\RzSynapse.sys --> C:\Windows\system32\DRIVERS\RzSynapse.sys [?]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-5-31 11856]
R3 VKbms;Virtual HID Minidriver;C:\Windows\system32\DRIVERS\VKbms.sys --> C:\Windows\system32\DRIVERS\VKbms.sys [?]
S2 AVP;Kaspersky PURE;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe [2010-10-1 348760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 KMService;KMService;C:\Windows\System32\srvany.exe [2010-6-3 8192]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 bdsandbox;bdsandbox;C:\Windows\system32\Drivers\bdsandbox.sys --> C:\Windows\system32\Drivers\bdsandbox.sys [?]
S3 COMMONFX.SYS;COMMONFX.SYS;C:\Windows\system32\drivers\COMMONFX.SYS --> C:\Windows\system32\drivers\COMMONFX.SYS [?]
S3 COMMONFX;COMMONFX;C:\Windows\system32\drivers\COMMONFX.SYS --> C:\Windows\system32\drivers\COMMONFX.SYS [?]
S3 cpuz134;cpuz134;C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [2011-10-19 21480]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-1-11 79360]
S3 CTAUDFX.SYS;CTAUDFX.SYS;C:\Windows\system32\drivers\CTAUDFX.SYS --> C:\Windows\system32\drivers\CTAUDFX.SYS [?]
S3 CTAUDFX;CTAUDFX;C:\Windows\system32\drivers\CTAUDFX.SYS --> C:\Windows\system32\drivers\CTAUDFX.SYS [?]
S3 CTERFXFX.SYS;CTERFXFX.SYS;C:\Windows\system32\drivers\CTERFXFX.SYS --> C:\Windows\system32\drivers\CTERFXFX.SYS [?]
S3 CTERFXFX;CTERFXFX;C:\Windows\system32\drivers\CTERFXFX.SYS --> C:\Windows\system32\drivers\CTERFXFX.SYS [?]
S3 CTSBLFX.SYS;CTSBLFX.SYS;C:\Windows\system32\drivers\CTSBLFX.SYS --> C:\Windows\system32\drivers\CTSBLFX.SYS [?]
S3 CTSBLFX;CTSBLFX;C:\Windows\system32\drivers\CTSBLFX.SYS --> C:\Windows\system32\drivers\CTSBLFX.SYS [?]
S3 CYUSB;Cypress Generic USB Driver;C:\Windows\system32\Drivers\CYUSB.sys --> C:\Windows\system32\Drivers\CYUSB.sys [?]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;D:\Program Files (x86)\Dragon Age Origins\bin_ship\daupdatersvc.service.exe [2011-1-27 25832]
S3 ENTECH64;ENTECH64;C:\Windows\System32\drivers\Entech64.sys [2009-3-30 12744]
S3 FLASHSYS;FLASHSYS;C:\Program Files (x86)\MSI\Live Update 4\LU4\Flashsys64.sys [2010-7-10 15192]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-5-19 130976]
S3 libusb0;LibUsb-Win32 - Kernel Driver 08/27/2006, 0.1.12.0;C:\Windows\system32\DRIVERS\libusb0.sys --> C:\Windows\system32\DRIVERS\libusb0.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2009-8-23 19952]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
.
=============== File Associations ===============
.
inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
JSEFile=C:\Windows\SysWow64\WScript.exe "%1" %*
txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2011-10-22 00:13:26 -------- d-----w- C:\Boot
2011-10-21 08:14:55 -------- d-sh--w- C:\$RECYCLE.BIN
2011-10-20 21:06:29 -------- d-----w- C:\$UPGRADE.~OS
2011-10-20 04:31:27 -------- d-----w- C:\Users\Maive\AppData\Roaming\Kalypso Media
2011-10-20 03:40:33 162392 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
2011-10-20 03:40:33 -------- d--h--we C:\ProgramData\AVP9
2011-10-20 03:39:58 85048 ----a-w- C:\Windows\System32\drivers\CSCrySec.sys
2011-10-20 03:39:58 66104 ----a-w- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
2011-10-20 03:38:40 -------- d-----w- C:\Program Files (x86)\Common Files\InfoWatch
2011-10-20 02:15:21 120547 ----a-w- C:\ProgramData\1319076678.bdinstall.bin
2011-10-20 02:13:47 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Pro
2011-10-20 02:13:08 -------- d-----w- C:\ProgramData\DAEMON Tools Pro
2011-10-20 02:11:22 -------- d-----w- C:\Program Files\Common Files\BitDefender
2011-10-20 00:01:11 120401 ----a-w- C:\ProgramData\1319068595.bdinstall.bin
2011-10-19 23:51:02 115439 ----a-w- C:\ProgramData\1319068173.bdinstall.bin
2011-10-19 13:51:48 356 ----a-w- C:\ProgramData\1319032305.5376.bin
2011-10-19 13:51:48 2655 ----a-w- C:\ProgramData\1319032305.4984.bin
2011-10-19 13:51:48 1870 ----a-w- C:\ProgramData\1319032305.5512.bin
2011-10-19 13:51:48 11089 ----a-w- C:\ProgramData\1319032305.1792.bin
2011-10-19 13:51:46 1919 ----a-w- C:\ProgramData\1319032305.2896.bin
2011-10-19 13:51:46 116 ----a-w- C:\ProgramData\1319032305.5876.bin
2011-10-19 13:51:45 18852 ----a-w- C:\ProgramData\1319032305.2984.bin
2011-10-18 20:17:14 0 ----a-w- C:\Windows\ativpsrm.bin
2011-10-18 16:07:39 -------- d-----w- C:\Program Files (x86)\AMD APP
2011-10-18 16:07:33 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2011-10-18 16:06:21 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2011-10-17 14:23:26 -------- d-----w- C:\ProgramData\n7-89-o9-3r-4t-r9
2011-10-17 14:23:11 -------- d-----w- C:\Users\Maive\AppData\Roaming\GameHouse
2011-10-16 14:19:30 66048 ----a-w- C:\Windows\System32\OpenVideo64.dll
2011-10-16 14:19:26 56832 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2011-10-12 04:16:52 3138048 ----a-w- C:\Windows\System32\win32k.sys
2011-10-12 04:16:36 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2011-10-12 04:16:36 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2011-10-12 04:16:36 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-10-12 04:16:35 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2011-10-12 04:16:18 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-10-12 04:16:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-10-12 04:16:18 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-10-12 04:16:18 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-10-11 08:25:57 -------- d-----w- C:\Users\Maive\AppData\Local\ApplicationHistory
2011-10-11 08:06:53 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2011-10-11 08:06:53 565352 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2011-10-08 18:22:20 21992 ----a-w- C:\Windows\System32\drivers\cpuz135_x64.sys
2011-10-08 18:22:20 -------- d-----w- C:\Program Files\CPUID
2011-10-08 07:57:47 231440 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
2011-10-06 14:30:36 16787456 ----a-w- C:\Windows\System32\amdocl64.dll
2011-10-06 14:29:54 13753856 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-10-06 14:29:04 51200 ----a-w- C:\Windows\System32\OpenCL.dll
2011-10-06 14:29:00 43520 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2011-10-01 14:11:03 145008 ----a-w- C:\Windows\System32\drivers\idmwfp.sys
2011-10-01 13:03:12 -------- d-----w- C:\Users\Maive\AppData\Roaming\GarenaPlus
.
==================== Find3M ====================
.
2011-10-20 02:17:45 27528 ----a-w- C:\Windows\System32\bdsandboxuh.dll
2011-10-20 02:01:16 300426 ----a-w- C:\ProgramData\bdinstall.bin
2011-10-17 02:58:54 10207232 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-10-17 02:16:08 24998912 ----a-w- C:\Windows\System32\atio6axx.dll
2011-10-17 02:07:06 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-10-17 02:06:54 736768 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-10-17 02:05:34 867328 ----a-w- C:\Windows\System32\aticfx64.dll
2011-10-17 02:03:00 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-10-17 02:02:50 487936 ----a-w- C:\Windows\System32\atieclxx.exe
2011-10-17 02:02:14 204288 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-10-17 02:01:02 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-10-17 02:00:46 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-10-17 02:00:38 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-10-17 02:00:26 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-10-17 02:00:22 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2011-10-17 02:00:16 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-10-17 02:00:12 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-10-17 02:00:02 18837504 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-10-17 01:57:08 4231680 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-10-17 01:47:24 4960768 ----a-w- C:\Windows\System32\atidxx64.dll
2011-10-17 01:44:48 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-10-17 01:44:24 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-10-17 01:44:12 4023296 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-10-17 01:39:40 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-10-17 01:39:38 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-10-17 01:39:30 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-10-17 01:39:28 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-10-17 01:39:18 9809920 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-10-17 01:36:58 4289024 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-10-17 01:36:18 8390656 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-10-17 01:34:30 4174848 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-10-17 01:31:24 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-10-17 01:30:58 5431808 ----a-w- C:\Windows\System32\atiumd64.dll
2011-10-17 01:24:16 479744 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-10-17 01:24:08 335872 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-10-17 01:23:58 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-10-17 01:23:54 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-10-17 01:23:54 14336 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-10-17 01:23:50 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-10-17 01:23:44 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-10-17 01:23:36 317952 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-10-17 01:22:48 40960 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-10-17 01:22:40 31744 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-10-17 01:22:34 38912 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-10-17 01:22:26 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-10-17 01:21:40 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-10-17 01:20:24 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2011-10-17 01:20:24 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-10-17 01:20:18 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-10-17 01:20:18 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-10-05 17:51:44 107832 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-10-05 15:24:50 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-27 11:53:40 34624 ----a-w- C:\Windows\System32\TURegOpt.exe
2011-09-27 11:47:02 25920 ----a-w- C:\Windows\System32\authuitu.dll
2011-09-27 11:46:56 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll
2011-09-27 11:46:50 36160 ----a-w- C:\Windows\System32\uxtuneup.dll
2011-09-27 11:46:44 29504 ----a-w- C:\Windows\SysWow64\uxtuneup.dll
2011-09-14 03:47:42 60416 ----a-w- C:\Windows\System32\OVDecode64.dll
2011-09-14 03:47:40 53760 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2011-09-14 03:38:30 44032 ----a-w- C:\Windows\System32\amdoclcl64.dll
2011-09-14 03:38:28 37376 ----a-w- C:\Windows\SysWow64\amdoclcl.dll
2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll
2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-08-31 11:12:00 1698408 ----a-w- C:\Windows\RtlExUpd.dll
2011-08-31 09:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-08-30 09:28:46 3069032 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2011-08-30 08:41:22 1501696 ----a-w- C:\Windows\System32\RCoRes64.dat
2011-08-30 07:09:11 627600 ----a-w- C:\Windows\System32\deployJava1.dll
2011-08-30 05:37:44 2518632 ----a-w- C:\Windows\System32\RtPgEx64.dll
2011-08-24 05:30:06 3201128 ------w- C:\Windows\System32\RtkAPO64.dll
2011-08-23 13:57:24 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2011-08-23 09:00:24 603984 ----a-w- C:\Windows\System32\KAAPORT64.dll
2011-08-23 04:06:12 97896 ----a-w- C:\Windows\System32\RCoInst64.dll
2011-08-19 06:54:12 1881704 ------w- C:\Windows\System32\RtkApi64.dll
2011-08-14 01:16:30 8192 ----a-w- C:\Windows\SysWow64\srvany.exe
2011-08-05 17:29:20 527872 ----a-w- C:\Windows\System32\DTSU2PLFX64.dll
2011-08-05 17:29:20 515584 ----a-w- C:\Windows\System32\DTSU2PGFX64.dll
2011-08-05 17:29:20 439808 ------w- C:\Windows\System32\DTSU2PREC64.dll
2011-07-31 06:51:12 71680 ----a-w- C:\Windows\System32\frapsv64.dll
2011-07-31 06:51:08 65536 ----a-w- C:\Windows\SysWow64\frapsvid.dll
2011-07-27 16:55:14 2604376 ----a-w- C:\Windows\System32\WavesGUILib.dll
2011-07-27 16:55:08 2132824 ----a-w- C:\Windows\System32\MaxxAudioEQ.dll
2010-07-08 02:37:14 101544 ----a-w- C:\Program Files\Common Files\linkinstaller.exe
.
============= FINISH: 23:26:34.50 ===============

 

[maive]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 4/5/2010 6:35:23 AM
System Uptime: 10/21/2011 10:19:07 PM (1 hours ago)
.
Motherboard: XFX | | MI-XG31-CH79
Processor: Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz | CPU1 | 3011/267mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 57.512 GiB free.
D: is FIXED (NTFS) - 488 GiB total, 40.841 GiB free.
E: is FIXED (NTFS) - 443 GiB total, 34.218 GiB free.
F: is FIXED (NTFS) - 233 GiB total, 11.694 GiB free.
G: is CDROM ()
H: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {ff646f80-8def-11d2-9449-00105a075f6b}
Description: pcouffin device for Amd 64 bits systems
Device ID: ROOT\PCOUFFIN\0000
Manufacturer: VSO Software
Name: pcouffin device for Amd 64 bits systems
PNP Device ID: ROOT\PCOUFFIN\0000
Service: pcouffin
.
Class GUID: {4d36e969-e325-11ce-bfc1-08002be10318}
Description: Standard floppy disk controller
Device ID: ACPI\PNP0700\4&10E0BC55&0
Manufacturer: (Standard floppy disk controllers)
Name: Standard floppy disk controller
PNP Device ID: ACPI\PNP0700\4&10E0BC55&0
Service: fdc
.
Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}
Description: BitDefender AVC HV
Device ID: ROOT\SYSTEM\0002
Manufacturer: (Standard system devices)
Name: BitDefender AVC HV
PNP Device ID: ROOT\SYSTEM\0002
Service: avchv
.
==== System Restore Points ===================
.
RP535: 10/21/2011 10:24:33 PM - Removed service pack backup files
.
==== Installed Programs ======================
.
µTorrent
Activision(R)
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.6
Advertising Center
Alice: Madness Returns
Alien Breed 2: Assault
Amnesia - The Dark Descent
Anno 1404
ANNO 1404 - Venice
Apple Application Support
Apple Software Update
Assassin's Creed Brotherhood
AviSynth 2.5
Bandisoft MPEG-1 Decoder
Bejeweled 3
Bing Bar
Blade Kitten
Borderlands
Brink
BufferChm
Bulletstorm
Call of Duty(R) 4 - Modern Warfare(TM)
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
Call of Duty: Black Ops
Call of Juarez The Cartel
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CDisplay 1.8
Combined Community Codec Pack 2011-06-26
Company of Heroes
Company of Heroes - FAKEMSI
Conduit Engine
ConvertXtoDVD 4.1.19.365
Copy
Creative Audio Console
Creative Software AutoUpdate
Crysis® 2
Cucusoft Ultimate DVD + Video Converter Suite 8.3.8.3
D3DX10
DAEMON Tools Pro
Dead Space™ 2
DeathSpank
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
Deus Ex - Human Revolution
Deus Ex Human Revolution - The Missing Link
DeviceDiscovery
DeviceManagementQFolder
DiRT 3
DiRT2
Disciples III: Resurrection
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Setup
DJ_AIO_03_F4200_Software_Min
DocProc
DocProcQFolder
DoWar2R
Dragon Age II
Dragon Age: Origins
Dragon Nest SEA
Driver Sweeper version 3.2.0
eSupportQFolder
EVEREST Ultimate Edition v4.60
F.E.A.R. 3
F4200
Feedback Tool
Feeding Frenzy 2
Final Uninstaller
Fraps (remove only)
Futuremark SystemInfo
Game Booster 3
Garena
Garena Messenger
GhostbustersSOS
Google Chrome
GPBaseService
GPBaseService2
Handy Recovery 4.0
Hard Reset
HiJackThis
HP Update
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
Hunted The Demons Forge
HydraVision
Hydrophobia: Prophecy
ImgBurn
Internet Download Manager
Java Auto Updater
Java(TM) 6 Update 26
Java(TM) 6 Update 5
JCreator LE 5.00
Just Cause 2
K-Lite Codec Pack 5.8.3 (Full)
Kaspersky PURE
Lara Croft and the Guardian of Light
Left 4 Dead 2 Demo
Liveupdate4
LOST PLANET 2
Mafia II DLC Joe's Adventures
Magic The Gathering - Duels of the Planeswalkers
Malwarebytes' Anti-Malware version 1.51.2.1300
MarketResearch
Mass Effect 2
Metro 2033 Update 2
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Silverlight
Microsoft SOAP Toolkit 3.0
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual J# 2.0 Redistributable Package
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 3.1
Mirror's Edge™
Mozilla Firefox 7.0.1 (x86 en-US)
MSI Afterburner 1.6.1
MSI Kombustor v1.0.10
MSVCRT
MSVCSetup
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero ControlCenter
Nero Multimedia Suite
Nero PhotoSnap
Nero Recode
Nero Rescue Agent
Nero ShowTime
Nero StartSmart
Nero Vision
Nero WaveEditor
NeroBurningROM
NeroExpress
neroxml
Nexon Game Manager
Nuclear Coffee - VideoGet
NVIDIA PhysX
OpenAL
Orcs Must Die!
Pando Media Booster
PC Wizard 2010.1.96
Portal 2
PSP Video 9 6
PunkBuster Services
QuickTime
Rage
Rapture3D 2.4.8 Game
Razer BlackWidow Ultimate
Razer BlackWidow Ultimate Firmware Updater
Razer DeathAdder(TM) Mouse
Real Alternative 2.0.2
Realtek Ethernet Controller Driver
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Red Faction Armageddon
RESIDENT EVIL 5
RocketDock 1.3.5
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Excel 2010 (KB2553070)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2584066)
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
SmartWebPrinting
SolutionCenter
SoundTrax
Spider-Man(TM) - Shattered Dimensions
Split/Second
StarCraft II
Status
Steam
Super Mp3 Download
SUPER STREET FIGHTER IV: ARCADE EDITION
System Requirements Lab
The Witcher 2
The Witcher Enhanced Edition
The Witcher Grafikmods 1.0
Tom Clancy's Rainbow Six Vegas 2
Toolbox
Total Video Converter 3.21 090220
TrayApp
TuneUp Utilities 2011
TuneUp Utilities Language Pack (en-US)
Ubisoft Game Launcher
Unity Web Player
UnloadSupport
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Outlook Social Connector (KB2583935)
VC80CRTRedist - 8.0.50727.4053
Veoh Web Player
Visual C++ 8.0 CRT (x86) WinSXS MSM
VLC media player 1.1.11
Warcraft III
Warcraft III: All Products
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Player Firefox Plugin
Winrar 3.93
Xfire (remove only)
XviD4PSP 5.0
Yahoo! BrowserPlus 2.8.1
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
10/21/2011 8:41:14 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
10/21/2011 8:41:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
10/21/2011 8:41:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
10/21/2011 8:41:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/21/2011 8:41:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
10/21/2011 8:40:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSVirtualDiskDrv DfsC discache kl1 KLIF KLIM6 NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx Wanarpv6 WfpLwf
10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/21/2011 8:40:55 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
10/21/2011 8:40:52 PM, Error: Service Control Manager [7001] - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start.
10/21/2011 8:40:32 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .
10/21/2011 8:05:13 PM, Error: Service Control Manager [7034] - The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).
10/21/2011 6:30:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service HomeGroupProvider with arguments "" in order to run the server: {EA022610-0748-4C24-B229-6C507EBDFDBB}
10/21/2011 5:18:59 AM, Error: Service Control Manager [7024] - The Distributed Transaction Coordinator service terminated with service-specific error %%-1073737712.
10/21/2011 4:26:04 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
10/21/2011 4:16:38 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
10/21/2011 10:33:58 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004
10/21/2011 10:19:52 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
10/20/2011 9:30:37 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Type with the following error: Access is denied.
10/20/2011 8:47:33 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: bdfwfpf
10/20/2011 8:45:44 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VSSERV service.
10/20/2011 8:40:11 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
10/20/2011 8:40:11 AM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/20/2011 8:32:28 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
10/20/2011 8:31:37 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.
10/20/2011 8:24:31 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avc3 bdfwfpf BDVEDISK DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx Wanarpv6 WfpLwf
10/20/2011 8:00:24 AM, Error: Service Control Manager [7000] - The bdfwfpf service failed to start due to the following error: The system cannot find the file specified.
10/20/2011 7:30:29 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for DelayedAutostart with the following error: Access is denied.
10/20/2011 7:07:22 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.
10/20/2011 3:46:39 AM, Error: Service Control Manager [7000] - The BDFM service failed to start due to the following error: The system cannot find the file specified.
10/20/2011 11:33:35 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
10/20/2011 11:33:35 AM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/20/2011 11:33:04 AM, Error: Service Control Manager [7000] - The SafeBox service failed to start due to the following error: The system cannot find the file specified.
10/20/2011 11:24:13 AM, Error: Service Control Manager [7034] - The BitDefender Virus Shield service terminated unexpectedly. It has done this 2 time(s).
10/20/2011 11:23:57 AM, Error: Service Control Manager [7034] - The BitDefender Desktop Update Service service terminated unexpectedly. It has done this 1 time(s).
10/20/2011 11:21:03 AM, Error: Service Control Manager [7016] - The BitDefender Virus Shield service has reported an invalid current state 14.
10/20/2011 10:51:48 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.
10/20/2011 10:49:35 AM, Error: Service Control Manager [7034] - The BitDefender Virus Shield service terminated unexpectedly. It has done this 1 time(s).
10/20/2011 10:34:04 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avc3 BdfNdisf bdfwfpf BDVEDISK DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx Wanarpv6 WfpLwf
10/20/2011 10:18:00 AM, Error: Service Control Manager [7016] - The VSSERV service has reported an invalid current state 14.
10/19/2011 4:37:06 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3.
10/16/2011 12:27:36 PM, Error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================

 

[maive]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:30:02 PM, on 10/21/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Game Booster\gbtray.exe
C:\Fraps\fraps.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Razer Blackwidow Driver] C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files (x86)\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files (x86)\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - https://my.levelupgames.ph/keycrypt/npkcx.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky PURE (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - D:\Program Files (x86)\Dragon Age Origins\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\Windows\SysWOW64\npkcsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 12860 bytes

 

[Bobbye]

I have closed your duplicate thread. If there was anything in it that is not included in this thread, please paste it in your next reply. If you had waited a minute or 2, you would have seen your thread.

Please read our instructions carefully Malwarebytes should have been a Quick Scan. HijackThis is not included in the preliminary steps.

Mist of the active entries in M\bam are from pirated software. You will have to remove it to continue support:

Download CKScanner and save to your desktop.

• Doubleclick CKScanner.exe and click Search For Files.
• When the cursor hourglass disappears, click Save List To File.
• A message box will verify that the file is saved.
• Double-click the CKFiles.txt icon on your desktop and copy/paste the contents
  in your next reply.

======================================
My Guidelines: please read and follow:

• Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
• Read my instructions carefully. If you don't understand or have a problem, ask me.
• If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
• Follow the order of the tasks I give you. Order is crucial in cleaning process.
• File sharing programs should be uninstalled or disabled during the cleaning process..
• Observe these:
  [o] Don't use any other cleaning programs or scans while I'm helping you.
  [o] Don't use a Registry cleaner or make any changes in the Registry.
  [o] Don't download and install new programs- except those I give you.
• Please let me know if there is any change in the system.

If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
=====================================