Jump to content

dino21

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Ran Combofix and then FRST with the fix option, that removed/corrected whatever the issue was, PC is back to normal & able to do scans. Thanks.
  2. Thanks for the reply. Here are the logs: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-10-2013 Ran by RG (administrator) on RAUL-PC on 22-10-2013 13:04:02 Running from C:\Documents and Settings\RG\Desktop Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe () C:\WINDOWS\system32\ANIWConnService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe (Google Inc.) C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe (Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe (Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe (Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciServiceHost.exe () C:\Program Files\CDBurnerXP\NMSAccessU.exe () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe (Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe () C:\Program Files\CyberLink\Shared files\RichVideo.exe () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe (Webroot Software, Inc.) C:\Program Files\Webroot\Washer\WasherSvc.exe (Check Point Software Technologies, Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe () C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe (Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe () C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe (Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Innovative Solutions GRUP SRL) K:\Azureus downloads\Advanced Uninstaller Pro 9.1\Crack\Monitor.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Opera Software) C:\Program Files\Opera10.01\opera.exe () C:\Documents and Settings\RG\Desktop\RogueKiller.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [NVMixerTray] - C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [131072 2004-12-20] (NVIDIA Corporation) HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [ZoneAlarm] - C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-08-12] (Check Point Software Technologies LTD) HKLM\...\Run: [HTC Sync Loader] - C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [655360 2012-12-12] () HKLM\...\Run: [iSW] - C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [738984 2012-07-14] (Check Point Software Technologies) HKLM Group Policy restriction on software: C:\Program Files\Alwil Software <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\BitDefender <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Lavasoft <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files\Panda Security <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files\ESET <====== ATTENTION Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) HKCU\...\Run: [Advanced Uninstaller PRO Installation Monitor] - K:\Azureus downloads\Advanced Uninstaller Pro 9.1\Crack\Monitor.exe [920976 2008-07-08] (Innovative Solutions GRUP SRL) HKCU\...\Run: [sUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [4616064 2011-12-08] (SUPERAntiSpyware.com) HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" HKU\Administrator.XXX-53E9B60FB0D\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" HKU\Administrator.XXX-53E9B60FB0D.000\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" HKU\Administrator.XXX-53E9B60FB0D.001\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" HKU\Administrator.XXX-53E9B60FB0D.002\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" Lsa: [Authentication Packages] msv1_0 relog_ap BootExecute: autocheck autochk * sprestrtsprestrt ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll (Check Point Software Technologies LTD) BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO: PodcastBHO Class - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation) BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll (Zeon Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll No File Toolbar: HKLM - No Name - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File Toolbar: HKLM - Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll (Zeon Corporation) Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) Toolbar: HKLM - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll (Check Point Software Technologies LTD) Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKCU - Winamp Toolbar - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll No File Toolbar: HKCU - No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File Toolbar: HKCU - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} http://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.microsoft.com/mats/DiagWebControl.cab DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation) ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-18] (SuperAdBlocker.com) Winsock: Catalog5 01 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default FF user.js: detected! => C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\user.js FF Homepage: https://www.google.com/ FF NetworkProxy: "http", "119.252.162.210" FF NetworkProxy: "http_port", 8080 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @checkpoint.com/FFApi - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll No File FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @doubletwist.com/NPPodcast - C:\Program Files\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation) FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF Plugin: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @veetle.com/vbp;version=0.9.4 - C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc) FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.15 - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.15 - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\searchplugins\winamp-search.xml FF SearchPlugin: C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\searchplugins\zonealarm.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\ask.xml FF Extension: zonealarm.com - C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\Extensions\ffxtlbr@zonealarm.com FF Extension: Winamp Toolbar - C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\Extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} FF Extension: FireShot - C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} FF Extension: No Name - C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} FF Extension: freehdsport - C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\Extensions\freehdsport@freehdsport.tv.xpi FF Extension: No Name - C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi FF Extension: No Name - C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\TrustChecker FF Extension: No Name - C:\Program Files\CheckPoint\ZAForceField\TrustChecker FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird ========================== Services (Whitelisted) ================= R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-11] (SUPERAntiSpyware.com) R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [411168 2007-02-16] (Acronis) R2 AdobeActiveFileMonitor10.0; C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated) R2 ANIWConnService; C:\WINDOWS\system32\ANIWConnService.exe [151552 2009-07-07] () S3 AresChatServer; C:\Program Files\Ares\chatServer.exe [398336 2009-01-27] (Ares Development Group) S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [67360 2010-01-25] (NOS Microsystems Ltd.) S2 gupdate1c9b1898cf0d880; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-03-30] (Google Inc.) R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG) S2 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [497320 2012-07-14] (Check Point Software Technologies) S2 LIVESRV; C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe [278528 2008-08-07] (SOFTWIN S.R.L.) S3 LPDSVC; C:\Windows\system32\tcpsvcs.exe [19456 2006-02-28] (Microsoft Corporation) R2 NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] () R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [272024 2008-04-04] () R2 SWAS_Core; C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe [1449984 2008-04-15] () R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2445304 2013-08-12] (Check Point Software Technologies LTD) R2 wwEngineSvc; C:\Program Files\Webroot\Washer\WasherSvc.exe [598856 2007-11-26] (Webroot Software, Inc.) R2 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [54160 2013-06-18] (Check Point Software Technologies, Ltd.) R2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" ==================== Drivers (Whitelisted) ==================== S3 61883; C:\Windows\System32\DRIVERS\61883.sys [48128 2004-08-03] (Microsoft Corporation) S3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [2317504 2005-04-18] (Realtek Semiconductor Corp.) S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-17] (Creative) S1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [36352 2005-03-09] (Advanced Micro Devices) R2 ANIO; C:\WINDOWS\system32\ANIO.SYS [29411 2009-02-09] () R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [100328 2011-03-04] (ASMedia Technology Inc) R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [309224 2011-03-04] (ASMedia Technology Inc) R1 BANTExt; C:\Windows\System32\Drivers\BANTExt.sys [3840 2008-02-27] () S3 cpuz132; C:\WINDOWS\system32\drivers\cpuz132_x32.sys [12672 2009-03-27] (Windows ® Codename Longhorn DDK provider) S3 DCamUSBEMPIA; C:\Windows\System32\DRIVERS\emDevice.sys [100957 2005-12-21] (eMPIA Technology, Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [232512 2011-10-20] (DT Soft Ltd) S3 emAudio; C:\Windows\System32\drivers\emAudio.sys [22528 2006-12-12] (Pinnacle Systems GmbH) S3 FiltUSBEMPIA; C:\Windows\System32\DRIVERS\emFilter.sys [5245 2005-12-21] (eMPIA Technology, Inc.) R2 iPodDrv; C:\WINDOWS\system32\drivers\iPodDrv.sys [6656 2010-11-04] (Windows ® Codename Longhorn DDK provider) R3 k57w2k; C:\Windows\System32\DRIVERS\k57xp32.sys [237096 2011-05-09] (Broadcom Corporation) R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [136024 2013-08-04] (Kaspersky Lab ZAO) R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11352 2012-01-09] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [586584 2013-08-04] (Kaspersky Lab) R3 klim5; C:\Windows\System32\DRIVERS\klim5.sys [35672 2012-11-15] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [43608 2012-11-15] (Kaspersky Lab) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145064 2013-08-04] (Kaspersky Lab ZAO) R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-24] (Pinnacle Systems GmbH) R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [46080 2011-11-10] (Intel Corporation) S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-17] (Creative Technology Ltd.) S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15360 2006-02-28] (Microsoft Corporation) S3 MREMP50; C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [21248 2009-09-15] (Printing Communications Assoc., Inc. (PCAUSA)) S3 MRESP50; C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [20096 2009-09-15] (Printing Communications Assoc., Inc. (PCAUSA)) S3 MS1000; C:\Windows\System32\DRIVERS\MS1000.sys [5376 2009-01-23] () S3 ms_mpu401; C:\Windows\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation) S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-12] () S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2006-02-28] (Microsoft Corporation) S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-06-01] (Microsoft Corporation) R0 nvata; C:\Windows\System32\DRIVERS\nvata.sys [100736 2006-04-24] (NVIDIA Corporation) S3 nvax; C:\Windows\System32\drivers\nvax.sys [53376 2005-07-26] (NVIDIA Corporation) S3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [54784 2008-08-01] (NVIDIA Corporation) S3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2008-08-01] (NVIDIA Corporation) S3 nvnforce; C:\Windows\System32\drivers\nvapu.sys [415360 2005-07-26] (NVIDIA Corporation) S3 rt2870; C:\Windows\System32\DRIVERS\Drt2870.sys [724736 2009-08-03] (Ralink Technology, Corp.) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 ScanUSBEMPIA; C:\Windows\System32\DRIVERS\emScan.sys [4493 2005-12-21] (eMPIA Technology, Inc.) S3 Secdrv; C:\Windows\System32\DRIVERS\secdrv.sys [27440 2006-02-28] () R0 Si3114r5; C:\Windows\System32\DRIVERS\Si3114r5.sys [211496 2008-11-25] (Silicon Image, Inc) R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [17064 2008-11-25] (Silicon Image, Inc.) R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [12200 2008-11-25] (Silicon Image, Inc.) S3 SONYPVU1; C:\Windows\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-03-08] (Duplex Secure Ltd.) S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [7168 2009-11-12] () R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [32768 2008-09-09] (Acronis) U3 TrueSight; C:\WINDOWS\system32\TrueSight.sys [26624 2013-10-22] () S3 TVICHW32; C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [23600 2008-07-15] (EnTech Taiwan) R1 Vsdatant; C:\Windows\System32\vsdatant.sys [528232 2013-08-12] (Check Point Software Technologies LTD) S3 yukonwxp; C:\Windows\System32\DRIVERS\yk51x86.sys [285952 2007-12-06] (Marvell) S3 AR9271; system32\DRIVERS\athuw.sys [x] S3 AsrCDDrv; \??\C:\WINDOWS\system32\Drivers\AsrCDDrv.sys [x] S3 catchme; \??\C:\DOCUME~1\RG\LOCALS~1\Temp\catchme.sys [x] S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [x] S4 IntelIde; No ImagePath S2 ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [x] U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74584 2013-08-04] (Kaspersky Lab) S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [x] S3 Profos; \??\C:\Program Files\Softwin\BitDefender10\profos.sys [x] U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96256 2006-02-28] (Microsoft Corporation) S2 SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [x] U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [223616 2006-02-28] (Microsoft Corporation) S0 tgsbnnve; System32\drivers\gdduv.sys [x] S3 Trufos; \??\C:\Program Files\Softwin\BitDefender10\trufos.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-22 13:03 - 2013-10-22 13:03 - 01087503 _____ (Farbar) C:\Documents and Settings\RG\Desktop\FRST.exe 2013-10-22 13:01 - 2013-10-22 13:01 - 00002484 _____ C:\Documents and Settings\RG\Desktop\RKreport[0]_S_10222013_130110.txt 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _____ C:\Documents and Settings\RG\Desktop\RKreport[0]_S_10222013_125720.txt 2013-10-22 12:57 - 2013-10-22 12:57 - 00001689 ____H C:\WINDOWS\system32\BTImages.dat 2013-10-22 12:55 - 2013-10-22 12:55 - 00026624 _____ C:\WINDOWS\system32\TrueSight.sys 2013-10-22 12:54 - 2013-10-22 12:54 - 00955392 _____ C:\Documents and Settings\RG\Desktop\RogueKiller.exe 2013-10-22 09:42 - 2013-10-22 09:42 - 00000000 ____D C:\FRST 2013-10-22 08:12 - 2013-10-22 08:27 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk 2013-10-22 08:12 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2013-10-22 07:21 - 2013-10-22 08:57 - 00024321 _____ C:\WINDOWS\setupapi.log 2013-10-22 07:21 - 2013-10-22 07:23 - 00417425 _____ C:\WINDOWS\system32\vsconfig.xml 2013-10-22 07:21 - 2013-10-22 07:21 - 00000000 ____D C:\Documents and Settings\RG\Local Settings\Application Data\DoNotTrackPlus 2013-10-22 07:21 - 2013-08-04 00:02 - 00145064 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kneps.sys 2013-10-22 07:21 - 2013-08-04 00:02 - 00074584 _____ (Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys 2013-10-22 07:21 - 2012-11-15 21:06 - 00043608 _____ (Kaspersky Lab) C:\WINDOWS\system32\Drivers\kltdi.sys 2013-10-22 07:21 - 2012-11-15 21:06 - 00035672 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klim5.sys 2013-10-22 07:20 - 2013-10-22 07:20 - 00000539 _____ C:\Documents and Settings\All Users\Desktop\ZoneAlarm Security.lnk 2013-10-22 07:19 - 2013-10-22 07:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB943232$ 2013-10-22 07:00 - 2013-10-22 07:00 - 00000000 __SHD C:\Documents and Settings\Administrator.XXX-53E9B60FB0D.003\PrivacIE 2013-10-22 06:23 - 2013-10-22 06:23 - 00000000 ____D C:\WINDOWS\ERUNT 2013-10-22 00:49 - 2013-10-22 00:49 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable) 2013-10-22 00:48 - 2013-10-22 00:49 - 00000000 ____D C:\Documents and Settings\RG\Desktop\mbar 2013-10-22 00:24 - 2013-10-22 07:49 - 00000000 ____D C:\Documents and Settings\RG\Speclean 2013-10-22 00:20 - 2013-10-22 09:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ESET 2013-10-21 23:53 - 2013-08-04 00:02 - 00586584 _____ (Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys 2013-10-21 23:53 - 2013-08-04 00:02 - 00136024 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl1.sys 2013-10-21 23:53 - 2012-01-09 18:59 - 00011352 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl2.sys 2013-10-21 23:51 - 2013-10-22 11:48 - 00000820 _____ C:\WINDOWS\Tasks\Google Software Updater.job 2013-10-21 23:35 - 2013-10-21 23:35 - 00028217 _____ C:\ComboFix.txt 2013-10-21 23:25 - 2013-10-21 23:25 - 00000000 _RSHD C:\cmdcons 2013-10-21 23:25 - 2013-10-21 23:00 - 00000223 _____ C:\Boot.bak 2013-10-21 23:25 - 2004-08-03 23:00 - 00260272 __RSH C:\cmldr 2013-10-21 23:23 - 2013-10-21 23:35 - 00000000 ____D C:\Qoobox 2013-10-21 23:23 - 2013-10-21 23:34 - 00000000 ____D C:\WINDOWS\erdnt 2013-10-21 23:23 - 2011-06-26 01:45 - 00256000 _____ C:\WINDOWS\PEV.exe 2013-10-21 23:23 - 2010-11-07 12:20 - 00208896 _____ C:\WINDOWS\MBR.exe 2013-10-21 23:23 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe 2013-10-21 23:23 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe 2013-10-21 23:23 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe 2013-10-21 23:23 - 2000-08-30 19:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe 2013-10-21 23:23 - 2000-08-30 19:00 - 00098816 _____ C:\WINDOWS\sed.exe 2013-10-21 23:23 - 2000-08-30 19:00 - 00080412 _____ C:\WINDOWS\grep.exe 2013-10-21 23:23 - 2000-08-30 19:00 - 00068096 _____ C:\WINDOWS\zip.exe 2013-10-21 23:22 - 2013-10-21 23:22 - 05136138 ____R (Swearware) C:\Documents and Settings\RG\Desktop\ComboFix.exe 2013-10-21 23:05 - 2013-10-21 23:18 - 00000000 ____D C:\Documents and Settings\RG\Desktop\RK_Quarantine 2013-10-21 16:19 - 2013-10-21 16:21 - 00001030 _____ C:\WINDOWS\system32\PCloudCleanerService.log 2013-10-21 15:50 - 2013-10-21 15:50 - 00000935 _____ C:\Documents and Settings\All Users\Desktop\Panda Cloud Cleaner.lnk 2013-10-21 15:50 - 2013-10-21 15:50 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Panda Security 2013-10-02 09:46 - 2013-10-03 07:37 - 00000000 ____D C:\Program Files\Mozilla Firefox ==================== One Month Modified Files and Folders ======= 2013-10-22 13:03 - 2013-10-22 13:03 - 01087503 _____ (Farbar) C:\Documents and Settings\RG\Desktop\FRST.exe 2013-10-22 13:01 - 2013-10-22 13:01 - 00002484 _____ C:\Documents and Settings\RG\Desktop\RKreport[0]_S_10222013_130110.txt 2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _____ C:\Documents and Settings\RG\Desktop\RKreport[0]_S_10222013_125720.txt 2013-10-22 12:57 - 2013-10-22 12:57 - 00001689 ____H C:\WINDOWS\system32\BTImages.dat 2013-10-22 12:55 - 2013-10-22 12:55 - 00026624 _____ C:\WINDOWS\system32\TrueSight.sys 2013-10-22 12:55 - 2010-07-21 11:04 - 00000000 ____D C:\Documents and Settings\RG\My Documents\Resumes 2013-10-22 12:54 - 2013-10-22 12:54 - 00955392 _____ C:\Documents and Settings\RG\Desktop\RogueKiller.exe 2013-10-22 12:47 - 2008-07-07 19:54 - 00000000 ____D C:\Documents and Settings\RG 2013-10-22 12:46 - 2009-06-30 09:59 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-22 11:48 - 2013-10-21 23:51 - 00000820 _____ C:\WINDOWS\Tasks\Google Software Updater.job 2013-10-22 11:10 - 2008-07-07 18:22 - 00647381 _____ C:\WINDOWS\WindowsUpdate.log 2013-10-22 09:42 - 2013-10-22 09:42 - 00000000 ____D C:\FRST 2013-10-22 09:36 - 2008-07-07 13:11 - 00625494 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-10-22 09:32 - 2013-08-06 15:59 - 00000000 ____D C:\Documents and Settings\RG\Local Settings\Application Data\HTC MediaHub 2013-10-22 09:32 - 2013-08-06 15:46 - 00000000 ____D C:\Documents and Settings\RG\Local Settings\Application Data\Htc 2013-10-22 09:31 - 2009-06-30 09:59 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-22 09:31 - 2008-07-07 19:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-10-22 09:31 - 2008-07-07 13:14 - 00000159 _____ C:\WINDOWS\wiadebug.log 2013-10-22 09:31 - 2008-07-07 13:14 - 00000050 _____ C:\WINDOWS\wiaservc.log 2013-10-22 09:31 - 2006-02-28 07:00 - 00012598 _____ C:\WINDOWS\system32\wpa.dbl 2013-10-22 09:30 - 2008-07-07 19:52 - 00032582 _____ C:\WINDOWS\SchedLgU.Txt 2013-10-22 09:26 - 2013-10-22 00:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ESET 2013-10-22 09:26 - 2012-01-09 10:50 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2013-10-22 09:26 - 2009-01-23 17:04 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware 2013-10-22 08:57 - 2013-10-22 07:21 - 00024321 _____ C:\WINDOWS\setupapi.log 2013-10-22 08:27 - 2013-10-22 08:12 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk 2013-10-22 07:49 - 2013-10-22 00:24 - 00000000 ____D C:\Documents and Settings\RG\Speclean 2013-10-22 07:44 - 2010-01-14 13:17 - 00000000 ____D C:\Program Files\ESET 2013-10-22 07:23 - 2013-10-22 07:21 - 00417425 _____ C:\WINDOWS\system32\vsconfig.xml 2013-10-22 07:22 - 2008-07-07 19:54 - 00000178 ___SH C:\Documents and Settings\RG\ntuser.ini 2013-10-22 07:21 - 2013-10-22 07:21 - 00000000 ____D C:\Documents and Settings\RG\Local Settings\Application Data\DoNotTrackPlus 2013-10-22 07:20 - 2013-10-22 07:20 - 00000539 _____ C:\Documents and Settings\All Users\Desktop\ZoneAlarm Security.lnk 2013-10-22 07:19 - 2013-10-22 07:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB943232$ 2013-10-22 07:19 - 2012-04-11 03:00 - 00062431 _____ C:\WINDOWS\updspapi.log 2013-10-22 07:19 - 2012-02-15 04:00 - 00365096 _____ C:\WINDOWS\iis6.log 2013-10-22 07:19 - 2012-02-15 04:00 - 00240821 _____ C:\WINDOWS\FaxSetup.log 2013-10-22 07:19 - 2012-02-15 04:00 - 00134506 _____ C:\WINDOWS\ocgen.log 2013-10-22 07:19 - 2012-02-15 04:00 - 00122473 _____ C:\WINDOWS\tsoc.log 2013-10-22 07:19 - 2012-02-15 04:00 - 00114142 _____ C:\WINDOWS\comsetup.log 2013-10-22 07:19 - 2012-02-15 04:00 - 00085270 _____ C:\WINDOWS\msmqinst.log 2013-10-22 07:19 - 2012-02-15 04:00 - 00066912 _____ C:\WINDOWS\ntdtcsetup.log 2013-10-22 07:19 - 2012-02-15 04:00 - 00043994 _____ C:\WINDOWS\netfxocm.log 2013-10-22 07:19 - 2012-02-15 04:00 - 00018461 _____ C:\WINDOWS\MedCtrOC.log 2013-10-22 07:19 - 2012-02-15 04:00 - 00013735 _____ C:\WINDOWS\ocmsn.log 2013-10-22 07:19 - 2012-02-15 04:00 - 00013473 _____ C:\WINDOWS\tabletoc.log 2013-10-22 07:19 - 2012-02-15 04:00 - 00012692 _____ C:\WINDOWS\msgsocm.log 2013-10-22 07:19 - 2012-02-15 04:00 - 00001393 _____ C:\WINDOWS\imsins.log 2013-10-22 07:00 - 2013-10-22 07:00 - 00000000 __SHD C:\Documents and Settings\Administrator.XXX-53E9B60FB0D.003\PrivacIE 2013-10-22 07:00 - 2008-07-13 17:41 - 00000000 ____D C:\Documents and Settings\Administrator.XXX-53E9B60FB0D.003 2013-10-22 06:56 - 2008-07-07 13:03 - 00000000 ____D C:\WINDOWS\security 2013-10-22 06:36 - 2008-07-07 13:09 - 00000339 __RSH C:\boot.ini 2013-10-22 06:36 - 2006-02-28 07:00 - 00000659 _____ C:\WINDOWS\win.ini 2013-10-22 06:36 - 2006-02-28 07:00 - 00000227 _____ C:\WINDOWS\system.ini 2013-10-22 06:23 - 2013-10-22 06:23 - 00000000 ____D C:\WINDOWS\ERUNT 2013-10-22 01:04 - 2008-07-07 13:03 - 00000000 ____D C:\WINDOWS\pchealth 2013-10-22 01:02 - 2010-03-19 17:53 - 00000000 ____D C:\Documents and Settings\RG\Local Settings\Application Data\Mirillis 2013-10-22 00:58 - 2008-07-07 23:53 - 00169984 _____ C:\Documents and Settings\RG\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-10-22 00:49 - 2013-10-22 00:49 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable) 2013-10-22 00:49 - 2013-10-22 00:48 - 00000000 ____D C:\Documents and Settings\RG\Desktop\mbar 2013-10-22 00:22 - 2012-09-14 22:35 - 01093229 _____ C:\WINDOWS\setupapi.log.2.old 2013-10-21 23:53 - 2009-10-29 11:09 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat 2013-10-21 23:35 - 2013-10-21 23:35 - 00028217 _____ C:\ComboFix.txt 2013-10-21 23:35 - 2013-10-21 23:23 - 00000000 ____D C:\Qoobox 2013-10-21 23:34 - 2013-10-21 23:23 - 00000000 ____D C:\WINDOWS\erdnt 2013-10-21 23:25 - 2013-10-21 23:25 - 00000000 _RSHD C:\cmdcons 2013-10-21 23:22 - 2013-10-21 23:22 - 05136138 ____R (Swearware) C:\Documents and Settings\RG\Desktop\ComboFix.exe 2013-10-21 23:18 - 2013-10-21 23:05 - 00000000 ____D C:\Documents and Settings\RG\Desktop\RK_Quarantine 2013-10-21 23:00 - 2013-10-21 23:25 - 00000223 _____ C:\Boot.bak 2013-10-21 16:21 - 2013-10-21 16:19 - 00001030 _____ C:\WINDOWS\system32\PCloudCleanerService.log 2013-10-21 15:50 - 2013-10-21 15:50 - 00000935 _____ C:\Documents and Settings\All Users\Desktop\Panda Cloud Cleaner.lnk 2013-10-21 15:50 - 2013-10-21 15:50 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Panda Security 2013-10-21 15:50 - 2009-10-30 09:59 - 00000000 ____D C:\Program Files\Panda Security 2013-10-21 09:02 - 2008-07-12 16:07 - 00000000 ____D C:\Documents and Settings\RG\Application Data\Azureus 2013-10-17 10:48 - 2008-07-12 15:47 - 00000000 ____D C:\Documents and Settings\RG\Application Data\Corel 2013-10-17 10:33 - 2008-07-12 15:47 - 00003400 ___SH C:\WINDOWS\system32\KGyGaAvL.sys 2013-10-17 10:33 - 2008-07-12 15:47 - 00000000 ____D C:\Documents and Settings\RG\My Documents\My PSP Files 2013-10-14 11:10 - 2013-04-10 08:39 - 00000026 _____ C:\WINDOWS\Zone.Identifier 2013-10-13 03:27 - 2012-02-17 09:47 - 00048586 _____ C:\WINDOWS\wmsetup.log 2013-10-12 19:56 - 2008-07-11 13:52 - 00000000 ____D C:\Documents and Settings\RG\Application Data\Vso 2013-10-10 07:25 - 2013-08-28 12:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-10-05 20:03 - 2008-09-22 17:20 - 00000000 ____D C:\Documents and Settings\RG\My Documents\henry scans 2013-10-04 09:48 - 2008-07-14 08:43 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help 2013-10-03 07:37 - 2013-10-02 09:46 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-09-28 20:32 - 2008-10-14 11:10 - 00759808 ___SH C:\Documents and Settings\RG\My Documents\Thumbs.db 2013-09-27 08:23 - 2012-02-15 04:00 - 00184266 _____ C:\WINDOWS\setupact.log Files to move or delete: ==================== C:\Documents and Settings\RG\WombleEasyDVD.exe Some content of TEMP: ==================== C:\Documents and Settings\RG\Local Settings\Temp\InstHelper.exe C:\Documents and Settings\RG\Local Settings\Temp\ntdll_dump.dll ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2006-02-28 07:00] - [2006-02-28 07:00] - 1032192 ____A (Microsoft Corporation) a0732187050030ae399b241436565e64 C:\Windows\System32\winlogon.exe [2006-02-28 07:00] - [2006-02-28 07:00] - 0502272 ____A (Microsoft Corporation) 01c3346c241652f43aed8e2149881bfe C:\Windows\System32\svchost.exe [2006-02-28 07:00] - [2006-02-28 07:00] - 0014336 ____A (Microsoft Corporation) 8f078ae4ed187aaabc0a305146de6716 C:\Windows\System32\services.exe [2006-02-28 07:00] - [2006-02-28 07:00] - 0108032 ____A (Microsoft Corporation) c6ce6eec82f187615d1002bb3bb50ed4 C:\Windows\System32\User32.dll [2006-02-28 07:00] - [2006-02-28 07:00] - 0577024 ____A (Microsoft Corporation) c72661f8552ace7c5c85e16a3cf505c4 C:\Windows\System32\userinit.exe [2006-02-28 07:00] - [2006-02-28 07:00] - 0024576 ____A (Microsoft Corporation) 39b1ffb03c2296323832acbae50d2aff C:\Windows\System32\Drivers\volsnap.sys [2006-02-28 07:00] - [2006-02-28 07:00] - 0052352 ____A (Microsoft Corporation) ee4660083deba849ff6c485d944b379b ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-10-2013 Ran by RG at 2013-10-22 09:43:14 Running from C:\Documents and Settings\RG\Local Settings\Application Data\Opera\Opera10.01\temporary_downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: ZoneAlarm Antivirus (Disabled - Up to date) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF} Could not list Security Center items. Check WMI. ==================== Installed Programs ====================== ABBYY FineReader 5.0 Sprint Plus (Version: 5.0.0.3501) Abrosoft FantaMorph 3.7 (Version: 3.7) AC3Filter 1.62b (Version: 1.62b) ACDSee 10 Photo Manager (Version: 10.0.219) Acrobat.com (Version: 1.6.65) Acronis True Image Home (Version: 10.0.4942) Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.2) Adobe AIR (Version: 3.5.0.880) Adobe Community Help (Version: 3.5.23) Adobe Download Assistant (Version: 1.0.6) Adobe Download Manager (Version: 1.6.2.60) Adobe Flash Player 11 ActiveX (Version: 11.0.1.152) Adobe Flash Player 11 Plugin (Version: 11.7.700.202) Adobe Media Player (Version: 1.8) Adobe Photoshop CS5 (Version: 12.0) Adobe Premiere Elements 10 (Version: 10.0) Adobe Reader 9.4.6 (Version: 9.4.6) Advanced Uninstaller PRO - Version 9 (Version: 9) ANIO Service ANIWZCS2 Service Any DVD Converter Professional 4.2.2 Apple Application Support (Version: 2.1.7) Apple Mobile Device Support (Version: 5.1.1.4) Apple Software Update (Version: 2.1.3.127) Ares 2.1.7 (Version: 2.1.7-Build#3041) Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.10.1.0) AT&T Portal Athlon 64 Processor Driver (Version: 1.2.2.2) Auslogics Disk Defrag (Version: version 3.2) AVI/MPEG/RM/WMV Joiner 4.82 Belarc Advisor 7.2 Bonjour (Version: 3.0.0.10) Boris Graffiti (Version: 5.20.200) Broadcom NetLink Controller (Version: 14.8.5.1) CDBurnerXP (Version: 4.3.8.2474) Cisco Connect (Version: 1.4.11299.0) Contents (Version: 1.6.0.272) Contour Storyteller (Version: 3.3.3) ConvertXtoDVD 3.6.8.166 (Version: 3.6.8.166) Corel Paint Shop Pro Photo XI (Version: 11.00.0000) Corel VideoStudio Pro X3 (Version: 1.6.0.272) Corel WordPerfect Office - iFilter (Version: 1.00.000) Coupon Printer for Windows (Version: 5.0.0.1) CPUID CPU-Z 1.51 DAEMON Tools Lite (Version: 4.41.3.0173) Data Lifeguard Tools DeviceIO (Version: 1.6.0.272) DivX Setup (Version: 2.6.1.8) doubleTwist (Version: 3.0.0.6339) DriverAgent by TouchStone Software Dropbox (HKCU Version: 2.0.26) DVD Decrypter (Remove Only) DVD Flick 1.3.0.7 (Version: 1.3.0.7) DVD Shrink 3.2 DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.5.0 DVDFab 8.1.5.9 (20/01/2012) Qt Elements 10 Organizer (Version: 10.0) EphPod EPSON Copy Utility 3 (Version: 3.0.2.0) EPSON Perf 4180 Guide EPSON Scan EPSON Smart Panel ESET Online Scanner v3 ffdshow v1.1.4399 [2012-03-22] (Version: 1.1.4399.0) FormatFactory 2.90 (Version: 2.90) GetDataBack for NTFS (Version: 3.30.001) Google Earth (Version: 7.1.1.1888) Google Toolbar for Internet Explorer (Version: 1.0.0) Google Update Helper (Version: 1.3.21.165) Google Updater (Version: 2.4.2432.1652) H.264 Encoder Haali Media Splitter HTC BMP USB Driver (Version: 1.0.5375) HTC Driver Installer (Version: 4.3.0.001) HTC Sync (Version: 3.3.21) HTC Sync Manager (Version: 2.1.45.0) ICA (Version: 1.6.0.272) IESviewer 2.99n (Version: 2.99) Intel® Management Engine Components (Version: 8.0.3.1427) Intel® Processor Graphics (Version: 6.14.10.5404) IPM_VS_Pro (Version: 13.0) IPTInstaller (Version: 4.0.8) iTunes (Version: 10.6.1.7) J2SE Runtime Environment 5.0 Update 12 (Version: 1.5.0.120) Java 6 Update 20 (Version: 6.0.200) K-Lite Codec Pack 9.2.8 (Full) (Version: 9.2.8) Lagarith Lossless Codec (1.3.27) LAME v3.99.3 (for Windows) Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300) MediaFACE 5.0 (Version: 5.0) Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729) Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1) Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft National Language Support Downlevel APIs Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000) Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000) Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Silverlight (Version: 4.1.10329.0) Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053) Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053) Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053) Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053) Microsoft_VC90_ATL_x86 (Version: 1.00.0000) Microsoft_VC90_CRT_x86 (Version: 1.00.0000) Microsoft_VC90_MFC_x86 (Version: 1.00.0000) MLE (Version: 1.0.0.18) Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0) Mozilla Maintenance Service (Version: 24.0) MP3 To Ringtone Gold 3.50 MSVCRT Redists (Version: 1.0) MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) MSXML 4.0 SP3 Parser (Version: 4.30.2100.0) MSXML 6.0 Parser (Version: 6.00.3883.8) Nero Burning ROM 10 (Version: 10.2.11000.12.100) Nero Burning ROM 10 (Version: 10.5.10300) Nero BurningROM 10 Help (CHM) (Version: 10.5.10100) Nero BurnRights 10 (Version: 4.2.10300.0.102) Nero BurnRights 10 Help (CHM) (Version: 10.5.10000) Nero Control Center 10 (Version: 10.2.10600.0.6) Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000) Nero Core Components 10 (Version: 2.0.17400.8.2) neroxml (Version: 1.0.0) Nuance OmniPage 17 (Version: 17.0.0000) Nuance PDF Create! 5 (Version: 5.20.3200) NVIDIA Drivers (Version: 1.10) NVIDIA nView Desktop Manager (Version: 6.14.10.00) NvMixer OpenSource Flash Video Splitter 1.0.0.5 (Version: 1.0.0.5) Opera 12.16 (Version: 12.16.1860) Opera 9.64 (Version: 9.64) Panda Cloud Cleaner (Version: 1.0.76) PDF Settings CS5 (Version: 10.0) Photocensoredet Pinnacle Studio 12 (Version: 12.0.0.6163) Pinnacle Studio 12 Ultimate Plugins (Version: 12.0.0.0) Pinnacle Video Driver (Version: 12.00.0017) PlexTools Professional V2.32a (Version: 2.32.0001) PowerISO (Version: 4.8) PRE10STIInstaller (Version: 1.0) proDAD Vitascene 1.0 PureHD (Version: 1.6.0.272) QuickPar 0.9 (Version: 0.9) QuickTime (Version: 7.55.90.70) Real Alternative 2.0.2 Lite (Version: 2.0.2) Realtek AC'97 Audio Realtek High Definition Audio Driver (Version: 5.10.0.6559) Recovery Toolbox for Outlook Express 1.1 Samsung CLP-310 Series Scan to PDF (Version: 2.40) ScanToWeb Setup (Version: 1.6.0.272) ShaPlus Bandwidth Meter 1.3 (Version: 1.3) Share (Version: 1.6.0.272) Smart File Advisor 1.1.1 (Version: 1.1.1) SmartSound Common Data (Version: 1.1.0) SmartSound Premiere Elements 10 Plugin (Version: 5.70.0001) SmartSound Quicktracks 5 (Version: 5.1.5) SmartSound Sonicfire Pro 5 (Version: 5.7.1) Sony Vegas Pro 8.0 (Version: 8.0.179) SopCast 3.5.0 (Version: 3.5.0) Spell Checker For OE 2.1 Splash Lite (Version: 1.7.0) Splash PRO EX (Version: 1.11.0) SUPERAntiSpyware (Version: 5.0.1142) SyncThru Web Admin Service System Requirements Lab Temp File Cleaner Ulead GIF Animator 5 Ultimate Codec Packages Ultra MKV Converter 4.1.0101 Ultra Video Joiner 5.2.1025 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition Update for Ultimate Codec Update for Windows XP (KB932823-v3) (Version: 3) VC 9.0 Runtime (Version: 1.0.0) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0) Veetle Broadcaster Plugin 0.9.4 (Version: 0.9.4) Veetle TV 0.9.15 (Version: 0.9.15) VIO (Version: 1.6.0.272) VSClassic (Version: 1.6.0.272) VSPro (Version: 1.6.0.272) Vuze (Version: 5.1.0.0) Vuze_Remote Toolbar (Version: ) WD Diagnostics (Version: 1.09.0002) WhoCrashed 1.01 Winamp (Version: 5.572 ) Winamp Detector Plug-in (HKCU Version: 1.0.0.1) Window Washer Windows 7 Upgrade Advisor (Version: 2.0.5000.0) Windows Genuine Advantage Validation Tool (KB892130) Windows Installer 3.1 (KB893803) Windows Installer Clean Up (Version: 3.00.00.0000) Windows Internet Explorer 7 (Version: 20070813.185237) Windows Internet Explorer 8 (Version: 20090308.140743) Windows Media Encoder 9 Series Windows Media Encoder 9 Series (Version: 9.00.2980) Windows Media Format 11 runtime Windows Media Player 11 WinRAR archiver WinZip (Version: 8.1 (4331)) Wondershare Media Converter(Build 1.3.4.0) WordPerfect Lightning - IPM (Version: 1.0) WordPerfect Lightning - Messages (Version: 1.0) WordPerfect Lightning - MSOM (Version: 1.1) WordPerfect Lightning (Version: 2.0) WordPerfect Office 2002 WordPerfect Office 2002 (Version: 10) WordPerfect Office X5 - Common (Version: 15.0) Wordperfect Office X5 - EN (Version: 15.0) WordPerfect Office X5 - Filters (Version: 15.0) WordPerfect Office X5 - Graphics (Version: 15.0) WordPerfect Office X5 - IPM (Version: 15.0) WordPerfect Office X5 - LegalTools (Version: 15.0) WordPerfect Office X5 - Migration Manager (Version: 15.0) WordPerfect Office X5 - Oxford (Version: 15.0) WordPerfect Office X5 - PerfectExperts EN (Version: 15.0) WordPerfect Office X5 - PR (Version: 15.0) WordPerfect Office X5 - QP (Version: 15.0) WordPerfect Office X5 - Setup Files (Version: 15.0) WordPerfect Office X5 - Sharepoint (Version: 15.0) WordPerfect Office X5 - Skins (Version: 15.0) WordPerfect Office X5 - System EN (Version: 15.0) WordPerfect Office X5 - Templates (Version: 15.0) WordPerfect Office X5 - WP (Version: 15.0) WordPerfect Office X5 - WT (Version: 15.0) WordPerfect Office X5 (Version: 15.0) WordPerfect Office X5 (Version: 15.0.0.357) Xvid Video Codec (Version: 1.3.2) ZoneAlarm Antivirus (Version: 11.0.780.000) ZoneAlarm Firewall (Version: 11.0.780.000) ZoneAlarm Security (Version: 11.0.780.000) ZoneAlarm Security Toolbar (Version: 1.8.22.0) ==================== Restore Points ========================= 14-08-2013 01:07:44 System Checkpoint 15-08-2013 02:07:44 System Checkpoint 16-08-2013 02:08:51 System Checkpoint 17-08-2013 02:20:51 System Checkpoint 18-08-2013 03:07:46 System Checkpoint 19-08-2013 03:08:53 System Checkpoint 20-08-2013 03:28:00 System Checkpoint 21-08-2013 03:49:06 System Checkpoint 22-08-2013 03:52:07 System Checkpoint 23-08-2013 05:02:42 System Checkpoint 24-08-2013 05:52:08 System Checkpoint 25-08-2013 06:52:07 System Checkpoint 26-08-2013 07:52:06 System Checkpoint 27-08-2013 08:13:52 System Checkpoint 28-08-2013 09:13:53 System Checkpoint 29-08-2013 10:13:52 System Checkpoint 30-08-2013 10:52:23 System Checkpoint 31-08-2013 11:52:22 System Checkpoint 01-09-2013 12:52:23 System Checkpoint 02-09-2013 13:13:20 System Checkpoint 03-09-2013 14:20:13 System Checkpoint 04-09-2013 15:07:40 System Checkpoint 05-09-2013 17:48:31 System Checkpoint 06-09-2013 18:29:43 System Checkpoint 07-09-2013 18:53:42 System Checkpoint 08-09-2013 20:07:48 System Checkpoint 09-09-2013 20:29:42 System Checkpoint 10-09-2013 20:44:10 System Checkpoint 11-09-2013 22:52:48 System Checkpoint 12-09-2013 23:01:02 System Checkpoint 13-09-2013 23:49:48 System Checkpoint 15-09-2013 01:30:52 System Checkpoint 16-09-2013 01:49:47 System Checkpoint 17-09-2013 01:54:49 System Checkpoint 18-09-2013 02:18:36 System Checkpoint 19-09-2013 02:54:46 System Checkpoint 20-09-2013 03:34:02 System Checkpoint 21-09-2013 04:04:11 System Checkpoint 22-09-2013 05:04:09 System Checkpoint 23-09-2013 06:04:11 System Checkpoint 24-09-2013 07:04:10 System Checkpoint 25-09-2013 08:04:11 System Checkpoint 26-09-2013 09:04:10 System Checkpoint 27-09-2013 09:13:45 System Checkpoint 28-09-2013 10:13:44 System Checkpoint 29-09-2013 11:13:45 System Checkpoint 30-09-2013 12:13:43 System Checkpoint 01-10-2013 14:20:00 System Checkpoint 02-10-2013 14:35:42 System Checkpoint 03-10-2013 15:51:00 System Checkpoint 04-10-2013 14:47:52 Configured Microsoft Office Enterprise 2007 05-10-2013 15:13:46 System Checkpoint 06-10-2013 16:14:51 System Checkpoint 07-10-2013 17:32:25 System Checkpoint 08-10-2013 18:44:09 System Checkpoint 09-10-2013 19:13:44 System Checkpoint 10-10-2013 19:28:30 System Checkpoint 11-10-2013 20:26:27 System Checkpoint 12-10-2013 22:03:10 System Checkpoint 13-10-2013 23:20:38 System Checkpoint 14-10-2013 23:45:51 System Checkpoint 16-10-2013 00:26:31 System Checkpoint 17-10-2013 01:26:27 System Checkpoint 18-10-2013 01:32:27 System Checkpoint 19-10-2013 01:48:54 System Checkpoint 20-10-2013 02:27:53 System Checkpoint 21-10-2013 02:57:16 System Checkpoint 21-10-2013 20:42:08 Installed Kaspersky Security Scan. 21-10-2013 21:26:34 Removed Kaspersky Security Scan. 22-10-2013 12:19:41 Installed Windows XP KB943232. 22-10-2013 12:19:54 Removed ZoneAlarm Security 22-10-2013 12:20:07 Removed ZoneAlarm Firewall 22-10-2013 12:20:43 Removed ZoneAlarm Antivirus 22-10-2013 14:28:52 Restore Operation 22-10-2013 14:32:05 Restore Operation ==================== Hosts content: ========================== 2012-01-24 11:14 - 2013-10-21 23:34 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2010-12-06 12:31 - 2007-08-14 03:39 - 00022723 _____ () C:\WINDOWS\system32\cl31cl3.dll 2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-08-01 18:31 - 2013-08-01 18:31 - 00030056 _____ () C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll 2013-08-01 18:32 - 2013-08-01 18:32 - 00607376 _____ () C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll 2013-08-01 18:33 - 2013-08-01 18:33 - 00044392 _____ () C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll 2013-08-01 18:33 - 2013-08-01 18:33 - 00036216 _____ () C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll 2013-08-01 18:33 - 2013-08-01 18:33 - 00080248 _____ () C:\Program Files\HTC\HTC Sync Manager\ninstallerhelper.dll 2013-08-01 18:38 - 2013-08-01 18:38 - 00223592 _____ () C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll 2011-10-09 21:07 - 2008-04-15 19:48 - 04976640 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\qt-mt333.dll 2011-10-09 21:07 - 2008-04-15 19:48 - 00024064 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\XalanMessages_1_9.dll 2011-10-09 21:07 - 2008-04-15 19:48 - 00118784 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\slp.dll 2011-10-09 21:07 - 2008-04-15 19:48 - 00073728 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\zlib1.dll 2011-10-09 21:07 - 2008-04-15 19:48 - 00057344 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\boost_thread-vc71-mt-1_32.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00028672 _____ () C:\Program Files\HTC\HTC Sync 3.0\OutputLog.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00516599 _____ () C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00094208 _____ () C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00405504 _____ () C:\Program Files\HTC\HTC Sync 3.0\HtcDetect.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00159744 _____ () C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00172032 _____ () C:\Program Files\HTC\HTC Sync 3.0\htcDetectLegend.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00559244 _____ () C:\Program Files\HTC\HTC Sync 3.0\sqlite3.7.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 01515520 _____ () C:\Program Files\HTC\HTC Sync 3.0\Maps\R66Api.dll 2006-02-28 07:00 - 2006-02-28 07:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll 2006-02-28 07:00 - 2006-02-28 07:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll 2013-05-23 09:35 - 2013-05-23 09:35 - 16033160 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5} => ""="" ==================== Faulty Device Manager Devices ============= Name: PCI Device Description: PCI Device Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318} Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (10/22/2013 08:57:41 AM) (Source: MsiInstaller) (User: RAUL-PC) Description: Product: ESET Smart Security -- Error 5001. The computer has not been restarted after a program uninstallation. Please restart the computer and run the installer again. Error: (10/22/2013 07:46:37 AM) (Source: MsiInstaller) (User: RAUL-PC) Description: Product: ESET NOD32 Antivirus -- Error 1920. Service 'ESET Service' (ekrn) failed to start. Verify that you have sufficient privileges to start system services. Error: (10/22/2013 00:22:16 AM) (Source: MsiInstaller) (User: RAUL-PC) Description: Product: ESET Smart Security -- Error 1920. Service 'ESET Service' (ekrn) failed to start. Verify that you have sufficient privileges to start system services. Error: (10/21/2013 11:33:25 PM) (Source: Windows Search Service) (User: ) Description: The entry <C:\DOCUMENTS AND SETTINGS\RG\WINDOWS\SYSTEM> in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error: (10/16/2013 01:47:17 PM) (Source: Application Hang) (User: ) Description: Hanging application SplashLite.exe, version 1.7.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (10/15/2013 11:00:59 AM) (Source: Application Error) (User: ) Description: Faulting application splashlite.exe, version 1.7.0.0, faulting module msvcr90.dll, version 9.0.30729.6161, fault address 0x0003af64. Processing media-specific event for [splashlite.exe!ws!] Error: (10/14/2013 08:32:19 PM) (Source: Application Hang) (User: ) Description: Hanging application Azureus.exe, version 4.8.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (10/12/2013 04:53:41 AM) (Source: Application Hang) (User: ) Description: Hanging application Azureus.exe, version 4.8.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (10/04/2013 09:47:54 AM) (Source: Application Hang) (User: ) Description: Hanging application SETUP.EXE, version 12.0.6606.1000, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (09/29/2013 09:57:26 PM) (Source: Application Hang) (User: ) Description: Hanging application SplashLite.exe, version 1.7.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. System errors: ============= Error: (10/22/2013 09:32:02 AM) (Source: 0) (User: ) Description: Error: (10/22/2013 09:31:58 AM) (Source: Service Control Manager) (User: ) Description: The following boot-start or system-start driver(s) failed to load: sptd Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: ) Description: The SSPORT service failed to start due to the following error: %%2 Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: ) Description: The BitDefender Desktop Update Service service depends on the following nonexistent service: XCOMM Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: ) Description: The DgiVecp service failed to start due to the following error: %%2 Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: ) Description: The Parallel port driver service failed to start due to the following error: %%1058 Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: ) Description: The ZoneAlarm LTD Toolbar IswSvc service depends on the ZoneAlarm LTD Toolbar ISWKL service which failed to start because of the following error: %%2 Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: ) Description: The ZoneAlarm LTD Toolbar ISWKL service failed to start due to the following error: %%2 Error: (10/22/2013 09:27:58 AM) (Source: 0) (User: ) Description: Error: (10/22/2013 09:27:53 AM) (Source: Service Control Manager) (User: ) Description: The following boot-start or system-start driver(s) failed to load: sptd Microsoft Office Sessions: ========================= ==================== Memory info =========================== Percentage of memory in use: 36% Total physical RAM: 3297.01 MB Available physical RAM: 2100.06 MB Total Pagefile: 5174.98 MB Available Pagefile: 3833.07 MB Total Virtual: 2047.88 MB Available Virtual: 1955.24 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:107.42 GB) (Free:40.17 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive k: (New Volume) (Fixed) (Total:465.76 GB) (Free:42.3 GB) NTFS Drive l: (New Volume) (Fixed) (Total:465.76 GB) (Free:175.66 GB) NTFS Drive s: (New Volume) (Fixed) (Total:358.34 GB) (Free:149.11 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 67A93141) Partition 1: (Active) - (Size=107 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=358 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 0E343701) Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 307DB55F) Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-10-2013 Ran by RG at 2013-10-22 09:43:14 Running from C:\Documents and Settings\RG\Local Settings\Application Data\Opera\Opera10.01\temporary_downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: ZoneAlarm Antivirus (Disabled - Up to date) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF} Could not list Security Center items. Check WMI. ==================== Installed Programs ====================== ABBYY FineReader 5.0 Sprint Plus (Version: 5.0.0.3501) Abrosoft FantaMorph 3.7 (Version: 3.7) AC3Filter 1.62b (Version: 1.62b) ACDSee 10 Photo Manager (Version: 10.0.219) Acrobat.com (Version: 1.6.65) Acronis True Image Home (Version: 10.0.4942) Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.2) Adobe AIR (Version: 3.5.0.880) Adobe Community Help (Version: 3.5.23) Adobe Download Assistant (Version: 1.0.6) Adobe Download Manager (Version: 1.6.2.60) Adobe Flash Player 11 ActiveX (Version: 11.0.1.152) Adobe Flash Player 11 Plugin (Version: 11.7.700.202) Adobe Media Player (Version: 1.8) Adobe Photoshop CS5 (Version: 12.0) Adobe Premiere Elements 10 (Version: 10.0) Adobe Reader 9.4.6 (Version: 9.4.6) Advanced Uninstaller PRO - Version 9 (Version: 9) ANIO Service ANIWZCS2 Service Any DVD Converter Professional 4.2.2 Apple Application Support (Version: 2.1.7) Apple Mobile Device Support (Version: 5.1.1.4) Apple Software Update (Version: 2.1.3.127) Ares 2.1.7 (Version: 2.1.7-Build#3041) Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.10.1.0) AT&T Portal Athlon 64 Processor Driver (Version: 1.2.2.2) Auslogics Disk Defrag (Version: version 3.2) AVI/MPEG/RM/WMV Joiner 4.82 Belarc Advisor 7.2 Bonjour (Version: 3.0.0.10) Boris Graffiti (Version: 5.20.200) Broadcom NetLink Controller (Version: 14.8.5.1) CDBurnerXP (Version: 4.3.8.2474) Cisco Connect (Version: 1.4.11299.0) Contents (Version: 1.6.0.272) Contour Storyteller (Version: 3.3.3) ConvertXtoDVD 3.6.8.166 (Version: 3.6.8.166) Corel Paint Shop Pro Photo XI (Version: 11.00.0000) Corel VideoStudio Pro X3 (Version: 1.6.0.272) Corel WordPerfect Office - iFilter (Version: 1.00.000) Coupon Printer for Windows (Version: 5.0.0.1) CPUID CPU-Z 1.51 DAEMON Tools Lite (Version: 4.41.3.0173) Data Lifeguard Tools DeviceIO (Version: 1.6.0.272) DivX Setup (Version: 2.6.1.8) doubleTwist (Version: 3.0.0.6339) DriverAgent by TouchStone Software Dropbox (HKCU Version: 2.0.26) DVD Decrypter (Remove Only) DVD Flick 1.3.0.7 (Version: 1.3.0.7) DVD Shrink 3.2 DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.5.0 DVDFab 8.1.5.9 (20/01/2012) Qt Elements 10 Organizer (Version: 10.0) EphPod EPSON Copy Utility 3 (Version: 3.0.2.0) EPSON Perf 4180 Guide EPSON Scan EPSON Smart Panel ESET Online Scanner v3 ffdshow v1.1.4399 [2012-03-22] (Version: 1.1.4399.0) FormatFactory 2.90 (Version: 2.90) GetDataBack for NTFS (Version: 3.30.001) Google Earth (Version: 7.1.1.1888) Google Toolbar for Internet Explorer (Version: 1.0.0) Google Update Helper (Version: 1.3.21.165) Google Updater (Version: 2.4.2432.1652) H.264 Encoder Haali Media Splitter HTC BMP USB Driver (Version: 1.0.5375) HTC Driver Installer (Version: 4.3.0.001) HTC Sync (Version: 3.3.21) HTC Sync Manager (Version: 2.1.45.0) ICA (Version: 1.6.0.272) IESviewer 2.99n (Version: 2.99) Intel® Management Engine Components (Version: 8.0.3.1427) Intel® Processor Graphics (Version: 6.14.10.5404) IPM_VS_Pro (Version: 13.0) IPTInstaller (Version: 4.0.8) iTunes (Version: 10.6.1.7) J2SE Runtime Environment 5.0 Update 12 (Version: 1.5.0.120) Java 6 Update 20 (Version: 6.0.200) K-Lite Codec Pack 9.2.8 (Full) (Version: 9.2.8) Lagarith Lossless Codec (1.3.27) LAME v3.99.3 (for Windows) Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300) MediaFACE 5.0 (Version: 5.0) Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729) Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1) Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft National Language Support Downlevel APIs Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000) Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000) Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Silverlight (Version: 4.1.10329.0) Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053) Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053) Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053) Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053) Microsoft_VC90_ATL_x86 (Version: 1.00.0000) Microsoft_VC90_CRT_x86 (Version: 1.00.0000) Microsoft_VC90_MFC_x86 (Version: 1.00.0000) MLE (Version: 1.0.0.18) Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0) Mozilla Maintenance Service (Version: 24.0) MP3 To Ringtone Gold 3.50 MSVCRT Redists (Version: 1.0) MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) MSXML 4.0 SP3 Parser (Version: 4.30.2100.0) MSXML 6.0 Parser (Version: 6.00.3883.8) Nero Burning ROM 10 (Version: 10.2.11000.12.100) Nero Burning ROM 10 (Version: 10.5.10300) Nero BurningROM 10 Help (CHM) (Version: 10.5.10100) Nero BurnRights 10 (Version: 4.2.10300.0.102) Nero BurnRights 10 Help (CHM) (Version: 10.5.10000) Nero Control Center 10 (Version: 10.2.10600.0.6) Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000) Nero Core Components 10 (Version: 2.0.17400.8.2) neroxml (Version: 1.0.0) Nuance OmniPage 17 (Version: 17.0.0000) Nuance PDF Create! 5 (Version: 5.20.3200) NVIDIA Drivers (Version: 1.10) NVIDIA nView Desktop Manager (Version: 6.14.10.00) NvMixer OpenSource Flash Video Splitter 1.0.0.5 (Version: 1.0.0.5) Opera 12.16 (Version: 12.16.1860) Opera 9.64 (Version: 9.64) Panda Cloud Cleaner (Version: 1.0.76) PDF Settings CS5 (Version: 10.0) Photocensoredet Pinnacle Studio 12 (Version: 12.0.0.6163) Pinnacle Studio 12 Ultimate Plugins (Version: 12.0.0.0) Pinnacle Video Driver (Version: 12.00.0017) PlexTools Professional V2.32a (Version: 2.32.0001) PowerISO (Version: 4.8) PRE10STIInstaller (Version: 1.0) proDAD Vitascene 1.0 PureHD (Version: 1.6.0.272) QuickPar 0.9 (Version: 0.9) QuickTime (Version: 7.55.90.70) Real Alternative 2.0.2 Lite (Version: 2.0.2) Realtek AC'97 Audio Realtek High Definition Audio Driver (Version: 5.10.0.6559) Recovery Toolbox for Outlook Express 1.1 Samsung CLP-310 Series Scan to PDF (Version: 2.40) ScanToWeb Setup (Version: 1.6.0.272) ShaPlus Bandwidth Meter 1.3 (Version: 1.3) Share (Version: 1.6.0.272) Smart File Advisor 1.1.1 (Version: 1.1.1) SmartSound Common Data (Version: 1.1.0) SmartSound Premiere Elements 10 Plugin (Version: 5.70.0001) SmartSound Quicktracks 5 (Version: 5.1.5) SmartSound Sonicfire Pro 5 (Version: 5.7.1) Sony Vegas Pro 8.0 (Version: 8.0.179) SopCast 3.5.0 (Version: 3.5.0) Spell Checker For OE 2.1 Splash Lite (Version: 1.7.0) Splash PRO EX (Version: 1.11.0) SUPERAntiSpyware (Version: 5.0.1142) SyncThru Web Admin Service System Requirements Lab Temp File Cleaner Ulead GIF Animator 5 Ultimate Codec Packages Ultra MKV Converter 4.1.0101 Ultra Video Joiner 5.2.1025 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition Update for Ultimate Codec Update for Windows XP (KB932823-v3) (Version: 3) VC 9.0 Runtime (Version: 1.0.0) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0) Veetle Broadcaster Plugin 0.9.4 (Version: 0.9.4) Veetle TV 0.9.15 (Version: 0.9.15) VIO (Version: 1.6.0.272) VSClassic (Version: 1.6.0.272) VSPro (Version: 1.6.0.272) Vuze (Version: 5.1.0.0) Vuze_Remote Toolbar (Version: ) WD Diagnostics (Version: 1.09.0002) WhoCrashed 1.01 Winamp (Version: 5.572 ) Winamp Detector Plug-in (HKCU Version: 1.0.0.1) Window Washer Windows 7 Upgrade Advisor (Version: 2.0.5000.0) Windows Genuine Advantage Validation Tool (KB892130) Windows Installer 3.1 (KB893803) Windows Installer Clean Up (Version: 3.00.00.0000) Windows Internet Explorer 7 (Version: 20070813.185237) Windows Internet Explorer 8 (Version: 20090308.140743) Windows Media Encoder 9 Series Windows Media Encoder 9 Series (Version: 9.00.2980) Windows Media Format 11 runtime Windows Media Player 11 WinRAR archiver WinZip (Version: 8.1 (4331)) Wondershare Media Converter(Build 1.3.4.0) WordPerfect Lightning - IPM (Version: 1.0) WordPerfect Lightning - Messages (Version: 1.0) WordPerfect Lightning - MSOM (Version: 1.1) WordPerfect Lightning (Version: 2.0) WordPerfect Office 2002 WordPerfect Office 2002 (Version: 10) WordPerfect Office X5 - Common (Version: 15.0) Wordperfect Office X5 - EN (Version: 15.0) WordPerfect Office X5 - Filters (Version: 15.0) WordPerfect Office X5 - Graphics (Version: 15.0) WordPerfect Office X5 - IPM (Version: 15.0) WordPerfect Office X5 - LegalTools (Version: 15.0) WordPerfect Office X5 - Migration Manager (Version: 15.0) WordPerfect Office X5 - Oxford (Version: 15.0) WordPerfect Office X5 - PerfectExperts EN (Version: 15.0) WordPerfect Office X5 - PR (Version: 15.0) WordPerfect Office X5 - QP (Version: 15.0) WordPerfect Office X5 - Setup Files (Version: 15.0) WordPerfect Office X5 - Sharepoint (Version: 15.0) WordPerfect Office X5 - Skins (Version: 15.0) WordPerfect Office X5 - System EN (Version: 15.0) WordPerfect Office X5 - Templates (Version: 15.0) WordPerfect Office X5 - WP (Version: 15.0) WordPerfect Office X5 - WT (Version: 15.0) WordPerfect Office X5 (Version: 15.0) WordPerfect Office X5 (Version: 15.0.0.357) Xvid Video Codec (Version: 1.3.2) ZoneAlarm Antivirus (Version: 11.0.780.000) ZoneAlarm Firewall (Version: 11.0.780.000) ZoneAlarm Security (Version: 11.0.780.000) ZoneAlarm Security Toolbar (Version: 1.8.22.0) ==================== Restore Points ========================= 14-08-2013 01:07:44 System Checkpoint 15-08-2013 02:07:44 System Checkpoint 16-08-2013 02:08:51 System Checkpoint 17-08-2013 02:20:51 System Checkpoint 18-08-2013 03:07:46 System Checkpoint 19-08-2013 03:08:53 System Checkpoint 20-08-2013 03:28:00 System Checkpoint 21-08-2013 03:49:06 System Checkpoint 22-08-2013 03:52:07 System Checkpoint 23-08-2013 05:02:42 System Checkpoint 24-08-2013 05:52:08 System Checkpoint 25-08-2013 06:52:07 System Checkpoint 26-08-2013 07:52:06 System Checkpoint 27-08-2013 08:13:52 System Checkpoint 28-08-2013 09:13:53 System Checkpoint 29-08-2013 10:13:52 System Checkpoint 30-08-2013 10:52:23 System Checkpoint 31-08-2013 11:52:22 System Checkpoint 01-09-2013 12:52:23 System Checkpoint 02-09-2013 13:13:20 System Checkpoint 03-09-2013 14:20:13 System Checkpoint 04-09-2013 15:07:40 System Checkpoint 05-09-2013 17:48:31 System Checkpoint 06-09-2013 18:29:43 System Checkpoint 07-09-2013 18:53:42 System Checkpoint 08-09-2013 20:07:48 System Checkpoint 09-09-2013 20:29:42 System Checkpoint 10-09-2013 20:44:10 System Checkpoint 11-09-2013 22:52:48 System Checkpoint 12-09-2013 23:01:02 System Checkpoint 13-09-2013 23:49:48 System Checkpoint 15-09-2013 01:30:52 System Checkpoint 16-09-2013 01:49:47 System Checkpoint 17-09-2013 01:54:49 System Checkpoint 18-09-2013 02:18:36 System Checkpoint 19-09-2013 02:54:46 System Checkpoint 20-09-2013 03:34:02 System Checkpoint 21-09-2013 04:04:11 System Checkpoint 22-09-2013 05:04:09 System Checkpoint 23-09-2013 06:04:11 System Checkpoint 24-09-2013 07:04:10 System Checkpoint 25-09-2013 08:04:11 System Checkpoint 26-09-2013 09:04:10 System Checkpoint 27-09-2013 09:13:45 System Checkpoint 28-09-2013 10:13:44 System Checkpoint 29-09-2013 11:13:45 System Checkpoint 30-09-2013 12:13:43 System Checkpoint 01-10-2013 14:20:00 System Checkpoint 02-10-2013 14:35:42 System Checkpoint 03-10-2013 15:51:00 System Checkpoint 04-10-2013 14:47:52 Configured Microsoft Office Enterprise 2007 05-10-2013 15:13:46 System Checkpoint 06-10-2013 16:14:51 System Checkpoint 07-10-2013 17:32:25 System Checkpoint 08-10-2013 18:44:09 System Checkpoint 09-10-2013 19:13:44 System Checkpoint 10-10-2013 19:28:30 System Checkpoint 11-10-2013 20:26:27 System Checkpoint 12-10-2013 22:03:10 System Checkpoint 13-10-2013 23:20:38 System Checkpoint 14-10-2013 23:45:51 System Checkpoint 16-10-2013 00:26:31 System Checkpoint 17-10-2013 01:26:27 System Checkpoint 18-10-2013 01:32:27 System Checkpoint 19-10-2013 01:48:54 System Checkpoint 20-10-2013 02:27:53 System Checkpoint 21-10-2013 02:57:16 System Checkpoint 21-10-2013 20:42:08 Installed Kaspersky Security Scan. 21-10-2013 21:26:34 Removed Kaspersky Security Scan. 22-10-2013 12:19:41 Installed Windows XP KB943232. 22-10-2013 12:19:54 Removed ZoneAlarm Security 22-10-2013 12:20:07 Removed ZoneAlarm Firewall 22-10-2013 12:20:43 Removed ZoneAlarm Antivirus 22-10-2013 14:28:52 Restore Operation 22-10-2013 14:32:05 Restore Operation ==================== Hosts content: ========================== 2012-01-24 11:14 - 2013-10-21 23:34 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2010-12-06 12:31 - 2007-08-14 03:39 - 00022723 _____ () C:\WINDOWS\system32\cl31cl3.dll 2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-08-01 18:31 - 2013-08-01 18:31 - 00030056 _____ () C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll 2013-08-01 18:32 - 2013-08-01 18:32 - 00607376 _____ () C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll 2013-08-01 18:33 - 2013-08-01 18:33 - 00044392 _____ () C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll 2013-08-01 18:33 - 2013-08-01 18:33 - 00036216 _____ () C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll 2013-08-01 18:33 - 2013-08-01 18:33 - 00080248 _____ () C:\Program Files\HTC\HTC Sync Manager\ninstallerhelper.dll 2013-08-01 18:38 - 2013-08-01 18:38 - 00223592 _____ () C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll 2011-10-09 21:07 - 2008-04-15 19:48 - 04976640 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\qt-mt333.dll 2011-10-09 21:07 - 2008-04-15 19:48 - 00024064 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\XalanMessages_1_9.dll 2011-10-09 21:07 - 2008-04-15 19:48 - 00118784 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\slp.dll 2011-10-09 21:07 - 2008-04-15 19:48 - 00073728 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\zlib1.dll 2011-10-09 21:07 - 2008-04-15 19:48 - 00057344 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\boost_thread-vc71-mt-1_32.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00028672 _____ () C:\Program Files\HTC\HTC Sync 3.0\OutputLog.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00516599 _____ () C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00094208 _____ () C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00405504 _____ () C:\Program Files\HTC\HTC Sync 3.0\HtcDetect.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00159744 _____ () C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00172032 _____ () C:\Program Files\HTC\HTC Sync 3.0\htcDetectLegend.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 00559244 _____ () C:\Program Files\HTC\HTC Sync 3.0\sqlite3.7.dll 2012-12-12 14:56 - 2012-12-12 14:56 - 01515520 _____ () C:\Program Files\HTC\HTC Sync 3.0\Maps\R66Api.dll 2006-02-28 07:00 - 2006-02-28 07:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll 2006-02-28 07:00 - 2006-02-28 07:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll 2013-05-23 09:35 - 2013-05-23 09:35 - 16033160 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5} => ""="" ==================== Faulty Device Manager Devices ============= Name: PCI Device Description: PCI Device Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318} Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (10/22/2013 08:57:41 AM) (Source: MsiInstaller) (User: RAUL-PC) Description: Product: ESET Smart Security -- Error 5001. The computer has not been restarted after a program uninstallation. Please restart the computer and run the installer again. Error: (10/22/2013 07:46:37 AM) (Source: MsiInstaller) (User: RAUL-PC) Description: Product: ESET NOD32 Antivirus -- Error 1920. Service 'ESET Service' (ekrn) failed to start. Verify that you have sufficient privileges to start system services. Error: (10/22/2013 00:22:16 AM) (Source: MsiInstaller) (User: RAUL-PC) Description: Product: ESET Smart Security -- Error 1920. Service 'ESET Service' (ekrn) failed to start. Verify that you have sufficient privileges to start system services. Error: (10/21/2013 11:33:25 PM) (Source: Windows Search Service) (User: ) Description: The entry <C:\DOCUMENTS AND SETTINGS\RG\WINDOWS\SYSTEM> in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error: (10/16/2013 01:47:17 PM) (Source: Application Hang) (User: ) Description: Hanging application SplashLite.exe, version 1.7.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (10/15/2013 11:00:59 AM) (Source: Application Error) (User: ) Description: Faulting application splashlite.exe, version 1.7.0.0, faulting module msvcr90.dll, version 9.0.30729.6161, fault address 0x0003af64. Processing media-specific event for [splashlite.exe!ws!] Error: (10/14/2013 08:32:19 PM) (Source: Application Hang) (User: ) Description: Hanging application Azureus.exe, version 4.8.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (10/12/2013 04:53:41 AM) (Source: Application Hang) (User: ) Description: Hanging application Azureus.exe, version 4.8.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (10/04/2013 09:47:54 AM) (Source: Application Hang) (User: ) Description: Hanging application SETUP.EXE, version 12.0.6606.1000, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (09/29/2013 09:57:26 PM) (Source: Application Hang) (User: ) Description: Hanging application SplashLite.exe, version 1.7.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. System errors: ============= Error: (10/22/2013 09:32:02 AM) (Source: 0) (User: ) Description: Error: (10/22/2013 09:31:58 AM) (Source: Service Control Manager) (User: ) Description: The following boot-start or system-start driver(s) failed to load: sptd Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: ) Description: The SSPORT service failed to start due to the following error: %%2 Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: ) Description: The BitDefender Desktop Update Service service depends on the following nonexistent service: XCOMM Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: ) Description: The DgiVecp service failed to start due to the following error: %%2 Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: ) Description: The Parallel port driver service failed to start due to the following error: %%1058 Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: ) Description: The ZoneAlarm LTD Toolbar IswSvc service depends on the ZoneAlarm LTD Toolbar ISWKL service which failed to start because of the following error: %%2 Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: ) Description: The ZoneAlarm LTD Toolbar ISWKL service failed to start due to the following error: %%2 Error: (10/22/2013 09:27:58 AM) (Source: 0) (User: ) Description: Error: (10/22/2013 09:27:53 AM) (Source: Service Control Manager) (User: ) Description: The following boot-start or system-start driver(s) failed to load: sptd Microsoft Office Sessions: ========================= ==================== Memory info =========================== Percentage of memory in use: 36% Total physical RAM: 3297.01 MB Available physical RAM: 2100.06 MB Total Pagefile: 5174.98 MB Available Pagefile: 3833.07 MB Total Virtual: 2047.88 MB Available Virtual: 1955.24 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:107.42 GB) (Free:40.17 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive k: (New Volume) (Fixed) (Total:465.76 GB) (Free:42.3 GB) NTFS Drive l: (New Volume) (Fixed) (Total:465.76 GB) (Free:175.66 GB) NTFS Drive s: (New Volume) (Fixed) (Total:358.34 GB) (Free:149.11 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 67A93141) Partition 1: (Active) - (Size=107 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=358 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 0E343701) Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 307DB55F) Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS) ==================== End Of Log ============================ RogueKiller V8.7.5 [Oct 22 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 2) 32 bits version Started in : Normal mode User : RG [Admin rights] Mode : Scan -- Date : 10/22/2013 13:01:10 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 4 ¤¤¤ [HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [sCREENSVR][sUSP PATH] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\WINDOWS\firefox.scr [7]) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 2 ¤¤¤ [FF][PROXY] mvmblz1v.default : user_pref("network.proxy.hxxp", "119.252.162.210"); -> FOUND [FF][PROXY] mvmblz1v.default : user_pref("network.proxy.hxxp_port", 8080); -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Disk drive +++++ --- User --- [MBR] d512c1b68c63afe76c394688ecbf4b5b [bSP] e9febe2e42d8084d3335a571f2d04366 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 109999 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 225279495 | Size: 366937 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) Disk drive +++++ --- User --- [MBR] 766c425cbd68c885276e4ba38bb1bb88 [bSP] fdaf12d92a5daccfa895f69481de475f : Windows XP MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) Hitachi HDP725050GLA360 +++++ --- User --- [MBR] a13b6502b10ee851dc07942e6059674b [bSP] 242d29b5ddc73052a1846a0046a98a85 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_10222013_130110.txt >> RKreport[0]_S_10222013_125720.txt
  3. I seem to be having almost the same exact problem mentioned here... https://forums.malwarebytes.org/index.php?showtopic=134848 I appear to have picked up some malware that is disabling my Malwarebytes and Eset antivirus on my Win XP machine. I noticed earlier today that I got a pop up from Malwarebytes that a couple of malicious process were trying to do some actions, I quarantined them at the time. The programs I quarantined were "Trojan.Fake.Apach", "Trojan.Ransom.Gend" and "Trojan.ED" I tried to do a scan with Malwarebytes but it gave me a message that it could not open due to a software policy restriction, although I have never set any on my stand alone pc. I tried to do an online scan with ESET but it gave me "error 8" and would not start. I downloaded a trial version of ESET but it will not start, it gives me the messsage "Error: Service 'ESET Service' (ekrn) failed to start. Verify that you have sufficient priveleges to start system services". I have reinstalled Malwarebytes and now it starts, however it does not find any new threats, but I cannot enable the filesystem or malicious website blocking protection as I cannot check the boxes to turn them on. Lastly my Zonealarm firewall icon has disappeared from the Taskbar and it doesn't seem that I can restart it. What should I do first to resolve this? I have run Farbar Recovery Scan Tool mentioned in the other thread and found this: HKLM Group Policy restriction on software: C:\Program Files\Alwil Software <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\BitDefender <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Lavasoft <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files\Panda Security <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files\ESET <====== ATTENTION Thank you for your help!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.