Jump to content

ottoman1980

Members
  • Posts

    8
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I guess we're all cleared? Thank you very much for your help and patience, Marius!
  2. Hi Marius! Here's what I got from the log: Farbar Service Scanner Version: 13-06-2013 Ran by Tom Cheng (administrator) on 23-06-2013 at 16:05:29 Running from "C:\Users\Tom Cheng\Desktop\TC_JG" Windows 7 Professional Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Demand. The default start type is Auto. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend service is OK. Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys [2013-06-12 09:30] - [2013-05-08 02:39] - 1910632 ____A (Microsoft Corporation) 9849EA3843A2ADBDD1497E97A85D8CAE C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll [2013-06-12 09:30] - [2013-05-13 01:51] - 0184320 ____A (Microsoft Corporation) D8129C49798CBBFB2E4351D4B7B8EF9C C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\ipnathlp.dll => MD5 is legit C:\Windows\System32\iphlpsvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log **** Thanks!
  3. Please find the FSS.txt log copied below: Farbar Service Scanner Version: 13-06-2013 Ran by Tom Cheng (administrator) on 14-06-2013 at 19:02:12 Running from "C:\Users\Tom Cheng\Desktop\TC_JG" Windows 7 Professional Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ wscsvc Service is not running. Checking service configuration: The start type of wscsvc service is OK. The ImagePath of wscsvc service is OK. The ServiceDll of wscsvc service is OK. Windows Update: ============ wuauserv Service is not running. Checking service configuration: The start type of wuauserv service is OK. The ImagePath of wuauserv service is OK. The ServiceDll of wuauserv service is OK. Windows Autoupdate Disabled Policy: ============================ Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys [2013-06-12 09:30] - [2013-05-08 02:39] - 1910632 ____A (Microsoft Corporation) 9849EA3843A2ADBDD1497E97A85D8CAE C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll [2013-06-12 09:30] - [2013-05-13 01:51] - 0184320 ____A (Microsoft Corporation) D8129C49798CBBFB2E4351D4B7B8EF9C C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log ****
  4. Hi Marius, I believe MBAM worked perfectly! I ran a second scan after the cleanup and reboot, and nothing has been detected since! Below is the log: Malwarebytes Anti-Rootkit BETA 1.06.0.1003 www.malwarebytes.org Database version: v2013.06.13.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16576 Tom Cheng :: TOMCHENG-PC [administrator] 13/06/2013 9:46:01 AM mbar-log-2013-06-13 (09-46-01).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P Scan options disabled: Deep Anti-Rootkit Scan | PUP Objects scanned: 268359 Time elapsed: 8 minute(s), 33 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) Thank you so much for your help!
  5. Hi Marius, I've copied the content of the MBAM log for your convenience: Malwarebytes Anti-Rootkit BETA 1.06.0.1003 www.malwarebytes.org Database version: v2013.06.13.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16576 Tom Cheng :: TOMCHENG-PC [administrator] 12/06/2013 9:38:38 PM mbar-log-2013-06-12 (21-38-38).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P Scan options disabled: Deep Anti-Rootkit Scan | PUP Objects scanned: 268325 Time elapsed: 9 minute(s), 28 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 2 HKCU\SOFTWARE\CLASSES\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} (Trojan.0Access) -> No action taken. HKCU\SOFTWARE\CLASSES\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\INPROCSERVER32 (Trojan.Zaccess) -> No action taken. Registry Values Detected: 1 HKCU\SOFTWARE\CLASSES\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\INPROCSERVER32| (Trojan.Zaccess) -> Data: C:\$Recycle.Bin\S-1-5-21-3783882171-3223639534-429939216-1001\$3745cbf71cd36090884cde668f4d895b\n. -> No action taken. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 6 c:\$Recycle.Bin\S-1-5-18\$3745cbf71cd36090884cde668f4d895b\U (Trojan.Siredef.C) -> No action taken. c:\$Recycle.Bin\S-1-5-21-3783882171-3223639534-429939216-1001\$3745cbf71cd36090884cde668f4d895b\U (Trojan.Siredef.C) -> No action taken. c:\$Recycle.Bin\S-1-5-18\$3745cbf71cd36090884cde668f4d895b\L (Trojan.Siredef.C) -> No action taken. c:\$Recycle.Bin\S-1-5-21-3783882171-3223639534-429939216-1001\$3745cbf71cd36090884cde668f4d895b\L (Trojan.Siredef.C) -> No action taken. c:\$Recycle.Bin\S-1-5-18\$3745cbf71cd36090884cde668f4d895b (Trojan.Siredef.C) -> No action taken. c:\$Recycle.Bin\S-1-5-21-3783882171-3223639534-429939216-1001\$3745cbf71cd36090884cde668f4d895b (Trojan.Siredef.C) -> No action taken. Files Detected: 3 c:\$Recycle.Bin\S-1-5-18\$3745cbf71cd36090884cde668f4d895b\@ (Trojan.Siredef.C) -> No action taken. c:\$Recycle.Bin\S-1-5-21-3783882171-3223639534-429939216-1001\$3745cbf71cd36090884cde668f4d895b\@ (Trojan.Siredef.C) -> No action taken. c:\$Recycle.Bin\S-1-5-21-3783882171-3223639534-429939216-1001\$3745cbf71cd36090884cde668f4d895b\n (Trojan.0Access) -> No action taken. Physical Sectors Detected: 0 (No malicious items detected) (end) Hope this helps?
  6. Oops, my screenshot did not seem to post, so here's a new post (since I can't find the Edit button!):
  7. Hi Marius, Thank you for your quick response! I've downloaded the Malwarebytes : Malwarebytes Anti-Rootkit as you have asked and ran it for the first time, but saw this prompt right in the beginning, and am not sure how to proceed: I clicked "No" and have since exited the program. Please advise, thank you!
  8. Hi everyone, I'm new here, so please have patience in solving my problem! I don't know why I didn't come here sooner when I had this infection... I honestly thought AVG had this Trojan Horse virus deactivated and quarantined since it can detect but won't remove it... Anyway, I've copy and pasted the DDS logs for anyone that's interested, as I noticed someone else on this forum with the same problem had done: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.17.2 Run by Tom Cheng at 22:49:03 on 2013-06-11 Microsoft Windows 7 Professional 6.1.7601.1.1252.2.1033.18.6058.3926 [GMT -4:00] . AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG2013\avgrsa.exe C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\nvvsvc.exe C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\windows\system32\nvvsvc.exe C:\windows\system32\WLANExt.exe C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\windows\system32\rundll32.exe C:\windows\system32\rundll32.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe C:\Program Files (x86)\AVG\AVG2013\avgemca.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\windows\system32\SearchIndexer.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Users\Tom Cheng\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Tom Cheng\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\windows\system32\SearchProtocolHost.exe C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\windows\system32\RunDll32.exe C:\Program Files (x86)\Stickies\stickies.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\windows\system32\taskeng.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe C:\windows\system32\igfxext.exe C:\windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\windows\system32\sppsvc.exe C:\windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe C:\windows\servicing\TrustedInstaller.exe C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe C:\windows\system32\SearchFilterHost.exe C:\windows\system32\SearchProtocolHost.exe C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.ca/ uDefault_Page_URL = hxxp://samsung.msn.com uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned> BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned> BHO: Samsung BHO Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun uRun: [Google Update] "C:\Users\Tom Cheng\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [Facebook Update] "C:\Users\Tom Cheng\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver uRun: [sansaDispatch] C:\Users\Tom Cheng\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe uRun: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" StartupFolder: C:\Users\TOMCHE~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Tom Cheng\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\TOMCHE~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FACEBO~1.LNK - C:\Users\Tom Cheng\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe StartupFolder: C:\Users\TOMCHE~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\windows\System32\RunDll32.exe StartupFolder: C:\Users\TOMCHE~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Stickies.lnk - C:\Program Files (x86)\Stickies\stickies.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-Explorer: DisallowRun = dword:1 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 TCP: NameServer = 64.71.255.204 64.71.255.198 TCP: Interfaces\{03AC544D-F80A-42BB-A25E-0FDCDE10FDAF} : DHCPNameServer = 64.71.255.204 64.71.255.198 TCP: Interfaces\{6B605ACF-4CA5-47FE-81FB-A4FDA5CA827A} : DHCPNameServer = 64.71.255.204 64.71.255.198 TCP: Interfaces\{6B605ACF-4CA5-47FE-81FB-A4FDA5CA827A}\14C6078616024456C6471602058696 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{6B605ACF-4CA5-47FE-81FB-A4FDA5CA827A}\348656E67623 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{6B605ACF-4CA5-47FE-81FB-A4FDA5CA827A}\751435147414 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{6B605ACF-4CA5-47FE-81FB-A4FDA5CA827A}\F4D6E4F6D6E4F6D6 : DHCPNameServer = 192.168.0.1 Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned> Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll x64-BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned> x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe x64-Run: [Persistence] C:\windows\System32\igfxpers.exe x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned> x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Tom Cheng\AppData\Roaming\Mozilla\Firefox\Profiles\w0j018ao.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.west.net/~stewart/gre/greplan.htm FF - prefs.js: keyword.URL - hxxp://ca.search.yahoo.com/search?fr=mcafee&p= FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\npsitesafety.dll FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Tom Cheng\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll FF - plugin: C:\Users\Tom Cheng\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Users\Tom Cheng\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Tom Cheng\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Users\Tom Cheng\AppData\Roaming\Mozilla\plugins\npo1d.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2013-2-8 71480] R0 Avgloga;AVG Logging Driver;C:\windows\System32\drivers\avgloga.sys [2013-2-8 311096] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2013-2-8 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2013-2-8 45880] R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2011-7-29 25960] R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072] R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2013-2-8 206136] R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2013-3-21 240952] R1 avgtp;avgtp;C:\windows\System32\drivers\avgtpx64.sys [2013-3-21 45856] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\drivers\dtsoftbus01.sys [2011-11-16 279616] R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2011-7-29 13824] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2013-4-8 103472] R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-2-9 343032] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 TurboB;Turbo Boost UI Monitor driver;C:\windows\System32\drivers\TurboB.sys [2010-10-8 19192] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-29 2655768] R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-5-20 1015984] R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2010-11-10 31088] R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-8-23 317440] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-3 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-3 181248] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-7-29 412264] R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 wdkmd;Intel WiDi KMD;C:\windows\System32\drivers\WDKMD.sys [2010-11-30 42392] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-3-1 161384] S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files\BitComet\tools\BitCometService.exe -service --> C:\Program Files\BitComet\tools\BitCometService.exe -service [?] S3 dmvsc;dmvsc;C:\windows\System32\drivers\dmvsc.sys [2010-11-20 71168] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240] S3 Samsung UPD Service;Samsung UPD Service;C:\windows\System32\SUPDSvc.exe [2011-7-29 166704] S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-8 150016] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-10-18 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-06-10 13:25:42 7621368 ----a-w- C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Avg2013\update\backup\avgmfapx.exe 2013-06-03 15:26:16 17993632 ----a-w- C:\Users\Tom Cheng\AdobeAIRInstaller.exe 2013-06-03 12:24:26 22167186 ----a-w- C:\Users\Tom Cheng\anki-2.0.8.exe 2013-06-02 21:19:47 -------- d-----w- C:\Program Files (x86)\ETS 2013-06-02 21:15:24 59584351 ----a-w- C:\Users\Tom Cheng\POWERPREPIIV2_0.exe 2013-05-17 12:40:19 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb 2013-05-16 13:06:14 983400 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys . ==================== Find3M ==================== . 2013-06-12 01:08:07 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-12 01:08:07 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2013-05-20 19:13:52 45856 ----a-w- C:\windows\System32\drivers\avgtpx64.sys 2013-04-13 18:34:51 4987488 ----a-w- C:\SumatraPDF-2.2.1-install.exe 2013-04-13 08:51:57 340719 ---h--w- C:\~WRL0631.tmp 2013-04-13 05:49:23 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll 2013-04-12 14:45:08 1656680 ----a-w- C:\windows\System32\drivers\ntfs.sys 2013-04-10 06:01:54 265064 ----a-w- C:\windows\System32\drivers\dxgmms1.sys 2013-04-10 03:30:50 3153920 ----a-w- C:\windows\System32\win32k.sys 2013-04-09 22:07:18 34702513 ----a-w- C:\inkscape-0.48.4-1-win32.exe 2013-04-09 21:56:45 2524336 ----a-w- C:\AdobeDownloadAssistant.exe 2013-04-05 06:52:14 2242048 ----a-w- C:\windows\System32\wininet.dll 2013-04-05 06:50:36 3958784 ----a-w- C:\windows\System32\jscript9.dll 2013-04-05 06:50:31 67072 ----a-w- C:\windows\System32\iesetup.dll 2013-04-05 06:50:31 136704 ----a-w- C:\windows\System32\iesysprep.dll 2013-04-05 05:28:24 1767424 ----a-w- C:\windows\SysWow64\wininet.dll 2013-04-05 05:26:26 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll 2013-04-05 05:26:21 61440 ----a-w- C:\windows\SysWow64\iesetup.dll 2013-04-05 05:26:21 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll 2013-04-05 04:43:00 2706432 ----a-w- C:\windows\System32\mshtml.tlb 2013-04-05 03:51:11 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe 2013-04-05 03:38:25 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe 2013-04-04 18:50:32 25928 ----a-w- C:\windows\System32\drivers\mbam.sys 2013-03-29 06:53:48 246072 ----a-w- C:\windows\System32\drivers\avgidsdrivera.sys 2013-03-21 07:08:24 240952 ----a-w- C:\windows\System32\drivers\avgtdia.sys 2013-03-19 06:04:06 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe 2013-03-19 05:53:58 48640 ----a-w- C:\windows\System32\wwanprotdim.dll 2013-03-19 05:53:58 230400 ----a-w- C:\windows\System32\wwansvc.dll 2013-03-19 05:46:56 43520 ----a-w- C:\windows\System32\csrsrv.dll 2013-03-19 05:04:13 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe 2013-03-19 05:04:10 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe 2013-03-19 04:47:50 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll 2013-03-19 03:06:33 112640 ----a-w- C:\windows\System32\smss.exe . ============= FINISH: 22:49:16.76 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 14/10/2011 10:25:07 AM System Uptime: 11/06/2013 10:45:13 PM (0 hours ago) . Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | QX311/QX411/QX412/QX511 Processor: Intel® Core i5-2520M CPU @ 2.50GHz | CPU | 2501/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 98 GiB total, 12.909 GiB free. D: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP239: 25/05/2013 2:30:32 PM - Scheduled Checkpoint RP240: 26/05/2013 7:00:07 PM - Windows Backup RP241: 02/06/2013 5:19:42 PM - Installed POWERPREP II RP242: 09/06/2013 6:13:17 PM - Scheduled Checkpoint . ==== Installed Programs ====================== . ?? ??? ?? Windows Live Mesh ActiveX ??? ??? ActiveX ?? Windows Live Mesh ???? ??????? ??????? ???? ??? Windows Live ???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ??????? ???? Windows Live ????? Windows Live ?????? ??????? ?? Windows Live ??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ??????????? ??????? Windows Live Mesh ActiveX ??(????) ??????? Windows Live Mesh ActiveX ??? ???????? ?????????? Windows Live ????????? ActiveX ?? Windows Live Mesh ????????????????????????? (???) ?????????? Windows Live ??????????? ?? Windows Live ActiveX-kontroll för fjärranslutningar för Windows Live Mesh ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ?????? Adobe Acrobat X Pro - English, Français, Deutsch Adobe AIR Adobe Download Assistant Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.01) Agatha Christie - Death on the Nile Apple Application Support Apple Software Update AVG 2013 AVG Security Toolbar „Windows Live Essentials“ „Windows Live Mail“ „Windows Live Mesh ActiveX“ nuotoliniu ryšiu valdiklis „Windows Live Messenger“ „Windows Live“ fotogalerija BatteryLifeExtender Bejeweled 2 Deluxe BitComet 1.29 64-bit BlackBerry Desktop Software 7.1 BlackBerry Device Software Updater Build-a-lot CCleaner ChargeableUSB Chinese Simplified Fonts Support For Adobe Reader 9 Chuzzle Deluxe Contrôle ActiveX Windows Live Mesh pour connexions à distance Control ActiveX de Windows Live Mesh para conexiones remotas Control ActiveX Windows Live Mesh pentru conexiuni la distan?a Controle ActiveX do Windows Live Mesh para Conexões Remotas Controlo ActiveX do Windows Live Mesh para Ligações Remotas CyberLink Media Suite CyberLink Media+ Player10 CyberLink MediaShow CyberLink Power2Go CyberLink PowerDirector CyberLink YouCam D3DX10 DAEMON Tools Lite Diner Dash 2 Restaurant Rescue DivX Web Player Dropbox Easy Content Share Easy Display Manager Easy Migration Easy Network Manager Easy SpeedUp Manager EasyBatteryManager EasyFileShare EndNote X6 Facebook Video Calling 1.2.0.287 FaceGen Exchange v0.5b Fallout 3 Fallout 3 - The Garden of Eden Creation Kit Fallout New Vegas Farm Frenzy Fast Start File Splitter and Joiner (FFSJ v3.3) Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych Fotogalerija Windows Live Galeria de Fotografias do Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live Galerie foto Windows Live Galería fotográfica de Windows Live Google Talk Plugin GraphPad Prism 6 (Trial) HP Officejet Pro 8500 A910 Basic Device Software ImageJ 1.46r Inkscape 0.48.4 Insaniquarium Deluxe Intel PROSet Wireless Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® PROSet/Wireless WiFi Software Intel® Rapid Storage Technology Intel® Turbo Boost Technology Monitor 2.0 Intel® Wireless Display IrfanView (remove only) Ivan Image Converter Java 7 Update 17 Java Auto Updater John Deere Drive Green Junk Mail filter update K-Lite Codec Pack 8.0.0 (Basic) Kontrola Windows Live Mesh ActiveX za daljinske veze Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave Malwarebytes Anti-Malware version 1.75.0.1300 McAfee SiteAdvisor Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Games for Windows - LIVE Redistributable Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Click-to-Run 2010 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Starter 2010 - English Microsoft Office Word MUI (English) 2007 Microsoft PowerPoint Viewer Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Movie Color Enhancer Mozilla Firefox 21.0 (x86 en-GB) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 Multimedia POP Nitro Reader 2 NJStar Chinese WP NVIDIA Display Control Panel NVIDIA Graphics Driver 266.72 NVIDIA Install Application NVIDIA Optimus 1.0.15 NVIDIA Update Components Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojení Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia Peggle Penguins! Plants vs. Zombies Poczta uslugi Windows Live Podstawowe programy Windows Live Polar Golfer Pošta Windows Live POWERPREP II QuickTime Raccolta foto di Windows Live Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Renesas Electronics USB 3.0 Host Controller Driver ResearchSoft Direct Export Helper S?????? f?t???af??? t?? Windows Live Samsung AnyWeb Print Samsung Printer Live Update Samsung Recovery Solution 5 Samsung Support Center Samsung Universal Print Driver Samsung Universal Scan Driver Samsung Update Plus Sansa Updater Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition SketchUp 8 Skype™ 6.3 St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se?? Stickies 7.1b SumatraPDF Synaptics Pointing Device Driver Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) User Guide Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi VC80CRTRedist - 8.0.50727.762 Visual Studio 2008 x64 Redistributables Visual Studio 2010 x64 Redistributables VLC media player 2.0.1 WildTangent Games WildTangent ORB Game Console WinBMA Windows Live Windows Live ?? Windows Live ?? ??? Windows Live ??? Windows Live ???? Windows Live Communications Platform Windows Live Essentials Windows Live Fotótár Windows Live Foto-galerija Windows Live fotoattelu galerija Windows Live Fotogalerie Windows Live Fotogalleri Windows Live Fotogaléria Windows Live Fotograf Galerisi Windows Live Galeria de Fotos Windows Live Galerija fotografija Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger Windows Live Mesh ActiveX-objekt til fjernforbindelser Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz Windows Live Mesh ActiveX control for remote connections Windows Live Mesh ActiveX kontrola za daljinske veze Windows Live Mesh ActiveX vadikla attalajiem savienojumiem Windows Live Meshin etäyhteyksien ActiveX-komponentti Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Pošta Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Parçalar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennustyökalu Windows Liven sähköposti Windows Liven valokuvavalikoima WinRAR 4.10 beta 2 (64-bit) Xvid Video Codec Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 11/06/2013 10:47:34 PM, Error: Service Control Manager [7023] - The WinDefend service terminated with the following error: Access is denied. 11/06/2013 10:46:23 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 11/06/2013 10:45:38 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143. 11/06/2013 10:45:23 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied.. 11/06/2013 10:44:32 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied. 08/06/2013 9:57:11 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 08/06/2013 9:57:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 08/06/2013 9:57:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 08/06/2013 9:57:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 08/06/2013 9:57:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 08/06/2013 9:57:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 08/06/2013 9:57:04 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 08/06/2013 9:56:58 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AVGIDSDriver Avgldx64 Avgtdia CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss SABI spldr tdx VWiFiFlt Wanarpv6 WfpLwf 08/06/2013 9:56:58 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 08/06/2013 9:56:58 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 08/06/2013 9:56:58 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 08/06/2013 9:56:58 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 08/06/2013 9:56:58 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 08/06/2013 9:56:58 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 08/06/2013 9:56:58 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 08/06/2013 9:56:58 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 08/06/2013 9:56:58 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 08/06/2013 9:56:58 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 08/06/2013 9:56:58 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 08/06/2013 9:56:58 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start. 08/06/2013 9:56:58 PM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning. 05/06/2013 5:49:47 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. . ==== End Of File =========================== Thank you very much in advance for all your help!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.