Jump to content


Photo
- - - - -

I'm at Risk! What's the better way to do!?


  • This topic is locked This topic is locked
131 replies to this topic

#61 delacroix

delacroix

    Regular Member

  • Honorary Members
  • PipPip
  • 75 posts

Posted 05 June 2013 - 08:43 AM

are we going to start the process again???

#62 delacroix

delacroix

    Regular Member

  • Honorary Members
  • PipPip
  • 75 posts

Posted 05 June 2013 - 01:48 PM

here's the newly scan Gmer Rootkit Scanner
Attached File  Gmer(june5).txt   391bytes   1 downloads

newly scan FRST64 from your link
Attached File  FRST(june5)outdated.txt   43.9KB   1 downloads

FRST64 from the update option
Attached File  FRST(june5)updated.txt   43.97KB   2 downloads

Addition from the first scan of first
Attached File  Addition.txt   21.03KB   1 downloads

newly scan Malwarebytes Anti-Rootkit
Attached File  system-log(june5).txt   26.16KB   1 downloads

newly scan Farbar Service Scanner
Attached File  FSS(june5).txt   5.39KB   4 downloads

newly scan ESET online scanner
Attached File  ESET(june6).txt   969bytes   2 downloads

#63 delacroix

delacroix

    Regular Member

  • Honorary Members
  • PipPip
  • 75 posts

Posted 05 June 2013 - 01:51 PM

here's the newly scan Gmer Rootkit Scanner
Attached File  Gmer(june5).txt   391bytes   1 downloads

newly scan FRST64 from your link
Attached File  FRST(june5)outdated.txt   43.9KB   1 downloads

FRST64 from the update option
Attached File  FRST(june5)updated.txt   43.97KB   2 downloads

Addition from the first scan of first
Attached File  Addition.txt   21.03KB   1 downloads

newly scan Malwarebytes Anti-Rootkit (Scan Finished: No Malware Found!)
Attached File  system-log(june5).txt   26.16KB   1 downloads

newly scan Farbar Service Scanner
Attached File  FSS(june5).txt   5.39KB   4 downloads

newly scan ESET online scanner
Attached File  ESET(june6).txt   969bytes   2 downloads

#64 delacroix

delacroix

    Regular Member

  • Honorary Members
  • PipPip
  • 75 posts

Posted 05 June 2013 - 09:37 PM

Sir Mairus I can't turn on my windows firewall and windows defender help me please

#65 Psychotic

Psychotic

    Trusted Advisor

  • Trusted Advisors
  • PipPipPipPipPipPip
  • 2,533 posts
  • Gender:Male
  • Location:Germany

Posted 06 June 2013 - 01:08 AM

Hello delacroix,

as I told you in my first reply, do not run any scans I haven´t adviced you to.
Please be more patient with me - I cannot spend you all of my time because I have other uses to reply to.

Your system is free of malware, so the only thing is to clarify why Defender and Firewall won´t come up.

I understand you are worried, but please calm down - we´ll get this fixed.

Open the directory where you stored Malwarebytes´ Anti-Rootkit, go to the "plugins" folder and run fixdamage.exe.
Reboot, run a new scan with Farbar´s Service Scanner and post up the log. ;)
My help is free, however, if you want to support my fight against malware, click here --> Posted Image <--(no worries, every little bit helps)

#66 delacroix

delacroix

    Regular Member

  • Honorary Members
  • PipPip
  • 75 posts

Posted 06 June 2013 - 02:16 AM

Ooooh! Finally you're online
Sorry I just thought I did something wrong and I thought my it was already close

by the way thank you!!

fixdamage.exe DONE!

reboot done

how about the Addition.txt???
Are we going to mark that???

#67 Psychotic

Psychotic

    Trusted Advisor

  • Trusted Advisors
  • PipPipPipPipPipPip
  • 2,533 posts
  • Gender:Male
  • Location:Germany

Posted 06 June 2013 - 02:20 AM

Due to the fact that I live in germany, there are some time zone differences and in addition we had a forum downtime last night.

We don´t need the addition.txt fore now - but the log of FSS.

Reboot, run a new scan with Farbar´s Service Scanner and post up the log. ;)


Please read my instructions completely and follow them.
My help is free, however, if you want to support my fight against malware, click here --> Posted Image <--(no worries, every little bit helps)

#68 delacroix

delacroix

    Regular Member

  • Honorary Members
  • PipPip
  • 75 posts

Posted 06 June 2013 - 02:22 AM

yes sir!!! :D

#69 delacroix

delacroix

    Regular Member

  • Honorary Members
  • PipPip
  • 75 posts

Posted 06 June 2013 - 02:27 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-06-2013 01
Ran by Mariano (administrator) on 06-06-2013 15:23:28
Running from C:\Users\New One\Desktop\Malwarebytes.org
Windows 8 Single Language (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\windows\system32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
(Intel® Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
() C:\windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(AMD) C:\windows\system32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(McAfee, Inc.) c:\PROGRA~1\mcafee.com\agent\mcagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\WINDOWS\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(TypingMaster, Inc) C:\Program Files (x86)\TypingMaster\QuickPhrase\quickphrase.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MsoSync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Farbar) C:\Users\New One\Desktop\Malwarebytes.org\FRST64updated.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6842000 2012-09-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4 [1230992 2012-09-28] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe [5757328 2012-10-20] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4123 2012-05-31] ()
HKLM\...\Run: [BtTray] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe" [763520 2012-08-09] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" [127616 2012-08-09] (Qualcomm Atheros Commnucations)
HKLM\...\Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [511672 2012-11-21] (Acronis)
HKCU\...\Run: [QuickPhrase] "C:\Program Files (x86)\TypingMaster\QuickPhrase\quickphrase.exe" [638992 2007-08-03] (TypingMaster, Inc)
HKCU\...\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [1516632 2012-06-26] (Nokia)
HKCU\...\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot [3573624 2013-04-06] (Tonec Inc.)
MountPoints2: {23069c51-99c2-11e2-be79-9c2a70494ffc} - "E:\AutoRun.exe"
MountPoints2: {23069c99-99c2-11e2-be79-9c2a70494ffc} - "E:\AutoRun.exe"
MountPoints2: {3a09f1c0-cc0b-11e2-bf78-9c2a70494ffb} - "E:\AutoRun.exe"
MountPoints2: {87309e64-9e94-11e2-be9a-9c2a70494ffc} - "E:\AutoRun.exe"
MountPoints2: {8a9a331b-cc3d-11e2-bf83-9c2a70494ffb} - "E:\AutoRun.exe"
MountPoints2: {8a9a3cd1-cc3d-11e2-bf83-9c2a70494ffc} - "E:\AutoRun.exe"
MountPoints2: {8dc86687-a4a0-11e2-bebd-9c2a70494ffc} - "E:\AutoRun.exe"
MountPoints2: {8dc866b8-a4a0-11e2-bebd-9c2a70494ffc} - "E:\AutoRun.exe"
MountPoints2: {baa1027a-95fb-11e2-be75-9c2a70494ffc} - "E:\AutoRun.exe"
MountPoints2: {e274559a-cc1c-11e2-bf7d-9c2a70494ffb} - "E:\AutoRun.exe"
MountPoints2: {e38029c9-97db-11e2-be77-9c2a70494ffc} - "E:\AutoRun.exe"
MountPoints2: {e3802a71-97db-11e2-be77-9c2a70494ffc} - "E:\AutoRun.exe"
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 [277504 2012-07-10] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642728 2012-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [143888 2012-06-02] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1532992 2013-03-13] (McAfee, Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [6010784 2012-11-26] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [941440 2012-07-24] (Acronis)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-05] (Adobe Systems Incorporated)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.myplaycity.com/
HKCU SearchScopes: DefaultScope {A8C4A05F-A0C6-4EF6-8057-8BA987410DEB} URL = http://searchou.com/...a70494ffc&r=437
SearchScopes: HKCU - {90C067CF-1FBC-4CB5-BD99-D5E6BF63A5D8} URL =
SearchScopes: HKCU - {A8C4A05F-A0C6-4EF6-8057-8BA987410DEB} URL = http://searchou.com/...a70494ffc&r=437
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20130606023059.dll (McAfee, Inc.)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20130606023100.dll (McAfee, Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.254

FireFox:
========
FF ProfilePath: C:\Users\New One\AppData\Roaming\Mozilla\Firefox\Profiles\yww2a2lt.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Privitize.com - C:\Users\New One\AppData\Roaming\Mozilla\Firefox\Profiles\yww2a2lt.default\Extensions\ffxtlbr@privitize.com
FF Extension: ftdownloader3 - C:\Users\New One\AppData\Roaming\Mozilla\Firefox\Profiles\yww2a2lt.default\Extensions\ftdownloader3@ftdownloader.com.xpi
FF Extension: socksharedownloader - C:\Users\New One\AppData\Roaming\Mozilla\Firefox\Profiles\yww2a2lt.default\Extensions\socksharedownloader@socksharedownloader.com.xpi
FF Extension: torntv2 - C:\Users\New One\AppData\Roaming\Mozilla\Firefox\Profiles\yww2a2lt.default\Extensions\torntv2@torntv.com.xpi

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (IDM Integration) - C:\Users\New One\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.12.2_0
CHR Extension: (Skype Click to Call) - C:\Users\New One\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0
CHR Extension: (Socksharedownloader) - C:\Users\New One\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.0_0

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [211072 2012-08-09] (Qualcomm Atheros Commnucations)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-27] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [384048 2013-02-25] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-04-10] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-09-01] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1914728 2012-11-26] (SoftThinks SAS)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [75584 2013-04-25] (IObit)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-17] (TuneUp Software)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-08-07] (Atheros)

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-10] (Advanced Micro Devices, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-09] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-26] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
R3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69168 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-21] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-09-21] (Synaptics Incorporated)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [1093256 2013-03-26] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-08-29] (TuneUp Software)
R0 fltsrv; system32\DRIVERS\fltsrv.sys [x]
U3 mfeavfk01; No ImagePath
R0 snapman; system32\DRIVERS\snapman.sys [x]
R0 tdrpman; system32\DRIVERS\tdrpman.sys [x]
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [x]
U3 uxtoypod; \??\C:\Users\NEWONE~1\AppData\Local\Temp\uxtoypod.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-05 23:07 - 2013-06-05 23:07 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-05 15:53 - 2013-06-05 15:55 - 00017238 ____A C:\AdwCleaner[S1].txt
2013-06-05 15:53 - 2013-06-05 15:55 - 00000296 ____A C:\Windows\DeleteOnReboot.bat
2013-06-05 11:29 - 2013-06-05 11:30 - 00000000 ____D C:\Program Files\My Dell
2013-06-05 02:30 - 2013-06-05 02:30 - 00000000 ____D C:\Users\New One\Desktop\Windows 8
2013-06-05 01:19 - 2013-06-05 23:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-06-04 23:31 - 2013-06-04 23:31 - 00000000 ____D C:\FRST
2013-06-04 23:27 - 2013-06-04 23:27 - 00000000 ___RD C:\Users\New One\Documents\Notes
2013-06-04 23:07 - 2013-06-06 11:33 - 00000000 ____D C:\Users\New One\Desktop\Malwarebytes.org
2013-06-03 19:06 - 2013-06-03 19:06 - 00281216 ____A C:\Windows\Minidump\060313-19359-01.dmp
2013-06-03 15:16 - 2013-06-03 15:16 - 00281280 ____A C:\Windows\Minidump\060313-21843-01.dmp
2013-06-03 14:39 - 2013-06-03 14:39 - 00281280 ____A C:\Windows\Minidump\060313-26703-01.dmp
2013-06-03 14:30 - 2013-06-03 14:30 - 00000000 ____D C:\Users\New One\AppData\Roaming\Malwarebytes
2013-06-03 14:30 - 2013-06-03 14:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-03 13:06 - 2013-06-03 13:06 - 00281216 ____A C:\Windows\Minidump\060313-32859-01.dmp
2013-06-03 10:09 - 2013-06-03 10:09 - 00279728 ____A C:\Windows\Minidump\060313-49203-01.dmp
2013-06-03 10:08 - 2013-06-03 10:09 - 00432256 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-02 15:59 - 2013-06-03 19:06 - 00000000 ____D C:\Windows\Minidump
2013-06-02 15:59 - 2013-06-02 16:00 - 00279728 ____A C:\Windows\Minidump\060213-51781-01.dmp
2013-05-25 09:24 - 2013-06-03 19:06 - 330893564 ____A C:\Windows\MEMORY.DMP
2013-05-24 23:00 - 2013-04-09 13:33 - 00489576 ____A (Microsoft Corporation) C:\Windows\System32\AudioEng.dll
2013-05-24 23:00 - 2013-04-09 13:33 - 00446792 ____A (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2013-05-24 23:00 - 2013-04-09 13:33 - 00253544 ____A (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2013-05-24 23:00 - 2013-04-09 13:27 - 00284424 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-05-24 23:00 - 2013-04-09 13:20 - 00306952 ____A (Microsoft Corporation) C:\Windows\System32\kd_02_10ec.dll
2013-05-24 23:00 - 2013-04-09 13:20 - 00086280 ____A (Microsoft Corporation) C:\Windows\System32\kdnet.dll
2013-05-24 23:00 - 2013-04-09 13:18 - 00077960 ____A (Microsoft Corporation) C:\Windows\System32\kdvm.dll
2013-05-24 23:00 - 2013-04-09 13:17 - 01829408 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-05-24 23:00 - 2013-04-09 12:52 - 00816128 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2013-05-24 23:00 - 2013-04-09 12:52 - 00804352 ____A (Microsoft Corporation) C:\Windows\System32\RecoveryDrive.exe
2013-05-24 23:00 - 2013-04-09 12:52 - 00373760 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2013-05-24 23:00 - 2013-04-09 12:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2013-05-24 23:00 - 2013-04-09 12:52 - 00126464 ____A (Microsoft Corporation) C:\Windows\System32\Robocopy.exe
2013-05-24 23:00 - 2013-04-09 12:51 - 14267904 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2013-05-24 23:00 - 2013-04-09 12:51 - 13648384 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-05-24 23:00 - 2013-04-09 12:51 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-05-24 23:00 - 2013-04-09 12:51 - 03552768 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2013-05-24 23:00 - 2013-04-09 12:51 - 00595456 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.dll
2013-05-24 23:00 - 2013-04-09 12:51 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-24 23:00 - 2013-04-09 12:51 - 00456704 ____A (Microsoft Corporation) C:\Windows\System32\wpncore.dll
2013-05-24 23:00 - 2013-04-09 12:51 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-05-24 23:00 - 2013-04-09 12:51 - 00367616 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-05-24 23:00 - 2013-04-09 12:51 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wscsvc.dll
2013-05-24 23:00 - 2013-04-09 12:50 - 02107904 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2013-05-24 23:00 - 2013-04-09 12:50 - 01285632 ____A (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2013-05-24 23:00 - 2013-04-09 12:50 - 00745984 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2013-05-24 23:00 - 2013-04-09 12:50 - 00435200 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2013-05-24 23:00 - 2013-04-09 12:50 - 00422400 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-05-24 23:00 - 2013-04-09 12:50 - 00414720 ____A (Microsoft Corporation) C:\Windows\System32\GenuineCenter.dll
2013-05-24 23:00 - 2013-04-09 12:50 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
2013-05-24 23:00 - 2013-04-09 12:50 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2013-05-24 23:00 - 2013-04-09 12:50 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\msshooks.dll
2013-05-24 23:00 - 2013-04-09 12:49 - 01444864 ____A (Microsoft Corporation) C:\Windows\System32\MSAudDecMFT.dll
2013-05-24 23:00 - 2013-04-09 12:49 - 00817152 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2013-05-24 23:00 - 2013-04-09 12:49 - 00468992 ____A (Microsoft Corporation) C:\Windows\System32\MFMediaEngine.dll
2013-05-24 23:00 - 2013-04-09 12:49 - 00281088 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2013-05-24 23:00 - 2013-04-09 12:49 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\fhengine.dll
2013-05-24 23:00 - 2013-04-09 12:49 - 00210432 ____A (Microsoft Corporation) C:\Windows\System32\iuilp.dll
2013-05-24 23:00 - 2013-04-09 12:49 - 00196096 ____A (Microsoft Corporation) C:\Windows\System32\dmvdsitf.dll
2013-05-24 23:00 - 2013-04-09 12:49 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\dwmredir.dll
2013-05-24 23:00 - 2013-04-09 12:49 - 00050176 ____A (Microsoft Corporation) C:\Windows\System32\fmifs.dll
2013-05-24 23:00 - 2013-04-09 12:48 - 02303488 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-24 23:00 - 2013-04-09 12:48 - 00785408 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2013-05-24 23:00 - 2013-04-09 12:48 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-05-24 23:00 - 2013-04-09 12:48 - 00169472 ____A (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
2013-05-24 23:00 - 2013-04-09 10:35 - 04038144 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-24 23:00 - 2013-04-09 10:34 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2013-05-24 23:00 - 2013-04-09 10:34 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-05-24 23:00 - 2013-04-09 10:34 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-05-24 23:00 - 2013-04-09 10:33 - 00623104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2013-05-24 23:00 - 2013-04-09 10:33 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2013-05-24 23:00 - 2013-04-09 10:32 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2013-05-24 23:00 - 2013-04-09 10:31 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-05-24 23:00 - 2013-04-09 10:31 - 00083456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2013-05-24 23:00 - 2013-04-09 07:44 - 00123880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2013-05-24 23:00 - 2013-04-09 07:39 - 01408896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-05-24 23:00 - 2013-04-09 07:37 - 00426024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2013-05-24 23:00 - 2013-04-09 07:37 - 00324368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-05-24 23:00 - 2013-04-09 05:52 - 11878912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-05-24 23:00 - 2013-04-09 05:52 - 00670208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-05-24 23:00 - 2013-04-09 05:52 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-24 23:00 - 2013-04-09 05:52 - 00302592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-05-24 23:00 - 2013-04-09 05:52 - 00171008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-05-24 23:00 - 2013-04-09 05:52 - 00106496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2013-05-24 23:00 - 2013-04-09 05:51 - 10789888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 02767360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 02035200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 01593344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 01113600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 00659456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 00656896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 00403968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-05-24 23:00 - 2013-04-09 05:51 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 00324096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 00268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 00214528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 00186880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 00155648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 00035328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2013-05-24 23:00 - 2013-04-09 05:51 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2013-05-24 23:00 - 2013-04-05 07:30 - 00503080 ____A (Microsoft Corporation) C:\Windows\System32\ci.dll
2013-05-24 23:00 - 2013-04-03 06:08 - 00387688 ____A C:\Windows\System32\ApnDatabase.xml
2013-05-24 23:00 - 2013-03-31 02:16 - 01403784 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-05-24 23:00 - 2013-03-31 02:16 - 01267424 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-05-24 23:00 - 2013-03-29 06:09 - 01217328 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-05-24 23:00 - 2013-03-29 06:09 - 01093880 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-05-24 23:00 - 2013-03-16 06:05 - 00298456 ____A (Microsoft Corporation) C:\Windows\System32\rsaenh.dll
2013-05-24 23:00 - 2013-03-16 06:05 - 00252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2013-05-24 23:00 - 2012-12-13 12:00 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-05-24 23:00 - 2012-12-13 11:59 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-05-18 00:47 - 2013-04-10 07:17 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-18 00:47 - 2013-04-10 07:17 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-18 00:47 - 2013-04-10 07:17 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-18 00:47 - 2013-04-10 07:17 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-05-18 00:47 - 2013-04-10 07:17 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-18 00:47 - 2013-04-10 07:17 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-18 00:47 - 2013-04-10 07:16 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-18 00:47 - 2013-04-10 07:16 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-18 00:47 - 2013-04-10 07:16 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-18 00:47 - 2013-04-10 07:16 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-18 00:47 - 2013-04-10 06:30 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-18 00:47 - 2013-04-10 06:30 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-18 00:47 - 2013-04-10 06:29 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-18 00:47 - 2013-04-10 06:29 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-18 00:47 - 2013-04-10 06:29 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-18 00:47 - 2013-04-10 06:29 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-18 00:47 - 2013-04-10 06:29 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-18 00:47 - 2013-04-10 06:29 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-18 00:20 - 2013-03-06 15:10 - 00112872 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-18 00:20 - 2013-03-06 14:31 - 19758592 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-18 00:20 - 2013-03-06 14:31 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-18 00:20 - 2013-03-06 14:29 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-18 00:20 - 2013-03-06 13:03 - 17561600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-18 00:20 - 2013-03-06 13:03 - 00199168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-18 00:12 - 2013-03-22 11:49 - 02382336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-05-18 00:12 - 2013-03-22 06:47 - 02851840 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2013-05-17 23:26 - 2013-04-11 14:40 - 06987528 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-05-17 21:52 - 2013-04-16 10:34 - 01455368 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-17 20:18 - 2013-03-15 08:17 - 00861184 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2013-05-16 21:57 - 2013-05-23 02:38 - 00000000 ____D C:\Users\New One\Downloads\Pop-up Card
2013-05-16 14:57 - 2013-05-16 14:57 - 00000000 __SHD C:\System Recovery
2013-05-16 14:03 - 2013-05-16 14:03 - 00000000 ___AH C:\Users\New One\Documents\Default.rdp
2013-05-08 20:48 - 2013-05-08 20:48 - 00000304 ____A C:\Users\New One\Downloads\CD Drive - Shortcut.lnk

==================== One Month Modified Files and Folders =======

2013-06-06 15:18 - 2013-03-26 11:05 - 01791169 ____A C:\Windows\WindowsUpdate.log
2013-06-06 15:16 - 2013-01-02 21:49 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2013-06-06 15:11 - 2013-03-26 12:05 - 00000906 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-06 15:07 - 2013-03-26 12:05 - 00000910 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-06 15:00 - 2013-03-26 11:04 - 00000000 ____D C:\Users\New One\Documents\Bluetooth Folder
2013-06-06 15:00 - 2012-07-26 16:12 - 00000000 ____D C:\Windows\System32\sru
2013-06-06 14:28 - 2013-04-28 16:42 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-06 12:00 - 2013-04-06 10:23 - 00000000 ____D C:\Users\New One\AppData\Roaming\DMCache
2013-06-06 11:33 - 2013-06-04 23:07 - 00000000 ____D C:\Users\New One\Desktop\Malwarebytes.org
2013-06-06 02:31 - 2013-04-13 23:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-05 23:07 - 2013-06-05 23:07 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-05 23:03 - 2013-06-05 01:19 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-06-05 16:47 - 2012-07-26 15:28 - 00850046 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-05 16:41 - 2013-04-06 18:32 - 00000000 ____D C:\Users\New One\Downloads\Sketchup
2013-06-05 16:41 - 2013-04-06 18:28 - 00000000 ____D C:\Users\New One\Downloads\Games
2013-06-05 16:41 - 2013-04-06 00:41 - 00000000 ____D C:\Users\New One\Downloads\Applications
2013-06-05 15:59 - 2012-07-26 15:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-05 15:57 - 2013-01-02 23:17 - 00074326 ____A C:\Windows\PFRO.log
2013-06-05 15:55 - 2013-06-05 15:53 - 00017238 ____A C:\AdwCleaner[S1].txt
2013-06-05 15:55 - 2013-06-05 15:53 - 00000296 ____A C:\Windows\DeleteOnReboot.bat
2013-06-05 14:46 - 2012-07-26 15:21 - 00034403 ____A C:\Windows\setupact.log
2013-06-05 12:34 - 2012-07-26 16:12 - 00000000 ____D C:\Windows\System32\NDF
2013-06-05 11:30 - 2013-06-05 11:29 - 00000000 ____D C:\Program Files\My Dell
2013-06-05 11:30 - 2013-01-02 21:41 - 00000000 ____D C:\Program Files\Dell Support Center
2013-06-05 11:29 - 2013-01-02 21:41 - 00000000 ____D C:\ProgramData\PCDr
2013-06-05 08:40 - 2013-04-06 10:23 - 00000000 ____D C:\Users\New One\Downloads\Compressed
2013-06-05 02:30 - 2013-06-05 02:30 - 00000000 ____D C:\Users\New One\Desktop\Windows 8
2013-06-05 01:26 - 2013-04-02 00:11 - 00000000 ____D C:\Users\New One\AppData\Local\CrashDumps
2013-06-05 01:22 - 2012-07-26 16:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-06-05 01:08 - 2013-03-26 12:09 - 00002145 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-04 23:31 - 2013-06-04 23:31 - 00000000 ____D C:\FRST
2013-06-04 23:27 - 2013-06-04 23:27 - 00000000 ___RD C:\Users\New One\Documents\Notes
2013-06-03 19:14 - 2011-09-15 13:51 - 00000000 ____D C:\Users\New One\Documents\guitar help
2013-06-03 19:06 - 2013-06-03 19:06 - 00281216 ____A C:\Windows\Minidump\060313-19359-01.dmp
2013-06-03 19:06 - 2013-06-02 15:59 - 00000000 ____D C:\Windows\Minidump
2013-06-03 19:06 - 2013-05-25 09:24 - 330893564 ____A C:\Windows\MEMORY.DMP
2013-06-03 15:16 - 2013-06-03 15:16 - 00281280 ____A C:\Windows\Minidump\060313-21843-01.dmp
2013-06-03 14:39 - 2013-06-03 14:39 - 00281280 ____A C:\Windows\Minidump\060313-26703-01.dmp
2013-06-03 14:30 - 2013-06-03 14:30 - 00000000 ____D C:\Users\New One\AppData\Roaming\Malwarebytes
2013-06-03 14:30 - 2013-06-03 14:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-03 13:06 - 2013-06-03 13:06 - 00281216 ____A C:\Windows\Minidump\060313-32859-01.dmp
2013-06-03 12:59 - 2012-07-26 13:26 - 00524288 __ASH C:\Windows\System32\config\BBI
2013-06-03 10:09 - 2013-06-03 10:09 - 00279728 ____A C:\Windows\Minidump\060313-49203-01.dmp
2013-06-03 10:09 - 2013-06-03 10:08 - 00432256 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-02 22:24 - 2013-03-26 11:02 - 00000000 ____D C:\users\New One
2013-06-02 22:06 - 2013-04-06 00:08 - 00000000 ____D C:\Users\New One\Desktop\Games
2013-06-02 17:09 - 2012-07-26 16:12 - 00000000 ____D C:\Windows\rescache
2013-06-02 16:55 - 2013-03-26 11:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-02 16:05 - 2012-07-26 13:26 - 00262144 __ASH C:\Windows\System32\config\ELAM
2013-06-02 16:00 - 2013-06-02 15:59 - 00279728 ____A C:\Windows\Minidump\060213-51781-01.dmp
2013-05-25 09:21 - 2012-07-26 16:12 - 00000000 ___RD C:\Windows\ToastData
2013-05-25 09:21 - 2012-07-26 16:12 - 00000000 ____D C:\Windows\WinStore
2013-05-24 23:07 - 2013-04-13 00:59 - 00000000 ____D C:\Users\New One\AppData\Roaming\ConverterLite
2013-05-24 19:57 - 2013-04-02 01:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-05-23 14:00 - 2013-04-03 02:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-23 10:08 - 2013-04-28 16:25 - 00000000 ____D C:\Users\New One\AppData\Roaming\IDM
2013-05-23 02:38 - 2013-05-16 21:57 - 00000000 ____D C:\Users\New One\Downloads\Pop-up Card
2013-05-18 07:47 - 2013-03-26 12:58 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-17 05:14 - 2013-01-02 21:46 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-05-16 15:08 - 2012-07-26 16:12 - 00000000 ____D C:\Windows\System32\Recovery
2013-05-16 14:57 - 2013-05-16 14:57 - 00000000 __SHD C:\System Recovery
2013-05-16 14:03 - 2013-05-16 14:03 - 00000000 ___AH C:\Users\New One\Documents\Default.rdp
2013-05-13 14:26 - 2013-04-04 02:05 - 00000000 ____D C:\Program Files (x86)\GameTop.com
2013-05-11 18:19 - 2013-03-26 11:04 - 00000000 ____D C:\Users\New One\AppData\Roaming\Atheros
2013-05-11 11:38 - 2013-04-06 00:20 - 00000000 ____D C:\Users\New One\AppData\Roaming\TypingMaster7
2013-05-10 14:15 - 2013-04-13 18:35 - 00000000 ____D C:\Users\New One\Documents\Archi' Files
2013-05-08 20:48 - 2013-05-08 20:48 - 00000304 ____A C:\Users\New One\Downloads\CD Drive - Shortcut.lnk
2013-05-08 04:07 - 2012-07-26 16:14 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-08 04:07 - 2012-07-26 16:14 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


Last Boot: 2013-06-03 13:24

==================== End Of Log ============================

#70 Psychotic

Psychotic

    Trusted Advisor

  • Trusted Advisors
  • PipPipPipPipPipPip
  • 2,533 posts
  • Gender:Male
  • Location:Germany

Posted 06 June 2013 - 02:31 AM

Again: Read my instructions carefully!

You should run Farbar´s Service Scanner, not Farbar´s Recovery Scan Tool!
My help is free, however, if you want to support my fight against malware, click here --> Posted Image <--(no worries, every little bit helps)

#71 delacroix

delacroix

    Regular Member

  • Honorary Members
  • PipPip
  • 75 posts

Posted 06 June 2013 - 02:40 AM

Sorry sorry


Farbar Service Scanner Version: 31-05-2013 01
Ran by Mariano (administrator) on 06-06-2013 at 15:39:32
Running from "C:\Users\New One\Desktop\Malwarebytes.org"
Windows 8 Single Language (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-04-28 17:38] - [2013-03-02 17:59] - 2231528 ____A (Microsoft Corporation) B6D52E2C38B49A156E58FF5B9C6CA8BE

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll
[2013-05-24 23:00] - [2013-04-09 12:51] - 0099840 ____A (Microsoft Corporation) 012CFE7F0F95266F554EE3B91EE2128A

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2013-04-28 17:38] - [2013-03-02 10:45] - 3240448 ____A (Microsoft Corporation) 79F95469604B77296346DE7DB463EA2A

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll
[2013-03-26 13:42] - [2013-01-29 07:08] - 1555920 ____A (Microsoft Corporation) 905601FFF40D8DA9FA82CBE77D1F5EB1

C:\Program Files\Windows Defender\MsMpEng.exe
[2013-03-26 13:42] - [2013-01-29 09:57] - 0014920 ____A (Microsoft Corporation) 473B9548568BA927ACE0B77EC208A561

C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#72 Psychotic

Psychotic

    Trusted Advisor

  • Trusted Advisors
  • PipPipPipPipPipPip
  • 2,533 posts
  • Gender:Male
  • Location:Germany

Posted 06 June 2013 - 02:46 AM

Now,
Check for missing or disabled Windows services, by doing the following, and post detailed results when done !!
On Windows 8, press Windows-key+D and type in MSCONFIG
On Vista or Windows 7, press Windows-key on keybooard, and type in MSCONFIG

You should see the General tab. Click the General tab. It should have Normal startup selected (in the radio-box=selection)
IF it does not, then you click on Normal startup.

Click on Services tab. To get it's display of services.
Keep a written list of any changes from my list of services below. That way you and I have a reference document.
Look at the bottom line Hide all Microsoft services
IF and only IF its is checkmarked, then un-check it.
the list of servies may be shown in non-alphabetical order, so ....
Look at the heading titled "Service". Click on it as needed so the list is sorted and top of list starts with the "A" services.
You can toggle as needed to get the desired order.
IF any of below services are NOT shown, don't panic & do not stop, just write down the info for me and proceed with the others !
Then using the scroll-bar scroll down the list
Look for Background Intelligent Transfer Service. Is it shown? Is it checked? If not, click on that checkbox to checkmark.
Look for Base Filtering Engine. Is it shown? Is it checked? If not, click on that checkbox to checkmark.
Look for COM+ Event System. Is it shown? Is it checked? If not, click on that checkbox to checkmark.
Look for COM+ System Application. Is it shown? Is it checked? If not, click on that checkbox to checkmark.
Look for Cryptographic Services. Is it shown? Is it checked? If not, click on that checkbox to checkmark.
Look for Ipsec Policy Agent. Is it shown? Is it checked? If not, click on that checkbox to checkmark.
Look for Remote Procedure Call (RPC) Locator. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.
Look for RPC Endpoint Mapper. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.
Look for Windows Firewall. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.
Look for Windows Installer. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.
Look for Windows Management Instrumentation. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.
Look for Windows Update. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

When done, press the Apply button, and the OK button.
You're likely to be prompted to Restart Windows, do so.
If not prompted, you do a Logoff and Restart of Windows.
Then report back here with details.
If any of the services are not shown, just let me know which.
My help is free, however, if you want to support my fight against malware, click here --> Posted Image <--(no worries, every little bit helps)

#73 delacroix

delacroix

    Regular Member

  • Honorary Members
  • PipPip
  • 75 posts

Posted 06 June 2013 - 03:09 AM

everything is there I checked them twice

but the status of some of them says STOPPED

#74 Psychotic

Psychotic

    Trusted Advisor

  • Trusted Advisors
  • PipPipPipPipPipPip
  • 2,533 posts
  • Gender:Male
  • Location:Germany

Posted 06 June 2013 - 03:12 AM

were all of them checked/marked?
My help is free, however, if you want to support my fight against malware, click here --> Posted Image <--(no worries, every little bit helps)

#75 delacroix

delacroix

    Regular Member

  • Honorary Members
  • PipPip
  • 75 posts

Posted 06 June 2013 - 03:15 AM

yes, all them. actually I just look at them
they're all on the right setting
I also reboot it

#76 Psychotic

Psychotic

    Trusted Advisor

  • Trusted Advisors
  • PipPipPipPipPipPip
  • 2,533 posts
  • Gender:Male
  • Location:Germany

Posted 06 June 2013 - 03:16 AM

press Windows-Key + D, write services.msc.
Search the above listed services, rightclick them and select run - what happens?
My help is free, however, if you want to support my fight against malware, click here --> Posted Image <--(no worries, every little bit helps)

#77 delacroix

delacroix

    Regular Member

  • Honorary Members
  • PipPip
  • 75 posts

Posted 06 June 2013 - 03:21 AM

I keep on trying to "press Windows-Key + D"

it just minimize the tab

as what I knowWindows-Key + R

is that alright?

#78 Psychotic

Psychotic

    Trusted Advisor

  • Trusted Advisors
  • PipPipPipPipPipPip
  • 2,533 posts
  • Gender:Male
  • Location:Germany

Posted 06 June 2013 - 03:24 AM

thought you have Windows 8...

Windows 8 Single Language (X64)


Well then, it´s Windows + R for you...
My help is free, however, if you want to support my fight against malware, click here --> Posted Image <--(no worries, every little bit helps)

#79 delacroix

delacroix

    Regular Member

  • Honorary Members
  • PipPip
  • 75 posts

Posted 06 June 2013 - 03:39 AM

Base Filtering Engine

Windows could not start the Base Filtering Engine service on Local Computer.

Error 1290: The service start failed since one or more services in the same process have an incompatible service SID type setting. A service with restricted service SID type can only coexist an the same process with other services with a restricted SID type. If the service SID type for this service was just configured, the hosting process must be restarted in order to start this service.



IPsec Policy Agent

Windows could not start the IPsec Policy Agent service on Local Computer.

Error 1068: The dependency service or group failed to start.



Windows Firewall


Windows could not start the Windows Firewall service on Local Computer.

Error 1068: The dependency service or group failed to start.



#80 Psychotic

Psychotic

    Trusted Advisor

  • Trusted Advisors
  • PipPipPipPipPipPip
  • 2,533 posts
  • Gender:Male
  • Location:Germany

Posted 06 June 2013 - 03:41 AM

Please download Windows Repair (all in one) from here.

Install the program then run it.

Go to step 2 and allow it to run Disk check.

Posted Image

Once that is done then go to step 3 and allow it to run SFC

Posted Image


On the the Start Repairs tab, unselect all.

Check only the following:


  • Reset Registry Permissions
  • Reset File Permissions
  • Register System Files
  • Windows Firewall
  • Repair Windows Updates
  • Remove policies set by infections
then click on Start

DON'T use the computer while each scan is in progress.

Restart may be needed to finish the repair procedure.

Let me know how that worked out for you.
My help is free, however, if you want to support my fight against malware, click here --> Posted Image <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users