ineedhelp11

Couldn’t hibernate? Malware related? Avg search?

8 posts in this topic

I started having problems with not being able to hibernate with the hibernate button. It was around same time I was trying to get search engines that creeped onto my system like avg search and so on. I tried registry fix apps, Microsoft Security Essentials, Malwarebytes. They didn’t help. Can somebody help me?

Share this post


Link to post
Share on other sites

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Share this post


Link to post
Share on other sites

hi.

just an update on my situation, i needed to gain access to my os for use before so i used combofix and tdsskiller. and i was able to access safe mode with domain controller and i was able to do a lot of what i can do in normal 7 os mode. just wanted this to be noted.

Share this post


Link to post
Share on other sites

in addition, the problem have escalated to where i couldn't access my normal win 7 os but i have been able to access safe mode with domain controller.

Share this post


Link to post
Share on other sites

.

DDS (Ver_2011-08-26.01) - NTFSAMD64 DSREPAIR

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26

Run by founder7231 at 23:38:35 on 2012-06-16

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.2113 [GMT -4:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Norton Internet Security *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe

C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe

C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe

C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe

C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe

C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k regsvc

C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe

C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe

C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

c:\program files (x86)\real\realplayer\update\realsched.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe

C:\Windows\splwow64.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\System32\svchost.exe -k netsvcs

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\LogonUI.exe

C:\Windows\system32\wuauclt.exe

c:\program files (x86)\real\realplayer\RealPlay.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

uInternet Settings,ProxyOverride = *.local

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: InfoAtoms Client: {103089da-0f31-4a8b-843f-7d24a7fe8345} - C:\Program Files (x86)\InfoAtoms\IE32\bho32.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL

BHO: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: IMinent WebBooster (BHO): {a09ab6eb-31b5-454c-97ec-9b294d92ee2a} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll

BHO: Wajam: {a7a6995d-6ee1-4fd1-a258-49395d5bf99c} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Updater For Simppull Toolbar: {c4b8bab4-1667-11df-a242-ba9455d89593} - C:\Program Files (x86)\simppulltoolbar\auxi\simppulltoolbAu.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No File

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll

TB: {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

uRun: [VueMinder] "C:\Program Files (x86)\VueSoft\VueMinder\VueMinder.exe" 1

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe

mRun: [inCD] C:\Program Files (x86)\Ahead\InCD\InCD.exe

mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [iTurbo] C:\Program Files (x86)\iNTERNET Turbo\ITTray.exe

mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\update\realsched.exe" -osboot

StartupFolder: C:\Users\FOUNDE~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

mPolicies-explorer: HideSCAHealth = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL

DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{DBA49E91-4F47-4D6F-A324-9758D022C244} : DhcpNameServer = 192.168.1.1 192.168.1.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: klartew - C:\Windows\system32\config\systemprofile\AppData\Local\klartew.dll

BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO-X64: 0x1 - No File

BHO-X64: InfoAtoms Client: {103089DA-0F31-4A8B-843F-7D24A7FE8345} - C:\Program Files (x86)\InfoAtoms\IE32\bho32.dll

BHO-X64: InfoAtoms Client - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll

BHO-X64: Babylon toolbar helper - No File

BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll

BHO-X64: Symantec NCO BHO - No File

BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL

BHO-X64: Symantec Intrusion Prevention - No File

BHO-X64: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File

BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: IMinent WebBooster (BHO): {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll

BHO-X64: IMinent WebBooster - No File

BHO-X64: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll

BHO-X64: Wajam IE BHO - No File

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Updater For Simppull Toolbar: {C4B8BAB4-1667-11DF-A242-BA9455D89593} - C:\Program Files (x86)\simppulltoolbar\auxi\simppulltoolbAu.dll

BHO-X64: Updater For Simppull Toolbar - No File

BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO-X64: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll

BHO-X64: WeCareReminder - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No File

TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll

TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB-X64: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll

TB-X64: {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe

mRun-x64: [inCD] C:\Program Files (x86)\Ahead\InCD\InCD.exe

mRun-x64: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun-x64: [iTurbo] C:\Program Files (x86)\iNTERNET Turbo\ITTray.exe

mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\update\realsched.exe" -osboot

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\founder7231\AppData\Roaming\Mozilla\Firefox\Profiles\qaf8rdjb.default\

FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=109221&tt=060612_6_&babsrc=KW_ss&mntrId=b4cfeb9f0000000000004487fc753e85&q=

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Program Files (x86)\Downloader\npdd.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPAdbESD.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll

FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\founder7231\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Users\founder7231\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Users\founder7231\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109221&tt=060612_6_

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.id - b4cfeb9f0000000000004487fc753e85

FF - user.js: extensions.BabylonToolbar_i.hardId - b4cfeb9f0000000000004487fc753e85

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15502

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1714:28:55

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - base

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

FF - user.js: extentions.y2layers.installId - 540656fd-eeb9-4579-8f2e-0981410530ae

FF - user.js: extentions.y2layers.defaultEnableAppsList - ezLooker,pagerage,buzzdock,toprelatedtopics,twittube

FF - user.js: extensions.autoDisableScopes - 14

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2004-9-23 26720]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1008000.029\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1008000.029\SYMEFA64.SYS [?]

R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]

R1 BHDrvx64;Symantec Heuristics Driver;C:\Windows\system32\Drivers\NISx64\1008000.029\BHDrvx64.sys --> C:\Windows\system32\Drivers\NISx64\1008000.029\BHDrvx64.sys [?]

R1 ccHP;Symantec Hash Provider;C:\Windows\system32\Drivers\NISx64\1008000.029\ccHPx64.sys --> C:\Windows\system32\Drivers\NISx64\1008000.029\ccHPx64.sys [?]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100518.002\IDSviA64.sys [2010-5-24 463408]

R2 Amazon Download Agent;Amazon Download Agent;C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2011-5-29 401920]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-4-6 44768]

R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-6-15 249648]

R2 Greg_Service;GRegService;C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [2009-8-28 1150496]

R2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-3-12 86016]

R2 mi-raysat_3dsmax2010_64;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit;C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe [2009-3-12 86016]

R2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-2-22 86016]

R2 Norton Internet Security;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe [2010-5-24 117640]

R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe [2012-6-5 135608]

R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe [2012-6-5 126392]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]

R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-2-11 3027840]

R2 Updater Service;Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2009-10-29 240160]

R2 WajamUpdater;WajamUpdater;C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [2012-3-9 109064]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

S0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-11 135664]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-7-7 195336]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-7-2 1431888]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-11 135664]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 113120]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 SYMNDISV;Symantec Network Filter Driver;C:\Windows\system32\Drivers\NISx64\1008000.029\SYMNDISV.SYS --> C:\Windows\system32\Drivers\NISx64\1008000.029\SYMNDISV.SYS [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-06-17 02:10:39 -------- d-----w- C:\Users\founder7231\AppData\Local\{60AF3DD9-51FE-46C8-8021-710445403009}

2012-06-16 20:42:39 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{835B9749-BA47-4BF9-B9B8-77DC303A2ED6}\mpengine.dll

2012-06-16 13:21:18 8955792 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-06-15 19:10:56 -------- d-----w- C:\Users\founder7231\AppData\Local\{C7F7A1FC-C083-4107-88CA-EE01AFA32C2D}

2012-06-15 17:49:32 -------- d-----w- C:\ProgramData\YTD YouTube Downloader & Converter

2012-06-15 13:26:05 -------- d-----w- C:\$RECYCLE.BIN

2012-06-14 03:49:40 -------- d-----w- C:\Users\founder7231\AppData\Local\{AC87CD30-8C6D-4551-97DF-BFB699D8DB4E}

2012-06-13 17:06:27 -------- d-----w- C:\Users\founder7231\AppData\Local\{7E32244F-103F-42C6-BC8E-FC8650E4C88B}

2012-06-13 17:06:17 -------- d-----w- C:\Users\founder7231\AppData\Local\{0A4DB3CD-6957-4809-A1CE-14DD44548E0B}

2012-06-12 23:46:02 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-06-12 23:46:02 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-06-12 23:46:01 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-06-12 23:37:31 -------- d-----w- C:\Users\founder7231\AppData\Local\{984ED677-C2C1-4EED-A5E3-2BA1886D6767}

2012-06-12 23:37:20 -------- d-----w- C:\Users\founder7231\AppData\Local\{A5840FFB-F918-4BDF-BF36-5E4244F7F121}

2012-06-12 03:32:34 -------- d-----w- C:\Users\founder7231\AppData\Local\{6BD8812A-DAFD-4C43-82BD-6D62BF38E58F}

2012-06-12 03:32:23 -------- d-----w- C:\Users\founder7231\AppData\Local\{72AAF5E9-7743-4E6F-A479-2F4901057D5C}

2012-06-11 18:29:20 -------- d-----w- C:\Program Files (x86)\Yontoo

2012-06-11 18:29:19 -------- d-----w- C:\ProgramData\Tarma Installer

2012-06-11 18:29:05 -------- d-----w- C:\Users\founder7231\AppData\Roaming\BabylonToolbar

2012-06-11 18:28:55 -------- d-----w- C:\Program Files (x86)\BabylonToolbar

2012-06-11 18:25:11 -------- d-----w- C:\Program Files (x86)\1ClickDownload

2012-06-11 18:01:46 -------- d-----w- C:\TDSSKiller_Quarantine

2012-06-11 01:15:25 -------- d-----w- C:\Users\founder7231\AppData\Local\Innovative Solutions

2012-06-11 01:15:22 -------- d-----w- C:\Program Files (x86)\Innovative Solutions

2012-06-11 01:15:18 -------- d-----w- C:\Users\founder7231\AppData\Local\AVG Secure Search

2012-06-11 01:15:14 -------- d-----w- C:\ProgramData\AVG Secure Search

2012-06-11 01:15:03 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search

2012-06-11 01:15:03 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

2012-06-11 00:37:44 -------- d-----w- C:\Windows\pss

2012-06-10 23:51:42 -------- d-----w- C:\Users\founder7231\AppData\Local\{91D1F959-7B99-4B86-A898-F974EBEF0617}

2012-06-10 23:18:26 -------- d-----w- C:\Users\founder7231\AppData\Local\{8DA04061-DFEB-4286-AB90-5DC4FC9542D6}

2012-06-10 22:33:44 -------- d-----w- C:\Users\founder7231\AppData\Local\{25EBDDF9-E72B-4B9E-9463-F3EBE20AD9C1}

2012-06-10 21:55:02 -------- d-----w- C:\Users\founder7231\AppData\Local\Symantec

2012-06-10 13:30:19 -------- d-----w- C:\windows 7

2012-06-10 07:10:06 -------- d-----w- C:\Users\founder7231\AppData\Local\{8DD55F99-E637-4D7A-B3F2-B4E5A9B9ECEC}

2012-06-10 07:09:53 -------- d-----w- C:\Users\founder7231\AppData\Local\{6143E9F0-FA06-419D-99E6-C987052E03E7}

2012-06-10 06:27:20 -------- d-----w- C:\Users\founder7231\AppData\Local\{C9A39B76-D6E1-4205-B588-A358CC82558B}

2012-06-10 06:27:10 -------- d-----w- C:\Users\founder7231\AppData\Local\{B6CBAC8E-93CE-4E81-A27F-677EF0E55B5F}

2012-06-10 06:21:50 -------- d-----w- C:\Users\founder7231\AppData\Local\{4BB96227-FCC0-4E21-88B1-E9F049951D25}

2012-06-10 06:21:39 -------- d-----w- C:\Users\founder7231\AppData\Local\{0DFA2AA3-D0C7-4EBD-A77D-397144069CE1}

2012-06-09 21:05:05 -------- d-----w- C:\Users\founder7231\AppData\Local\{44983D61-5A9D-4090-B99B-60B7B89106B1}

2012-06-09 21:04:55 -------- d-----w- C:\Users\founder7231\AppData\Local\{C8ED6084-56D7-4121-B1D6-9FB2F49CD40B}

2012-06-08 13:34:53 -------- d-----w- C:\Users\founder7231\AppData\Local\{329FD66F-68D5-493B-AFAE-4030119544BD}

2012-06-08 13:34:37 -------- d-----w- C:\Users\founder7231\AppData\Local\{97AD1485-42CF-489B-9657-A483CCD0419E}

2012-06-08 13:23:04 -------- d-----w- C:\Users\founder7231\AppData\Local\{26F234E3-E96A-4B85-94E4-330145994FF4}

2012-06-08 13:05:42 -------- d-----w- C:\Users\founder7231\AppData\Local\{B1C7A80F-C1A6-4ED0-B217-1340AC8ACA39}

2012-06-08 13:05:30 -------- d-----w- C:\Users\founder7231\AppData\Local\{FEC53763-721A-42FB-9671-D3E5C263E5E0}

2012-06-08 13:01:50 -------- d-----w- C:\ProgramData\blekko toolbars

2012-06-08 13:01:30 -------- d-----w- C:\Program Files (x86)\Free Window Registry Repair

2012-06-08 13:01:24 -------- d-----w- C:\Program Files (x86)\blekkotb_031

2012-06-08 13:01:22 -------- d-----w- C:\Users\founder7231\AppData\Local\blekkotb_031

2012-06-08 13:01:21 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor

2012-06-08 11:48:50 -------- d-----w- C:\Users\founder7231\AppData\Local\{DE183D1B-2DC0-4A97-9E0C-7C872638D1B7}

2012-06-08 09:02:56 -------- d-----w- C:\Users\founder7231\AppData\Local\{0657BD4E-4259-46D2-BFD0-4A8D19607CAD}

2012-06-08 07:27:51 -------- d-----w- C:\Users\founder7231\AppData\Local\{1C029960-6F85-466C-B75E-DA8F03A3624D}

2012-06-08 07:27:40 -------- d-----w- C:\Users\founder7231\AppData\Local\{FB8CA88F-D8D5-409F-8A93-99359A95E55A}

2012-06-08 06:21:40 -------- d-----w- C:\Users\founder7231\AppData\Local\{ADEF19A7-A60D-4A3B-9862-E927B486B0A0}

2012-06-08 05:36:13 -------- d-----w- C:\Users\founder7231\AppData\Local\{7C252ED4-FF33-4EB5-A678-0E0FA3FAD26F}

2012-06-08 05:36:02 -------- d-----w- C:\Users\founder7231\AppData\Local\{6BE30523-3A98-4258-B200-72EA03D50276}

2012-06-08 04:48:22 -------- d-----w- C:\Users\founder7231\AppData\Local\{406B1EAD-6EB8-4305-A663-516E6F001CE6}

2012-06-08 04:48:10 -------- d-----w- C:\Users\founder7231\AppData\Local\{AF327736-FF7B-4559-B426-ABAD9D4D17DB}

2012-06-07 15:38:34 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2012-06-07 15:38:30 -------- d-----w- C:\Program Files\Microsoft Security Client

2012-06-07 14:52:13 -------- d-----w- C:\Users\founder7231\AppData\Local\{77D6439F-ECD3-4A42-A5A7-CE56F019F4CA}

2012-06-07 14:48:11 -------- d-----w- C:\Users\founder7231\AppData\Local\{8BBC3AF3-EF3A-48E8-8CDE-E1EED39F64C1}

2012-06-07 14:05:31 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll

2012-06-07 14:05:30 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll

2012-06-07 14:01:22 5120 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\89DE.tmp

2012-06-07 14:01:22 5120 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\89AF.tmp

2012-06-07 00:23:36 -------- d-----w- C:\Users\founder7231\AppData\Local\{22E18367-DB7A-4B2B-B864-5390AE748959}

2012-06-07 00:23:26 -------- d-----w- C:\Users\founder7231\AppData\Local\{F46EEA0B-F07B-4904-9120-15976B2620B5}

2012-06-06 23:34:02 -------- d-----w- C:\Users\founder7231\AppData\Local\{A4A4E492-7AA3-4402-97C2-262129CED3FA}

2012-06-06 23:33:51 -------- d-----w- C:\Users\founder7231\AppData\Local\{098EEF58-74E4-4A71-AE15-2C642D89489B}

2012-06-06 21:43:49 -------- d-----w- C:\Users\founder7231\AppData\Local\{78A27BA1-8FE7-426E-8898-58675D1FFB59}

2012-06-06 21:43:39 -------- d-----w- C:\Users\founder7231\AppData\Local\{7B876689-5137-4865-A2EF-5F6AF306FA5C}

2012-06-06 17:55:20 -------- d-----w- C:\Users\founder7231\AppData\Local\{515AE45E-F21D-4E97-A706-C037B21761CA}

2012-06-06 17:55:05 -------- d-----w- C:\Users\founder7231\AppData\Local\{54822CB3-E9A2-40E4-834D-8667A97DBE7D}

2012-06-05 23:49:09 -------- d-----w- C:\Users\founder7231\AppData\Local\{0D55D294-00CA-4D27-AB1B-B17EB6D9F4B8}

2012-06-05 22:49:28 -------- d-----w- C:\Program Files\ATI Technologies

2012-06-05 22:49:24 -------- d-----w- C:\Program Files\ATI

2012-06-05 22:48:33 -------- d-----w- C:\ATI Radeon 9250

2012-06-05 22:11:59 -------- d-----w- C:\ATI

2012-06-05 22:03:48 -------- d-----w- C:\Users\founder7231\AppData\Local\{BB4DAB14-F780-4E81-9448-F4D3058F4D70}

2012-06-05 22:03:31 -------- d-----w- C:\Users\founder7231\AppData\Local\{8706B56D-1C78-4149-AC17-5FE0892B531F}

2012-06-05 21:40:28 -------- d-----w- C:\ATI Radeon 9250 6.14.10.6505

2012-06-05 20:51:48 -------- d-----w- C:\Users\founder7231\AppData\Local\SlimWare Utilities Inc

2012-06-05 20:51:44 -------- d--h--w- C:\ProgramData\Common Files

2012-06-05 17:40:39 81920 ----a-w- C:\Windows\eSellerateControl350.dll

2012-06-05 17:40:39 356352 ----a-w- C:\Windows\eSellerateEngine.dll

2012-06-05 17:40:36 -------- d-----w- C:\Program Files (x86)\Babylon Toolbar Removal Tool

2012-06-05 15:43:23 -------- d-----w- C:\Program Files\Speccy

2012-06-05 12:06:08 -------- d-----w- C:\Users\founder7231\AppData\Local\{8F1D488A-512B-4E5E-9355-F3F1D5BE10FB}

2012-06-05 11:26:59 -------- d-----w- C:\Program Files (x86)\Steam

2012-06-05 11:25:14 -------- d-----w- C:\Users\founder7231\AppData\Local\{1E59A6E5-BF77-441A-805F-5C0EC9E2A6F9}

2012-06-05 10:34:50 -------- d-----w- C:\Windows\System32\drivers\NortonPCCheckupx64\0200110.014

2012-06-05 10:34:50 -------- d-----w- C:\Windows\System32\drivers\NortonPCCheckupx64

2012-06-05 10:34:49 -------- d-----w- C:\Program Files (x86)\Norton PC Checkup

2012-06-05 08:35:06 1737536 ----a-w- C:\Windows\System32\nvdispco64.dll

2012-06-05 08:35:06 1466176 ----a-w- C:\Windows\System32\nvgenco64.dll

2012-06-05 06:59:35 -------- d-----w- C:\Users\founder7231\AppData\Local\{E0D1CF38-3DF4-4072-85BE-8D01CA40A68F}

2012-06-05 06:25:53 -------- d-----w- C:\ProgramData\RELOADED

2012-06-05 06:15:42 -------- d-----w- C:\Program Files (x86)\Common Files\Steam

2012-06-05 06:07:49 -------- d-----w- C:\confrotnation 2012

2012-06-05 05:36:32 -------- d-----w- C:\Users\founder7231\AppData\Local\{126F098F-B71E-4B8C-BF5E-3DA999834202}

2012-06-05 05:36:22 -------- d-----w- C:\Users\founder7231\AppData\Local\{2620A51D-105D-4E2C-BCBA-98A875941094}

2012-06-05 05:36:00 -------- d-----w- C:\Users\founder7231\AppData\Local\{CF329E0E-DAB0-47C4-B1EA-E820B12B2DEB}

2012-06-05 05:35:49 -------- d-----w- C:\Users\founder7231\AppData\Local\{A7DF3120-E15A-40DB-AFF2-7BEA6AA51439}

2012-06-03 12:28:04 -------- d-----w- C:\Users\founder7231\AppData\Local\{B8204BB8-D008-4264-B650-29AD9E7637D9}

2012-06-03 12:27:53 -------- d-----w- C:\Users\founder7231\AppData\Local\{E5F9B06D-F1E7-4E28-AF65-59D2620C5568}

2012-06-02 14:34:25 -------- d-----w- C:\Users\founder7231\AppData\Local\{CB985D57-A86B-42EC-BC17-CD7F75F5697F}

2012-06-02 13:47:55 -------- d-----w- C:\Users\founder7231\AppData\Local\{10AFA12F-C711-4E2D-9FFD-D098CFD00008}

2012-06-02 13:42:58 212992 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ILog.dll

2012-06-02 13:42:05 -------- d-----w- C:\Users\founder7231\AppData\Local\{A4E7DCF8-7293-4BF7-817C-56D120E2C464}

2012-06-02 12:08:26 -------- d-----w- C:\Users\founder7231\AppData\Roaming\runic games

2012-06-02 12:07:19 -------- d-----w- C:\torchlight

2012-06-02 11:37:43 -------- d-----w- C:\Users\founder7231\AppData\Local\{B10A4543-1EA6-4804-BB32-7EC8678974B5}

2012-06-02 11:13:45 -------- d-----w- C:\Users\founder7231\AppData\Local\{B853F10A-1AB6-4C8E-BA70-24D1357FDECB}

2012-06-02 11:13:35 -------- d-----w- C:\Users\founder7231\AppData\Local\{9EE73860-6A6A-4DEF-B755-0D02C275E628}

2012-06-02 09:16:25 -------- d-----w- C:\Windows\SysWow64\xlive

2012-06-02 09:16:10 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2012-06-02 09:03:18 -------- d-----w- C:\Program Files (x86)\InfoAtoms

2012-06-02 09:03:15 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys

2012-06-02 09:03:10 -------- d-----w- C:\Users\founder7231\AppData\Roaming\DAEMON Tools Lite

2012-06-02 09:02:57 -------- d-----w- C:\Users\founder7231\AppData\Roaming\OpenCandy

2012-06-02 09:02:56 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite

2012-06-02 09:02:10 -------- d-----w- C:\ProgramData\DAEMON Tools Lite

2012-06-01 13:04:39 -------- d-----w- C:\Users\founder7231\AppData\Local\{665017FD-09BF-4C0D-AA93-31AFDE355C73}

2012-06-01 12:33:01 -------- d-----w- C:\Users\founder7231\AppData\Local\{10DCAA9B-5B8F-45E9-AADB-5CF5E308CB15}

2012-06-01 12:32:49 -------- d-----w- C:\Users\founder7231\AppData\Local\{1A0C612A-F35C-4CB2-A525-3463DA74FACA}

2012-05-31 07:21:04 -------- d-----w- C:\rtk11 trainer

2012-05-31 00:11:38 -------- d-----w- C:\Users\founder7231\AppData\Local\{2F61CF33-296A-4D5E-A604-B77AC4362519}

2012-05-30 04:54:42 -------- d-----w- C:\Users\founder7231\AppData\Local\{34065A50-0AED-4731-BE2B-135DB9853862}

2012-05-30 04:54:32 -------- d-----w- C:\Users\founder7231\AppData\Local\{ED151F5B-8EB7-47A5-A71C-8C8CFB54A8ED}

2012-05-30 04:05:41 -------- d-----w- C:\Users\founder7231\AppData\Local\{DD947C50-58F1-4FEB-A203-84F724AE2E1D}

2012-05-30 04:05:29 -------- d-----w- C:\Users\founder7231\AppData\Local\{6064FD16-B492-4AE0-A137-DC38BE54A0CC}

2012-05-29 13:11:43 -------- d-----w- C:\reorc st

2012-05-29 10:06:30 -------- d-----w- C:\reorc

2012-05-29 03:10:36 -------- d-----w- C:\Users\founder7231\AppData\Local\{6436F2CE-3F85-48CD-A7A9-0BD0AFC0B928}

2012-05-27 09:51:16 -------- d-----w- C:\Users\founder7231\AppData\Local\{22C3475D-A40A-4001-BBFE-1CDD0A11602B}

2012-05-27 09:51:05 -------- d-----w- C:\Users\founder7231\AppData\Local\{5A86E98B-7EDB-4F4F-9D2F-10765B4F48BD}

2012-05-27 09:45:45 65536 ----a-r- C:\Users\founder7231\AppData\Roaming\Microsoft\Installer\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\NewShortcut7_64893225ADBA469EB114F3B2C1FBBA77.exe

2012-05-27 09:45:45 65536 ----a-r- C:\Users\founder7231\AppData\Roaming\Microsoft\Installer\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\NewShortcut4_64893225ADBA469EB114F3B2C1FBBA77.exe

2012-05-27 09:45:45 65536 ----a-r- C:\Users\founder7231\AppData\Roaming\Microsoft\Installer\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\Manual_UK_64893225ADBA469EB114F3B2C1FBBA77.exe

2012-05-27 09:45:45 65536 ----a-r- C:\Users\founder7231\AppData\Roaming\Microsoft\Installer\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\Manual_FR_64893225ADBA469EB114F3B2C1FBBA77.exe

2012-05-27 09:45:45 65536 ----a-r- C:\Users\founder7231\AppData\Roaming\Microsoft\Installer\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\Manual_DE_64893225ADBA469EB114F3B2C1FBBA77.exe

2012-05-27 09:45:45 45056 ----a-r- C:\Users\founder7231\AppData\Roaming\Microsoft\Installer\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\S11Launcher.exeE_64893225ADBA469EB114F3B2C1FBBA77.exe

2012-05-27 09:45:45 45056 ----a-r- C:\Users\founder7231\AppData\Roaming\Microsoft\Installer\{64893225-ADBA-469E-B114-F3B2C1FBBA77}\S11Launcher.exe_64893225ADBA469EB114F3B2C1FBBA77.exe

2012-05-27 09:27:57 -------- d-----w- C:\Program Files (x86)\Koei

2012-05-27 09:17:28 -------- d-----w- C:\ROT 3KDS XI BY CHAOWCHAI

2012-05-26 05:04:15 -------- d-----w- C:\Users\founder7231\AppData\Local\{211BCF65-7535-49D4-B89D-08421CBE1275}

2012-05-26 05:04:04 -------- d-----w- C:\Users\founder7231\AppData\Local\{E023A9C5-2444-43C2-A13D-BA431D47D0AF}

2012-05-24 13:06:47 11776 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll

2012-05-24 13:06:30 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared

2012-05-24 13:06:23 150696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll

2012-05-24 13:06:14 129144 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll

2012-05-24 13:06:06 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll

2012-05-24 13:06:06 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll

2012-05-24 09:06:34 -------- d-----w- C:\Users\founder7231\AppData\Local\{B4E8F15A-064C-4284-BC3C-204B98037A4C}

2012-05-22 17:24:49 -------- d-----w- C:\Users\founder7231\AppData\Local\{B47AC28E-C3E9-4F70-8F9E-722FDD136B20}

2012-05-21 20:09:07 -------- d-----w- C:\Users\founder7231\AppData\Local\{2DA2F9F5-B46D-41D2-A808-C990E90C9F8B}

2012-05-21 06:36:28 -------- d-----w- C:\Program Files (x86)\1C Company

2012-05-21 01:33:00 -------- d-----w- C:\Users\founder7231\AppData\Local\{05E387D7-FDAC-4D9F-B4A3-7397CC52A9EB}

2012-05-20 23:33:51 -------- d-----w- C:\Users\founder7231\AppData\Local\{9011CBBB-06A6-44E7-8905-5BC106CD0FA4}

2012-05-20 23:33:40 -------- d-----w- C:\Users\founder7231\AppData\Local\{4A93F6F0-C359-4EBF-ACB6-434C6107D24B}

2012-05-20 23:16:40 -------- d-----w- C:\Users\founder7231\AppData\Local\{EF3FEEDC-3462-4AD0-A1ED-B3002C090887}

2012-05-20 23:16:30 -------- d-----w- C:\Users\founder7231\AppData\Local\{32C92B71-2987-478F-B1BA-C34F4751EE26}

2012-05-19 22:14:52 -------- d-----w- C:\Users\founder7231\AppData\Local\{9263A2D9-6971-47A9-AD0C-4F19E46D574F}

2012-05-19 22:14:42 -------- d-----w- C:\Users\founder7231\AppData\Local\{FF7EBCBA-7377-424A-8A2B-27527988AFA6}

.

==================== Find3M ====================

.

2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-05-17 09:17:00 466456 ----a-w- C:\Windows\System32\wrap_oal.dll

2012-05-17 09:17:00 122904 ----a-w- C:\Windows\System32\OpenAL32.dll

2012-05-17 09:16:59 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll

2012-05-17 09:16:59 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll

2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys

2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll

2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-04-13 06:48:29 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll

2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll

2012-04-04 19:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-03-21 00:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys

2012-03-21 00:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys

2006-05-03 15:06:54 163328 --sha-r- C:\Windows\SysWOW64\flvDX.dll

2007-02-21 16:47:16 31232 --sha-r- C:\Windows\SysWOW64\msfDX.dll

2008-03-16 18:30:52 216064 --sha-r- C:\Windows\SysWOW64\nbDX.dll

2010-01-07 04:00:00 107520 --sha-r- C:\Windows\SysWOW64\TAKDSDecoder.dll

.

============= FINISH: 23:39:53.16 ===============

Share this post


Link to post
Share on other sites

Hi,

I notice that you are using more than one antivirus program (avast, Norton, and Microsoft). This is very dangerous, as multiple AVs can interfere with one another and actually allow MORE viruses to get through. I strongly suggest you go to Start -> Control Panel -> Add or Remove Programs and uninstall all but one antivirus program.

With that said, with all of this corruption, it may be better to just start over with a fresh install of Windows after formatting your hard drive. Is that something you could potentially do after backing up your data?

Share this post


Link to post
Share on other sites

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.