Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Inactive Malware Help Topics

User Tag List

Security services missing, or not wolrking

This is a discussion on Security services missing, or not wolrking within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. I am having some issues with services either not running, or not showing up in the services configuration. I have


 
 
Thread Tools Search this Thread
Old 05-18-2013, 08:40 PM   #1
Registered Member
 
Join Date: Oct 2008
Location: British Columbia
Posts: 20
OS: Windows 7 64bit



I am having some issues with services either not running, or not showing up in the services configuration. I have scanned my system with malwarebytes, Microsoft Security essentials, but nothing is showing up as a threat. The services that are not showing up are Application Management, BranchCache, Media Center Extender Service, and IPsec Policy Agent is logged on as a Local Service, shouldn't it be a Network Service? I have been sent here from Jenae with instructions to post more information for you. I have the Firewall, IKE and AuthIP IPsec Keying Modules, and the IPsec Policy agent running again, but just as Jenae said we are just putting bandages on a bigger problem, so here are the files that have been requested.
Attached Files
File Type: txt dds.txt (19.8 KB, 75 views)
File Type: txt ark.txt (2.8 KB, 38 views)
File Type: txt attach.txt (24.0 KB, 57 views)
File Type: txt gamer.txt (2.8 KB, 40 views)
stanley62 is offline  
Sponsored Links
Advertisement
 
Old 05-19-2013, 10:05 AM   #2
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



Hello, and welcome to TSF.

I am currently reviewing your log. I will be back with a fix for your problem as soon as possible.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please be patient with me during this time.
TB-PsYcHoTiC is offline  
Old 05-20-2013, 03:14 AM   #3
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



Hi there,
my name is Marius and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.
  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.



Please download Malwarebytes Anti-Rootkit from here Malwarebytes : Malwarebytes Anti-Rootkit and save it to your desktop.

Be sure to print out and follow the instructions provided on that same page.

Caution: This is a beta version so please be sure to read the disclaimer and back up any important data before using.

  • Double click the mbar.zip file to open it, then 'Extract all files'.
  • Double click the mbar folder to open it, then double click mbar.exe to start the tool.

Check for Updates, then Scan your system for malware

If malware is found, do NOT press the Cleanup button yet. Click EXIT.

I'd like to see the log first so I can see what it sees. You'll find the log in that mbar folder as MBAR-log-<date and time>***.txt . Please attach that to your next reply.
TB-PsYcHoTiC is offline  
Sponsored Links
Advertisement
 
Old 05-20-2013, 11:32 AM   #4
Registered Member
 
Join Date: Oct 2008
Location: British Columbia
Posts: 20
OS: Windows 7 64bit



Hello TB-PsYcHoTiC, and thank you for your help: smile: here is the log file you requested from the Anti-Rootkit scan from Malwarebytes. I look forward to hearing from you.
Ken.
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16576

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, H:\ DRIVE_FIXED, I:\ DRIVE_FIXED, M:\ DRIVE_FIXED
CPU speed: 3.500000 GHz
Memory total: 17142927360, free: 15022960640

------------ Kernel report ------------
05/20/2013 11:17:11
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\DRIVERS\intelide.sys
\SystemRoot\system32\DRIVERS\PCIIDEX.SYS
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\SysWOW64\speedfan.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\hotcore3.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\System32\Drivers\Uim_IMx64.sys
\SystemRoot\System32\Drivers\UimFIO.SYS
\SystemRoot\system32\DRIVERS\uimx64.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\system32\DRIVERS\e1c62x64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\drivers\WsAudio_DeviceS(1).sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\system32\DRIVERS\usbprint.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\drivers\AmUStor.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\TSDDD.dll
\SystemRoot\system32\DRIVERS\LEqdUsb.Sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\LHidEqd.Sys
\SystemRoot\system32\DRIVERS\LHidFilt.Sys
\SystemRoot\system32\DRIVERS\LMouFilt.Sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Windows\System32\Drivers\LxrSII1d.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\iertutil.dll
\Windows\System32\msctf.dll
\Windows\System32\urlmon.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\wininet.dll
\Windows\System32\gdi32.dll
\Windows\System32\imm32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\imagehlp.dll
\Windows\System32\comdlg32.dll
\Windows\System32\lpk.dll
\Windows\System32\kernel32.dll
\Windows\System32\user32.dll
\Windows\System32\shell32.dll
\Windows\System32\ole32.dll
\Windows\System32\advapi32.dll
\Windows\System32\usp10.dll
\Windows\System32\oleaut32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\clbcatq.dll
\Windows\System32\normaliz.dll
\Windows\System32\sechost.dll
\Windows\System32\setupapi.dll
\Windows\System32\difxapi.dll
\Windows\System32\psapi.dll
\Windows\System32\nsi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\devobj.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk8\DR8
Upper Device Object: 0xfffffa800f0ce060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000094\
Lower Device Object: 0xfffffa800fd0b050
Lower Device Driver Name: \Driver\AmUStor\
Driver name found: AmUStor
Initialization returned 0x0
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk7\DR7
Upper Device Object: 0xfffffa800f08b790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000093\
Lower Device Object: 0xfffffa800f90a050
Lower Device Driver Name: \Driver\AmUStor\
Driver name found: AmUStor
<<<1>>>
Upper Device Name: \Device\Harddisk6\DR6
Upper Device Object: 0xfffffa800f05f790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000092\
Lower Device Object: 0xfffffa800f4eb050
Lower Device Driver Name: \Driver\AmUStor\
Driver name found: AmUStor
<<<1>>>
Upper Device Name: \Device\Harddisk5\DR5
Upper Device Object: 0xfffffa800f05b790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000091\
Lower Device Object: 0xfffffa800f0ea050
Lower Device Driver Name: \Driver\AmUStor\
Driver name found: AmUStor
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xfffffa800f07e060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000008c\
Lower Device Object: 0xfffffa800ec65b60
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
Initialization returned 0x0
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xfffffa800efe5060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000086\
Lower Device Object: 0xfffffa800ebe2b60
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa800ef3c060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000083\
Lower Device Object: 0xfffffa800e9fda10
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa800d942060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP3T1L0-6\
Lower Device Object: 0xfffffa800c78d680
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0)
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800d7cc790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-0\
Lower Device Object: 0xfffffa800d5bd060
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Downloaded database version: v2013.05.20.06
Downloaded database version: v2013.05.14.03
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800d7cc790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d7cc2c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d7cc790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d25ce40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800d5bd060, DeviceName: \Device\Ide\IdeDeviceP2T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a0140ec6a0, 0xfffffa800d7cc790, 0xfffffa800e6f4090
Lower DeviceData: 0xfffff8a0072f3090, 0xfffffa800d5bd060, 0xfffffa800d9b9e40
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 15CBF215

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 1953519616
Partition file system is NTFS
Partition is bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1953505168-1953525168)...
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800d942060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d942b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d942060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d5be580, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800c78d680, DeviceName: \Device\Ide\IdeDeviceP3T1L0-6\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a013945c60, 0xfffffa800d942060, 0xfffffa800da23090
Lower DeviceData: 0xfffff8a013fff050, 0xfffffa800c78d680, 0xfffffa800e227e40
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 4643EBE1

Partition information:

Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 488392002

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa800ef3c060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800ebe0b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800ef3c060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800e9fda10, DeviceName: \Device\00000083\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a013f37aa0, 0xfffffa800ef3c060, 0xfffffa8010d80790
Lower DeviceData: 0xfffff8a00eb51270, 0xfffffa800e9fda10, 0xfffffa800e16b6c0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 6B7A3B30

Partition information:

Partition 0 type is Other (0xc)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 31308417

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 16030597120 bytes
Sector size: 512 bytes

Physical Sector Size: 512
Drive: 3, DevicePointer: 0xfffffa800efe5060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800efe5b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800efe5060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800ebe2b60, DeviceName: \Device\00000086\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a013ed1eb0, 0xfffffa800efe5060, 0xfffffa800e7f7090
Lower DeviceData: 0xfffff8a005155150, 0xfffffa800ebe2b60, 0xfffffa8010a89d50
Drive 3
Scanning MBR on drive 3...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 30DC6010

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 64 Numsec = 976768000
Partition file system is NTFS
Partition is not bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Physical Sector Size: 512
Drive: 4, DevicePointer: 0xfffffa800f07e060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800ec64b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800f07e060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800ec65b60, DeviceName: \Device\0000008c\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a00eb05df0, 0xfffffa800f07e060, 0xfffffa800ca3b090
Lower DeviceData: 0xfffff8a0078a0630, 0xfffffa800ec65b60, 0xfffffa800e730910
Drive 4
Scanning MBR on drive 4...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: DC6054CF

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 2930270208
Partition file system is NTFS
Partition is bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 1500301909504 bytes
Sector size: 512 bytes

Physical Sector Size: 0
Drive: 5, DevicePointer: 0xfffffa800f05b790, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800ec8eb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800f05b790, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800f0ea050, DeviceName: \Device\00000091\, DriverName: \Driver\AmUStor\
------------ End ----------
Physical Sector Size: 0
Drive: 6, DevicePointer: 0xfffffa800f05f790, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800ec97b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800f05f790, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800f4eb050, DeviceName: \Device\00000092\, DriverName: \Driver\AmUStor\
------------ End ----------
Physical Sector Size: 0
Drive: 7, DevicePointer: 0xfffffa800f08b790, DeviceName: \Device\Harddisk7\DR7\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800ec89b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800f08b790, DeviceName: \Device\Harddisk7\DR7\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800f90a050, DeviceName: \Device\00000093\, DriverName: \Driver\AmUStor\
------------ End ----------
Physical Sector Size: 0
Drive: 8, DevicePointer: 0xfffffa800f0ce060, DeviceName: \Device\Harddisk8\DR8\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800ec98b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800f0ce060, DeviceName: \Device\Harddisk8\DR8\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800fd0b050, DeviceName: \Device\00000094\, DriverName: \Driver\AmUStor\
------------ End ----------
Done!
Performing system, memory and registry scan...
Infected: HKCU\SOFTWARE\CLASSES\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} --> [Hijack.Trojan.Siredef.C]
Infected: c:\$Recycle.Bin\S-1-5-18\$7e4c062ced6b4ce4c8cd5bbf81f3552c\U --> [Trojan.Siredef.C]
Infected: c:\$Recycle.Bin\S-1-5-21-2087196494-3995979522-2797137925-1001\$7e4c062ced6b4ce4c8cd5bbf81f3552c\U --> [Trojan.Siredef.C]
Infected: c:\$Recycle.Bin\S-1-5-18\$7e4c062ced6b4ce4c8cd5bbf81f3552c\L --> [Trojan.Siredef.C]
Infected: c:\$Recycle.Bin\S-1-5-21-2087196494-3995979522-2797137925-1001\$7e4c062ced6b4ce4c8cd5bbf81f3552c\L --> [Trojan.Siredef.C]
Infected: c:\$Recycle.Bin\S-1-5-18\$7e4c062ced6b4ce4c8cd5bbf81f3552c --> [Trojan.Siredef.C]
Infected: c:\$Recycle.Bin\S-1-5-21-2087196494-3995979522-2797137925-1001\$7e4c062ced6b4ce4c8cd5bbf81f3552c --> [Trojan.Siredef.C]
Done!
Scan finished
=======================================
stanley62 is offline  
Old 05-20-2013, 09:26 PM   #5
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



Run another scan with mbar.exe and click the CleanUp button. It will require a reboot.

When it has rebooted, run another scan with mbar.exe and click CleanUp again if necessary.

Send the mbar-log.txt along with an update on machine behavior.
TB-PsYcHoTiC is offline  
Old 05-21-2013, 06:37 PM   #6
Registered Member
 
Join Date: Oct 2008
Location: British Columbia
Posts: 20
OS: Windows 7 64bit



Hello again TB-PsYcHoTiC here are the two scan results from the rootkit scans. I will run machine for a day or so and give you an update. Thanks so much for your help :)
mbar-log-2013-05-21 (18-05-13).txt

mbar-log-2013-05-21 (18-23-10).txt
stanley62 is offline  
Old 05-21-2013, 06:37 PM   #7
Registered Member
 
Join Date: Oct 2008
Location: British Columbia
Posts: 20
OS: Windows 7 64bit



Malwarebytes Anti-Rootkit BETA 1.05.0.1001
Malwarebytes : Free anti-malware download

Database version: v2013.05.21.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Kenny Brodeur :: KENNYBRODEUR [administrator]

5/21/2013 6:05:13 PM
mbar-log-2013-05-21 (18-05-13).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29189
Time elapsed: 7 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\CLASSES\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} (Hijack.Trojan.Siredef.C) -> Delete on reboot.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 6
c:\$Recycle.Bin\S-1-5-18\$7e4c062ced6b4ce4c8cd5bbf81f3552c\U (Trojan.Siredef.C) -> Delete on reboot.
c:\$Recycle.Bin\S-1-5-21-2087196494-3995979522-2797137925-1001\$7e4c062ced6b4ce4c8cd5bbf81f3552c\U (Trojan.Siredef.C) -> Delete on reboot.
c:\$Recycle.Bin\S-1-5-18\$7e4c062ced6b4ce4c8cd5bbf81f3552c\L (Trojan.Siredef.C) -> Delete on reboot.
c:\$Recycle.Bin\S-1-5-21-2087196494-3995979522-2797137925-1001\$7e4c062ced6b4ce4c8cd5bbf81f3552c\L (Trojan.Siredef.C) -> Delete on reboot.
c:\$Recycle.Bin\S-1-5-18\$7e4c062ced6b4ce4c8cd5bbf81f3552c (Trojan.Siredef.C) -> Delete on reboot.
c:\$Recycle.Bin\S-1-5-21-2087196494-3995979522-2797137925-1001\$7e4c062ced6b4ce4c8cd5bbf81f3552c (Trojan.Siredef.C) -> Delete on reboot.

Files Detected: 0
(No malicious items detected)

(end)
stanley62 is offline  
Old 05-21-2013, 06:39 PM   #8
Registered Member
 
Join Date: Oct 2008
Location: British Columbia
Posts: 20
OS: Windows 7 64bit



Malwarebytes Anti-Rootkit BETA 1.05.0.1001
Malwarebytes : Free anti-malware download

Database version: v2013.05.21.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Kenny Brodeur :: KENNYBRODEUR [administrator]

5/21/2013 6:23:10 PM
mbar-log-2013-05-21 (18-23-10).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29164
Time elapsed: 8 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
stanley62 is offline  
Old 05-22-2013, 01:35 PM   #9
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1


Please go to here to run the online scannner from ESET.
[*] Turn off the real time scanner of any existing antivirus program while performing the online scan[*]Tick the box next to YES, I accept the Terms of Use.[*]Click Start[*]When asked, allow the activex control to install[*]Click Start[*]Make sure that the option Remove found threats is unticked[*]Click on Advanced Settings and ensure these options are ticked:
[*]Scan for potentially unwanted applications[*]Scan for potentially unsafe applications[*]Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file....[*]Save it to your desktop, then please copy and paste that log as a reply to this topic.


Please download Farbar Service Scanner and run it on the computer with the issue.
[*]Make sure the following options are checked:
[*]Internet Services[*]Windows Firewall[*]System Restore[*]Security Center[*]Windows Update

[*]Press "Scan".[*]It will create a log (FSS.txt) in the same directory the tool is run.[*]Please copy and paste the log to your reply.


How is your computer behaving now?
TB-PsYcHoTiC is offline  
Old 05-22-2013, 03:22 PM   #10
Registered Member
 
Join Date: Oct 2008
Location: British Columbia
Posts: 20
OS: Windows 7 64bit



It seems to be responding nicely now, your knowledge is appreciated my friend. I will scan with the programs you requested and post back. Oh I have three unknown accounts in my services tab....any ideas?

Account Unknown(S-1-5-21-12266976545-485259378--1827293976-1001)

Account Unknown(S-1-5-21-2488831594-757703212-309800778-1001)

Account Unknown(S-1-5-21-4019019651-188273558-244496476-1001)
stanley62 is offline  
Old 05-22-2013, 03:23 PM   #11
Registered Member
 
Join Date: Oct 2008
Location: British Columbia
Posts: 20
OS: Windows 7 64bit



Security tab I meant, sorry.
stanley62 is offline  
Old 05-22-2013, 04:44 PM   #12
Registered Member
 
Join Date: Oct 2008
Location: British Columbia
Posts: 20
OS: Windows 7 64bit



Here is the Eset scan you requested my friend. I will run the Farbar service scan next, and post it.

[email protected] as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=8
# IEXPLORE.EXE=10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=2661d3671b91584eb00ceebfb79a94b1
# engine=13891
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-05-22 11:19:32
# local_time=2013-05-22 04:19:32 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5892 16777213 88 94 0 10459228 0 0
# scanned=195746
# found=21
# cleaned=0
# scan_time=2873
sh=410B32FD3FE4642644AD91AC60C69B86EC2762DD ft=1 fh=0e378a435beab91a vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll"
sh=D6CF7460A4F696A0E053E042B09C92A7970F30BD ft=1 fh=3da28455addb719c vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll"
sh=410B32FD3FE4642644AD91AC60C69B86EC2762DD ft=1 fh=0e378a435beab91a vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\Users\All Users\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll"
sh=D6CF7460A4F696A0E053E042B09C92A7970F30BD ft=1 fh=3da28455addb719c vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\Users\All Users\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll"
sh=F57ED6018EE6E814BD8C8EEA74039AA6AEC709EB ft=1 fh=d9d232a100287749 vn="Win32/OpenCandy application" ac=I fn="C:\Users\Kenny Brodeur\AppData\Roaming\OpenCandy\OpenCandy_861B0BAE566F41EA83490EB19E8B3C0C\LatestDLMgr.exe"
sh=45D2115A5ACB9290BFDAECC0D301EA1B435D5570 ft=1 fh=cdad9165f47bf824 vn="Win32/OpenCandy application" ac=I fn="C:\Users\Kenny Brodeur\Downloads\attsetup.exe"
sh=CBACE807076FBE8AE0660AF70F655AB58D5FFD09 ft=1 fh=dacc44cd65a0b7e6 vn="a variant of Win32/Toolbar.Widgi application" ac=I fn="I:\Brodeur's Programs\Hard drive\Smart Defrag2-setup220.exe"
sh=CB7E65C3DCC701AA86063139352FDA83C4A141EC ft=1 fh=688c159a0d2cae84 vn="a variant of Win32/SoftonicDownloader.E application" ac=I fn="I:\Brodeur's Programs\Windows 7 Software\SoftonicDownloader_for_msi-afterburner.exe"
sh=850A105C7F6203D1292EEBC06674B45616D30FF9 ft=1 fh=bb1f3b8f07bcde06 vn="a variant of Win32/InstallCore.D application" ac=I fn="I:\Brodeur's Programs\Windows 7 Software\Audio&Video\cnet2_IDTv087_zip.exe"
sh=B6E288C4C6C8675352C61E52D7BB216BA88DBFB1 ft=1 fh=4f69242c7b123870 vn="a variant of Win32/Bundled.Toolbar.Ask application" ac=I fn="I:\Brodeur's Programs\Windows 7 Software\Audio&Video\SetupImgBurn_2.5.2.0.exe"
sh=01D65A6FD2F3A9B2E42D6552DE8C1E1C87AFF4D6 ft=1 fh=bc8319bb8164e81e vn="Win32/OpenCandy application" ac=I fn="I:\Brodeur's Programs\Windows 7 Software\Audio&Video\DFX Audio Enhancer 10\dfx10Setup-BSPlayer.exe"
sh=3D0D0ABCA014002DB6E9B9EE1FEFB6B3A67FE477 ft=1 fh=b39c58801d88766a vn="Win32/OpenCandy application" ac=I fn="I:\Brodeur's Programs\Windows 7 Software\Audio&Video\DFX Audio Enhancer 10\dfx10Setup-foobar2000.exe"
sh=13B8ADA72D14259AE22DC640B67B279113B44A45 ft=1 fh=8422823f9f234d3b vn="Win32/OpenCandy application" ac=I fn="I:\Brodeur's Programs\Windows 7 Software\Audio&Video\DFX Audio Enhancer 10\dfx10Setup-GOM.exe"
sh=2F9B3C87AE898D6E492595A50012665367B43081 ft=1 fh=5a4922dee50889c0 vn="Win32/OpenCandy application" ac=I fn="I:\Brodeur's Programs\Windows 7 Software\Audio&Video\DFX Audio Enhancer 10\dfx10Setup-JRiver.exe"
sh=774CCC7A7F3CCCD2E08CC5C744272610C8C4403A ft=1 fh=f149bb11b7aff084 vn="Win32/OpenCandy application" ac=I fn="I:\Brodeur's Programs\Windows 7 Software\Audio&Video\DFX Audio Enhancer 10\dfx10Setup-MediaMonkey.exe"
sh=BF092D1658DD46FBB65476BA2A13DEE820FFAD58 ft=1 fh=0fe797864fa92dce vn="Win32/OpenCandy application" ac=I fn="I:\Brodeur's Programs\Windows 7 Software\Audio&Video\DFX Audio Enhancer 10\dfx10Setup-Winamp.exe"
sh=E7349A52743F6CDDEB8AB2F036A1BD342290F534 ft=1 fh=27d77edca8d237c7 vn="Win32/OpenCandy application" ac=I fn="I:\Brodeur's Programs\Windows 7 Software\Audio&Video\DFX Audio Enhancer 10\dfx10Setup-WMP.exe"
sh=A7004BB6744055A0555759A7B38D8F4E37B57BB1 ft=1 fh=84f670c5f0fc7bed vn="a variant of Win32/Bundled.Toolbar.Ask application" ac=I fn="I:\Brodeur's Programs\Windows 7 Software\Audio&Video\DFX Audio Enhancer 10\dfxSetup-WMP64.exe"
sh=77835E1B82CD33F3FA618E544B623CD1D7241511 ft=1 fh=f4dbef86dea1a3a7 vn="Win32/OpenCandy application" ac=I fn="I:\Brodeur's Programs\Windows 7 Software\Audio&Video\DFX Audio Enhancer 11.015 + SKIN PACK [8-7-Vista-XP] KEYGEN-CORE\dfx11Setup.exe"
sh=F669C2CAF4824E9BF64CAB438DDE172609CF031B ft=1 fh=3381f028f21d2702 vn="Win32/OpenCandy application" ac=I fn="I:\Brodeur's Programs\Windows 7 Software\Freemake Video Converter\FreemakeVideoConverter_3.2.1.3.exe"
sh=DBA4D7540C69C6492D48E688A00B51387685F8A6 ft=1 fh=fb092140bceb8039 vn="a variant of Win32/Bundled.Toolbar.Ask application" ac=I fn="I:\Documents\ApnStub.exe"
stanley62 is offline  
Old 05-22-2013, 04:55 PM   #13
Registered Member
 
Join Date: Oct 2008
Location: British Columbia
Posts: 20
OS: Windows 7 64bit



Here is the Farbar scan, I added Windows Defender to the scan because when I try to start it I get this message. "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the items"
My system file checker still stops at 57% I don't know if this is relevant or not but thought I should pass it along anyways.
Cheers,
Ken.



Farbar Service Scanner Version: 14-04-2013
Ran by Kenny Brodeur (administrator) on 22-05-2013 at 16:46:11
Running from "C:\Users\Kenny Brodeur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQ5SNZIT"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll
[2009-07-13 16:54] - [2009-07-13 18:41] - 1011712 _____ () D41D8CD98F00B204E9800998ECF8427E

ATTENTION!=====> C:\Program Files\Windows Defender\MpSvc.dll IS INFECTED AND SHOULD BE REPLACED.

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
stanley62 is offline  
Old 05-23-2013, 05:14 AM   #14
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.
TB-PsYcHoTiC is offline  
Old 05-23-2013, 04:18 PM   #15
Registered Member
 
Join Date: Oct 2008
Location: British Columbia
Posts: 20
OS: Windows 7 64bit



Here are the results of the Farbar Recovery Scan Tool you requested. Thanks again for your time my friend.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-05-2013
Ran by Kenny Brodeur (administrator) on 23-05-2013 1637
Running from C:\Users\Kenny Brodeur\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(PeerBlock, LLC) C:\Program Files\PeerBlock\peerblock.exe
(Tixati Software Inc.) C:\Program Files\tixati\tixati.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\sysWow64\SearchProtocolHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Farbar) C:\Users\Kenny Brodeur\Downloads\FRST64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation)
Winlogon\Notify\AutorunsDisabled:
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-20] (Microsoft Corporation)
HKCU\...\Winlogon: [Shell] expstart.exe
MountPoints2: {350a075c-4315-11e2-9203-edea9136f05d} - F:\EIProcessCaller.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: (No Name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - No File
BHO-x32: No Name - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - No File
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - No File
PDF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} https://utilities.pcpitstop.com/Nirva...ls/pcmatic.cab
PDF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} https://quickscan.bitdefender.com/qsax/qsax.cab
PDF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} https://download.eset.com/special/eos/OnlineScanner.cab
PDF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} https://content.systemrequirementslab...l_4.5.11.0.cab
PDF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload2.macromedia.com/ge...sh/swflash.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.176.9

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll No File
CHR Plugin: (Wondershare Video Convert Chrome Plugin) - C:\Users\Kenny Brodeur\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgdeabpmphfhkoemjjglmilajldekbp\6.0.0_0\npSVRChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.250.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U25) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Docs) - C:\Users\Kenny Brodeur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Kenny Brodeur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Kenny Brodeur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Wondershare Video Converter Ultimate) - C:\Users\Kenny Brodeur\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgdeabpmphfhkoemjjglmilajldekbp\6.0.0_0
CHR Extension: (Google Search) - C:\Users\Kenny Brodeur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\Users\Kenny Brodeur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

S4 LxrSII1s; C:\Windows\SysWow64\LxrSII1s.exe [65536 2009-12-30] (Lexar Media, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 EfiInvoker; C:\Windows\SysWOW64\Drivers\invoker64.sys [13080 2012-12-12] (Windows (R) Server 2003 DDK provider)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2010-07-15] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2010-07-15] ()
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [58368 2011-05-18] (GenesysLogic)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2010-01-17] (Paragon Software Group)
R2 LxrSII1d; C:\Windows\System32\Drivers\LxrSII1d.sys [63064 2009-12-30] (Lexar Media, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
R3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [24176 2010-11-06] ()
S3 swg3kser00; C:\Windows\System32\DRIVERS\swg3kser00.sys [258432 2011-06-28] (Sierra Wireless Incorporated)
S3 swiwdmbx; C:\Windows\System32\DRIVERS\swiwdmbx64.sys [109312 2011-06-28] (Sierra Wireless Inc.)
S3 SWNC8UA3; C:\Windows\System32\DRIVERS\swnc8ua3.sys [249344 2011-06-28] (Sierra Wireless Inc.)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [48144 2010-01-17] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [158736 2010-01-17] (Paragon)
S3 ALSysIO; No ImagePath
S1 atitray; \??\C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray64.sys [x]
S3 cpuio; \??\C:\Windows\SysWOW64\Drivers\cpuiox64.sys [x]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]
S3 PCTINDIS5X64; \??\C:\Windows\system32\PCTINDIS5X64.SYS [x]
S3 STHDA; system32\DRIVERS\stwrt64.sys [x]
S2 supersafer64; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-05-23 16:04 - 2013-05-23 16:04 - 00000000 ____D C:\FRST
2013-05-23 16:02 - 2013-05-23 16:04 - 01878488 ____A (Farbar) C:\Users\Kenny Brodeur\Downloads\FRST64.exe
2013-05-22 19:59 - 2013-05-22 19:59 - 00001506 ____A C:\Users\Kenny Brodeur\Desktop\EASEUS PM 7.0.1.lnk
2013-05-22 18:39 - 2013-05-22 18:39 - 04427984 ____A (PCDocPro.com ) C:\Users\Kenny Brodeur\Downloads\PcDocPro_Setup.exe
2013-05-22 18:28 - 2013-05-22 19:00 - 00005484 ____A C:\Windows\IE10_main.log
2013-05-22 18:21 - 2013-05-22 19:15 - 00109296 ____A C:\Users\Kenny Brodeur\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-22 18:21 - 2013-05-22 19:14 - 00406904 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-22 18:21 - 2013-05-22 19:14 - 00000938 ____A C:\Windows\PFRO.log
2013-05-22 18:09 - 2013-05-23 15:27 - 00000168 ____A C:\Windows\setupact.log
2013-05-22 18:09 - 2013-05-22 18:09 - 00000812 ____A C:\Users\Public\Desktop\Speccy.lnk
2013-05-22 18:09 - 2013-05-22 18:09 - 00000000 ____D C:\Program Files\Speccy
2013-05-22 18:09 - 2013-05-22 18:09 - 00000000 ____A C:\Windows\setuperr.log
2013-05-22 18:05 - 2013-05-22 18:06 - 00032442 ____A C:\Users\Kenny Brodeur\Documents\cc_20130522_180558.reg
2013-05-22 18:00 - 2013-05-22 18:00 - 00001090 ____A C:\Users\Public\Desktop\CCleaner Business.lnk
2013-05-22 18:00 - 2013-05-22 18:00 - 00000000 ____D C:\Program Files (x86)\CCleaner Business
2013-05-22 17:34 - 2010-11-20 06:27 - 00060928 ____A (Microsoft Corporation) C:\Windows\System32\config\MsMpCom.dll
2013-05-22 17:34 - 2009-07-13 18:41 - 01011712 ____A (Microsoft Corporation) C:\Windows\System32\config\MpSvc.dll
2013-05-22 17:34 - 2009-07-13 18:41 - 00571904 ____A (Microsoft Corporation) C:\Windows\System32\config\MpClient.dll
2013-05-22 17:34 - 2009-07-13 18:41 - 00487936 ____A (Microsoft Corporation) C:\Windows\System32\config\MsMpRes.dll
2013-05-22 17:34 - 2009-07-13 18:41 - 00314880 ____A (Microsoft Corporation) C:\Windows\System32\config\MpCommu.dll
2013-05-22 17:34 - 2009-07-13 18:41 - 00200192 ____A (Microsoft Corporation) C:\Windows\System32\config\MpRTP.dll
2013-05-22 17:34 - 2009-07-13 18:41 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\config\MpOAV.dll
2013-05-22 17:34 - 2009-07-13 18:41 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\config\MpAsDesc.dll
2013-05-22 17:34 - 2009-07-13 18:39 - 00961024 ____A (Microsoft Corporation) C:\Windows\System32\config\MSASCui.exe
2013-05-22 17:34 - 2009-07-13 18:39 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\config\MpCmdRun.exe
2013-05-22 17:34 - 2009-07-13 18:29 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\config\MpEvMsg.dll
2013-05-22 17:34 - 2009-07-13 18:29 - 00004608 ____A (Microsoft Corporation) C:\Windows\System32\config\MsMpLics.dll
2013-05-22 17:31 - 2013-05-22 17:34 - 00000046 __ASH C:\Windows\System32\config\desktop.ini
2013-05-22 15:37 - 2013-05-22 15:37 - 00015899 ____A C:\Users\Kenny Brodeur\Downloads\MassageCreep - Jessa Rhodes hd 720 20 may 2013-[rarbg.com].torrent
2013-05-22 15:34 - 2013-05-22 15:34 - 00026038 ____A C:\Users\Kenny Brodeur\Downloads\Chanel Preston - Mandingo Massacre 8-[rarbg.com].torrent
2013-05-22 15:28 - 2013-05-22 15:28 - 00030143 ____A C:\Users\Kenny Brodeur\Downloads\Kamasutra.Sexual.Positions.for.Lovers.2013.480p.BluRay.x264-mSD-[rarbg.com].torrent
2013-05-22 15:25 - 2013-05-22 15:25 - 00000000 ____D C:\Program Files (x86)\ESET
2013-05-19 17:40 - 2013-05-19 17:40 - 00000000 ____D C:\Games
2013-05-19 13:26 - 2013-05-19 13:26 - 00142417 ____A C:\Users\Kenny Brodeur\Downloads\[kat.ph]are.you.being.served.torrent
2013-05-19 11:04 - 2013-05-19 11:04 - 00000207 ____A C:\Windows\tweaking.com-regbackup-KENNYBRODEUR-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2013-05-19 11:04 - 2013-05-19 11:04 - 00000000 ____D C:\RegBackup
2013-05-19 10:52 - 2013-05-22 18:11 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-05-19 09:59 - 2013-05-19 09:59 - 00001129 ____A C:\Users\Public\Desktop\M.Bytes Anti-Malware.lnk
2013-05-19 09:59 - 2013-05-19 09:59 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Roaming\Malwarebytes
2013-05-19 09:59 - 2013-05-19 09:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-19 09:59 - 2013-05-19 09:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-19 09:59 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-05-18 14:12 - 2013-05-18 14:12 - 00000689 ____A C:\Users\Kenny Brodeur\Desktop\Music Videos.lnk
2013-05-18 13:50 - 2012-05-31 22:39 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\wamregps.dll
2013-05-18 13:50 - 2012-05-31 22:36 - 00192000 ____A (Microsoft Corporation) C:\Windows\System32\iisRtl.dll
2013-05-18 13:50 - 2012-05-31 22:36 - 00011264 ____A (Microsoft Corporation) C:\Windows\System32\iisrstap.dll
2013-05-18 13:50 - 2012-05-31 22:35 - 00060928 ____A (Microsoft Corporation) C:\Windows\System32\ahadmin.dll
2013-05-18 13:50 - 2012-05-31 22:34 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\admwprox.dll
2013-05-18 13:50 - 2012-05-31 22:33 - 00016896 ____A (Microsoft Corporation) C:\Windows\System32\iisreset.exe
2013-05-18 13:50 - 2012-05-31 21:40 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2013-05-18 13:50 - 2012-05-31 21:37 - 00154624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2013-05-18 13:50 - 2012-05-31 21:37 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2013-05-18 13:50 - 2012-05-31 21:35 - 00050688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2013-05-18 13:50 - 2012-05-31 21:35 - 00026624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2013-05-18 13:50 - 2012-05-31 21:34 - 00015360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2013-05-18 13:36 - 2013-05-18 13:36 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2013-05-18 13:36 - 2013-05-18 13:36 - 00000000 ____D C:\Windows\System32\BestPractices
2013-05-18 09:06 - 2013-05-18 09:06 - 00000836 ____A C:\Users\Kenny Brodeur\Desktop\Tixati.lnk
2013-05-18 09:05 - 2013-05-18 09:05 - 00000662 ____A C:\Users\Kenny Brodeur\Desktop\Pictures.lnk
2013-05-18 09:04 - 2013-05-18 09:04 - 00000732 ____A C:\Users\Kenny Brodeur\Desktop\Brodeur's Programs.lnk
2013-05-18 09:04 - 2013-05-18 09:04 - 00000711 ____A C:\Users\Kenny Brodeur\Desktop\Brodeur's Music.lnk
2013-05-18 09:04 - 2013-05-18 09:04 - 00000711 ____A C:\Users\Kenny Brodeur\Desktop\Brodeur's MP3's.lnk
2013-05-18 09:04 - 2013-05-18 09:04 - 00000690 ____A C:\Users\Kenny Brodeur\Desktop\Devils Icons.lnk
2013-05-18 08:51 - 2013-05-18 08:51 - 00001408 ____A C:\Users\Kenny Brodeur\Desktop\peerblock.lnk
2013-05-18 08:37 - 2013-05-22 19:13 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-05-18 08:31 - 2013-05-18 08:31 - 00002179 ____A C:\Users\Kenny Brodeur\Desktop\Windows Repair.lnk
2013-05-18 08:31 - 2013-05-18 08:31 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-05-17 23:17 - 2013-05-17 23:17 - 00000000 ____D C:\archive_db
2013-05-17 21:04 - 2013-05-22 18:05 - 00000000 ___DC C:\Users\Kenny Brodeur\AppData\Local\MigWiz
2013-05-17 20:33 - 2013-05-17 20:33 - 00000028 ____A C:\Users\Kenny Brodeur\Documents\LicenseKey.txt
2013-05-17 20:32 - 2013-05-17 20:35 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Local\iWesoft
2013-05-17 20:32 - 2013-05-17 20:32 - 00001319 ____A C:\Users\Kenny Brodeur\Desktop\Magic RegCleaner.lnk
2013-05-17 20:32 - 2013-05-17 20:32 - 00000000 ____D C:\Program Files (x86)\Magic Registry Cleaner
2013-05-17 20:16 - 2013-05-17 20:24 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Local\Promosoft Corporation
2013-05-17 19:37 - 2013-05-17 19:37 - 00000772 ____A C:\Users\Kenny Brodeur\0
2013-05-16 18:31 - 2013-05-16 18:31 - 00000000 ____D C:\Program Files (x86)\LSoft Technologies
2013-05-16 16:04 - 2013-05-16 16:04 - 00208216 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\22740625.sys
2013-05-16 14:10 - 2013-05-16 14:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-05-16 13:42 - 2013-05-16 13:42 - 00208216 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\69679998.sys
2013-05-16 13:39 - 2013-05-16 13:39 - 00208216 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\65210933.sys
2013-05-15 21:21 - 2013-05-15 21:21 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-05-15 21:21 - 2013-05-15 21:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-05-15 21:10 - 2013-05-15 21:21 - 01926648 ____A C:\Windows\System32\Drivers\Cat.DB
2013-05-14 21:46 - 2012-07-26 19:02 - 00173504 ____A (Trend Micro Inc.) C:\Windows\System32\Drivers\tmcomm.sys
2013-05-14 20:26 - 2013-05-18 09:08 - 00001543 ____A C:\Users\Kenny Brodeur\Desktop\Explorer.lnk
2013-05-14 20:14 - 2013-04-04 23:52 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-14 20:14 - 2013-04-04 23:52 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-14 20:14 - 2013-04-04 23:52 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-14 20:14 - 2013-04-04 23:50 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-14 20:14 - 2013-04-04 23:50 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-14 20:14 - 2013-04-04 23:50 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-14 20:14 - 2013-04-04 23:50 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-14 20:14 - 2013-04-04 23:50 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-14 20:14 - 2013-04-04 23:50 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-14 20:14 - 2013-04-04 23:50 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-14 20:14 - 2013-04-04 23:50 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-14 20:14 - 2013-04-04 23:50 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-14 20:14 - 2013-04-04 23:50 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-14 20:14 - 2013-04-04 23:50 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-14 20:14 - 2013-04-04 22:28 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-14 20:14 - 2013-04-04 22:28 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-14 20:14 - 2013-04-04 22:26 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-14 20:14 - 2013-04-04 22:26 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-14 20:14 - 2013-04-04 22:26 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-14 20:14 - 2013-04-04 22:26 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-14 20:14 - 2013-04-04 22:26 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-14 20:14 - 2013-04-04 22:26 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-14 20:14 - 2013-04-04 22:26 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-14 20:14 - 2013-04-04 22:26 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-14 20:14 - 2013-04-04 22:26 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-14 20:14 - 2013-04-04 22:26 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-14 20:14 - 2013-04-04 22:26 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-14 20:14 - 2013-04-04 21:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-14 20:14 - 2013-04-04 21:29 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-14 20:14 - 2013-04-04 20:51 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-14 20:14 - 2013-04-04 20:38 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-14 19:24 - 2013-05-22 23:03 - 01177346 ____A C:\Windows\WindowsUpdate.log
2013-05-14 17:34 - 2013-05-15 18:35 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-05-14 17:34 - 2013-05-15 18:35 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-05-14 17:04 - 2013-04-09 23:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-14 17:04 - 2013-04-09 23:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-14 17:04 - 2013-04-09 20:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-14 17:04 - 2013-03-18 22:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-14 17:04 - 2013-03-18 22:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-14 17:04 - 2013-02-26 23:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-14 17:04 - 2013-02-26 22:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-14 17:04 - 2013-02-26 22:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-14 17:04 - 2013-02-26 22:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-14 17:04 - 2013-02-26 22:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-14 17:04 - 2013-02-26 21:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-14 17:04 - 2013-02-26 21:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-14 17:04 - 2013-02-26 21:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-14 17:04 - 2011-02-03 04:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-11 09:52 - 2013-05-11 09:52 - 00000000 ____D C:\Download
2013-05-11 03:00 - 2013-05-11 03:00 - 00000000 ____D C:\tmpDownload
2013-05-07 13:42 - 2013-02-21 18:40 - 00792560 ____N (Intel Corporation) C:\Windows\System32\Drivers\iusb3xhc.sys
2013-05-07 13:42 - 2013-02-21 18:40 - 00358896 ____N (Intel Corporation) C:\Windows\System32\Drivers\iusb3hub.sys
2013-05-07 13:42 - 2013-02-21 18:40 - 00020464 ____N (Intel Corporation) C:\Windows\System32\Drivers\iusb3hcs.sys
2013-05-07 13:40 - 2012-12-19 13:50 - 05630200 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2013-05-07 13:40 - 2012-12-19 13:48 - 11278336 ____N (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmdag.sys
2013-05-07 13:40 - 2012-12-19 13:39 - 00327960 ____A C:\Windows\SysWOW64\atiapfxx.blb
2013-05-07 13:40 - 2012-12-19 13:39 - 00327960 ____A C:\Windows\System32\atiapfxx.blb
2013-05-07 13:40 - 2012-12-19 13:29 - 23461376 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atio6axx.dll
2013-05-07 13:40 - 2012-12-19 13:22 - 00070144 ____A (AMD) C:\Windows\System32\coinst_9.012.dll
2013-05-07 13:40 - 2012-12-19 13:19 - 00163840 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atiapfxx.exe
2013-05-07 13:40 - 2012-12-19 13:18 - 00051200 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticalrt64.dll
2013-05-07 13:40 - 2012-12-19 13:18 - 00046080 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2013-05-07 13:40 - 2012-12-19 13:17 - 16082944 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticaldd64.dll
2013-05-07 13:40 - 2012-12-19 13:17 - 00044544 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticalcl64.dll
2013-05-07 13:40 - 2012-12-19 13:17 - 00044032 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2013-05-07 13:40 - 2012-12-19 13:13 - 13703168 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2013-05-07 13:40 - 2012-12-19 13:12 - 18982400 ____A (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2013-05-07 13:40 - 2012-12-19 13:09 - 00960512 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2013-05-07 13:40 - 2012-12-19 13:06 - 06681088 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2013-05-07 13:40 - 2012-12-19 12:57 - 00442368 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atidemgy.dll
2013-05-07 13:40 - 2012-12-19 12:56 - 00550912 ____A (AMD) C:\Windows\System32\atieclxx.exe
2013-05-07 13:40 - 2012-12-19 12:56 - 00240640 ____N (AMD) C:\Windows\System32\atiesrxx.exe
2013-05-07 13:40 - 2012-12-19 12:54 - 00120320 ____A (AMD) C:\Windows\System32\atitmm64.dll
2013-05-07 13:40 - 2012-12-19 12:54 - 00059392 ____A (ATI Technologies, Inc.) C:\Windows\System32\atiedu64.dll
2013-05-07 13:40 - 2012-12-19 12:54 - 00043520 ____A (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2013-05-07 13:40 - 2012-12-19 12:54 - 00021504 ____A (AMD) C:\Windows\System32\atimuixx.dll
2013-05-07 13:40 - 2012-12-19 12:52 - 03061872 ____A C:\Windows\System32\atiumd6a.cap
2013-05-07 13:40 - 2012-12-19 12:44 - 04162048 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2013-05-07 13:40 - 2012-12-19 12:42 - 03093792 ____A C:\Windows\SysWOW64\atiumdva.cap
2013-05-07 13:40 - 2012-12-19 12:34 - 00079360 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdave64.dll
2013-05-07 13:40 - 2012-12-19 12:34 - 00078336 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2013-05-07 13:40 - 2012-12-19 12:34 - 00074240 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atisamu64.dll
2013-05-07 13:40 - 2012-12-19 12:34 - 00071168 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2013-05-07 13:40 - 2012-12-19 12:33 - 00619008 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atiadlxx.dll
2013-05-07 13:40 - 2012-12-19 12:33 - 00421888 ____A (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2013-05-07 13:40 - 2012-12-19 12:33 - 00056832 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2013-05-07 13:40 - 2012-12-19 12:33 - 00056832 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2013-05-07 13:40 - 2012-12-19 12:33 - 00056320 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atimpc64.dll
2013-05-07 13:40 - 2012-12-19 12:33 - 00056320 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdpcom64.dll
2013-05-07 13:40 - 2012-12-19 12:33 - 00041984 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6txx.dll
2013-05-07 13:40 - 2012-12-19 12:33 - 00033280 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2013-05-07 13:40 - 2012-12-19 12:33 - 00017920 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6pxx.dll
2013-05-07 13:40 - 2012-12-19 12:33 - 00014848 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2013-05-07 13:40 - 2012-12-19 12:33 - 00014848 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiglpxx.dll
2013-05-07 13:40 - 2012-12-19 12:32 - 00552960 ____N (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmpag.sys
2013-05-07 13:40 - 2012-12-19 12:31 - 00109568 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2013-05-07 13:40 - 2012-12-19 12:30 - 00083968 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2013-05-07 13:40 - 2012-12-19 12:30 - 00053248 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\ati2erec.dll
2013-05-07 13:40 - 2012-11-29 08:40 - 00662786 ____A C:\Windows\System32\atiicdxx.dat
2013-05-07 13:40 - 2012-11-15 09:34 - 00042719 ____A C:\Windows\atiogl.xml
2013-05-07 13:40 - 2012-09-19 12:09 - 00076660 ____A C:\Windows\System32\ativce02.dat
2013-05-07 13:40 - 2012-09-04 08:20 - 00228528 ____A C:\Windows\System32\ativvaxy_cik_nd.dat
2013-05-07 13:40 - 2012-09-04 08:20 - 00228528 ____A C:\Windows\System32\ativvaxy_cik.dat
2013-05-07 13:39 - 2013-03-19 05:21 - 03363016 ____N (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2013-05-07 13:39 - 2013-03-19 05:02 - 00133704 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoInstII64.dll
2013-05-07 13:39 - 2013-03-19 03:29 - 19731968 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoRes64.dat
2013-05-07 13:39 - 2013-03-19 02:49 - 00438081 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT
2013-05-07 13:39 - 2013-03-19 00:44 - 02788424 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtPgEx64.dll
2013-05-07 13:39 - 2013-03-18 21:11 - 00913456 ____A (Sony Corporation) C:\Windows\System32\SFSS_APO.dll
2013-05-07 13:39 - 2013-03-12 18:49 - 03176920 ____A C:\Windows\System32\Drivers\rtvienna.dat
2013-05-07 13:39 - 2013-03-12 16:32 - 00208072 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTAC64.dll
2013-05-07 13:39 - 2013-03-12 03:16 - 00613448 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtDataProc64.dll
2013-05-07 13:39 - 2013-03-11 00:07 - 03687496 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO64.dll
2013-05-07 13:39 - 2013-03-07 21:51 - 00904752 ____A (Sony Corporation) C:\Windows\System32\MISS_APO.dll
2013-05-07 13:39 - 2013-02-27 22:10 - 14021912 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioRealtek64.dll
2013-05-07 13:39 - 2013-02-27 22:10 - 02032408 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioEQ64.dll
2013-05-07 13:39 - 2013-02-27 22:10 - 01900824 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioRealtek264.dll
2013-05-07 13:39 - 2013-02-27 22:10 - 00910104 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPOShell64.dll
2013-05-07 13:39 - 2013-02-27 02:53 - 01659464 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSnMg64.cpl
2013-05-07 13:39 - 2013-02-26 14:37 - 00823072 ____A (SRS Labs, Inc.) C:\Windows\System32\slcnt64.dll
2013-05-07 13:39 - 2013-02-26 14:37 - 00633632 ____A (SRS Labs, Inc.) C:\Windows\System32\sltech64.dll
2013-05-07 13:39 - 2013-02-26 14:37 - 00517408 ____A (SRS Labs, Inc.) C:\Windows\System32\sl3apo64.dll
2013-05-07 13:39 - 2013-02-26 14:37 - 00213792 ____A (TODO: <Company name>) C:\Windows\System32\slprp64.dll
2013-05-07 13:39 - 2013-02-21 02:26 - 00858032 ____A (TOSHIBA Corporation) C:\Windows\System32\tossaeapo64.dll
2013-05-07 13:39 - 2013-02-21 02:26 - 00148912 ____A (TOSHIBA Corporation) C:\Windows\System32\toseaeapo64.dll
2013-05-07 13:39 - 2013-02-21 02:25 - 00569256 ____A (TOSHIBA Corporation) C:\Windows\System32\tosasfapo64.dll
2013-05-07 13:39 - 2013-02-20 03:55 - 01284680 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTCOM64.dll
2013-05-07 13:39 - 2013-02-19 03:52 - 00991816 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApi64.dll
2013-05-07 13:39 - 2013-02-02 06:30 - 02099480 ____A (Waves Audio Ltd.) C:\Windows\System32\WavesGUILib64.dll
2013-05-07 13:39 - 2013-01-24 22:57 - 02730016 ____A (Fortemedia Corporation) C:\Windows\System32\FMAPO64.dll
2013-05-07 13:39 - 2013-01-17 04:32 - 00719640 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO5064.dll
2013-05-07 13:39 - 2012-12-11 20:17 - 00395208 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO30.dll
2013-05-07 13:39 - 2012-10-01 23:41 - 00501192 ____A (DTS) C:\Windows\System32\DTSU2PLFX64.dll
2013-05-07 13:39 - 2012-10-01 23:41 - 00487368 ____A (DTS) C:\Windows\System32\DTSU2PGFX64.dll
2013-05-07 13:39 - 2012-10-01 23:41 - 00415688 ____A (DTS) C:\Windows\System32\DTSU2PREC64.dll
2013-05-07 13:39 - 2012-09-10 05:06 - 00612728 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO4064.dll
2013-05-07 13:39 - 2012-08-31 04:18 - 07164176 ____A (Dolby Laboratories) C:\Windows\System32\R4EEP64A.dll
2013-05-07 13:39 - 2012-08-31 04:17 - 00434960 ____A (Dolby Laboratories) C:\Windows\System32\R4EED64A.dll
2013-05-07 13:39 - 2012-08-31 04:17 - 00141584 ____A (Dolby Laboratories) C:\Windows\System32\R4EEL64A.dll
2013-05-07 13:39 - 2012-08-31 04:17 - 00124176 ____A (Dolby Laboratories) C:\Windows\System32\R4EEA64A.dll
2013-05-07 13:39 - 2012-08-31 04:17 - 00075024 ____A (Dolby Laboratories) C:\Windows\System32\R4EEG64A.dll
2013-05-07 13:25 - 2013-01-03 01:17 - 01846664 ____A (Logitech, Inc.) C:\Windows\System32\LkmdfCoInst.dll
2013-05-07 13:25 - 2013-01-03 01:17 - 00077192 ____A (Logitech, Inc.) C:\Windows\System32\Drivers\LHidFilt.Sys
2013-05-07 13:25 - 2013-01-03 01:17 - 00061832 ____A (Logitech, Inc.) C:\Windows\System32\Drivers\LMouFilt.Sys
2013-05-07 13:25 - 2013-01-03 01:17 - 00055688 ____A (Logitech, Inc.) C:\Windows\System32\LMouFiltCoInst.dll
2013-05-07 13:25 - 2013-01-03 01:17 - 00015752 ____A (Logitech, Inc.) C:\Windows\System32\Drivers\LHidEqd.sys
2013-05-07 13:24 - 2013-05-07 13:24 - 00000000 ____A C:\Windows\System32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2013-05-07 13:24 - 2013-05-07 13:24 - 00000000 ____A C:\Windows\System32\Drivers\Msft_Kernel_GeneStor_01009.Wdf
2013-05-07 13:24 - 2013-03-20 08:45 - 01795952 ____A (Microsoft Corporation) C:\Windows\System32\WdfCoInstaller01011.dll
2013-05-07 13:24 - 2013-03-20 08:45 - 00099288 ____N (Intel Corporation) C:\Windows\System32\Drivers\TeeDriverx64.sys
2013-05-07 13:23 - 2012-10-25 07:17 - 00095744 ____N (Alcor Micro, Corp.) C:\Windows\System32\Drivers\AmUStor.sys
2013-05-07 13:23 - 2012-08-20 04:27 - 00004435 ____A C:\Windows\System32\AmUStor.ini
2013-05-07 13:23 - 2012-08-17 04:20 - 00012800 ____A (Alcor Micro, Corp.) C:\Windows\System32\AmUStor.dll
2013-05-07 13:23 - 2012-06-25 06:29 - 00000640 ____A C:\Windows\System32\VendorCmd0.bin
2013-05-07 13:23 - 2011-11-04 06:45 - 00954368 ____A C:\Windows\System32\AmRdrIco.icl
2013-05-07 13:23 - 2011-05-18 02:50 - 00058368 ____N (GenesysLogic) C:\Windows\System32\Drivers\GeneStor.sys
2013-05-07 13:23 - 2010-12-15 00:27 - 00000008 ____A C:\Windows\System32\CardDetect.bin
2013-05-07 12:57 - 2013-05-07 12:57 - 00000000 ____D C:\ProgramData\Bell
2013-05-05 21:58 - 2013-05-18 13:36 - 00000000 ____D C:\inetpub
2013-05-05 21:58 - 2013-05-05 21:58 - 00000000 ____D C:\ProgramData\Sony Corporation
2013-05-05 21:58 - 2013-05-05 21:58 - 00000000 ____D C:\ProgramData\PlayFirst
2013-05-05 21:58 - 2013-05-05 21:58 - 00000000 ____D C:\ProgramData\iWin
2013-05-05 21:58 - 2013-05-05 21:58 - 00000000 ____D C:\ProgramData\backup
2013-05-05 21:58 - 2013-05-05 21:58 - 00000000 ____D C:\extensions
2013-05-05 20:18 - 2013-05-19 20:25 - 00000000 ____D C:\ProgramData\xml_param
2013-05-04 22:42 - 2013-05-04 22:42 - 00032928 ____A C:\Users\Kenny Brodeur\Downloads\[kat.ph]the.host.2013.hdrip.xvid.s4a.torrent
2013-05-04 22:30 - 2013-05-04 22:30 - 00022332 ____A C:\Users\Kenny Brodeur\Downloads\[kat.ph]john.lee.hooker.the.very.best.of.1995.mp3.320.torrent
2013-05-03 18:48 - 2013-05-03 18:48 - 00024206 ____A C:\Users\Kenny Brodeur\Downloads\[isoHunt] World Pop Singles Top-40 [April 2013].torrent
2013-04-29 16:18 - 2013-05-22 18:11 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2013-04-27 12:51 - 2013-04-27 12:51 - 00386464 ____A (Bleeping Computer, LLC) C:\Users\Kenny Brodeur\Downloads\show-hidden.exe
2013-04-26 20:57 - 2013-04-26 20:57 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Roaming\Sierra Wireless
2013-04-26 20:57 - 2013-04-26 20:57 - 00000000 ____A C:\Windows\System32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2013-04-26 20:57 - 2011-05-24 11:29 - 01490656 ____A (Microsoft Corporation) C:\Windows\System32\WdfCoInstaller01007.dll
2013-04-26 20:57 - 2011-05-24 11:29 - 01490656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfCoInstaller01007.dll
2013-04-26 20:56 - 2013-05-07 12:57 - 00000000 ____D C:\Program Files (x86)\Bell
2013-04-26 20:56 - 2013-04-26 20:56 - 00000000 ____D C:\ProgramData\Sierra Wireless
2013-04-24 19:58 - 2013-04-24 19:58 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Roaming\atitray
2013-04-23 14:53 - 2013-04-12 07:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2013-05-23 16:06 - 2011-05-16 15:39 - 00000000 ____D C:\Program Files\PeerBlock
2013-05-23 16:04 - 2013-05-23 16:04 - 00000000 ____D C:\FRST
2013-05-23 16:04 - 2013-05-23 16:02 - 01878488 ____A (Farbar) C:\Users\Kenny Brodeur\Downloads\FRST64.exe
2013-05-23 16:04 - 2012-11-07 17:12 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Roaming\tixati
2013-05-23 15:34 - 2013-02-12 08:12 - 00015616 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-23 15:34 - 2013-02-12 08:12 - 00015616 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-23 15:31 - 2009-07-13 22:13 - 00890634 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-23 15:27 - 2013-05-22 18:09 - 00000168 ____A C:\Windows\setupact.log
2013-05-23 15:27 - 2012-11-02 06:40 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-22 23:03 - 2013-05-14 19:24 - 01177346 ____A C:\Windows\WindowsUpdate.log
2013-05-22 19:59 - 2013-05-22 19:59 - 00001506 ____A C:\Users\Kenny Brodeur\Desktop\EASEUS PM 7.0.1.lnk
2013-05-22 19:15 - 2013-05-22 18:21 - 00109296 ____A C:\Users\Kenny Brodeur\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-22 19:14 - 2013-05-22 18:21 - 00406904 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-22 19:14 - 2013-05-22 18:21 - 00000938 ____A C:\Windows\PFRO.log
2013-05-22 19:13 - 2013-05-18 08:37 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-05-22 19:10 - 2012-09-12 17:32 - 00890634 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-05-22 19:10 - 2009-07-13 19:34 - 00000514 ____A C:\Windows\win.ini
2013-05-22 19:00 - 2013-05-22 18:28 - 00005484 ____A C:\Windows\IE10_main.log
2013-05-22 18:39 - 2013-05-22 18:39 - 04427984 ____A (PCDocPro.com ) C:\Users\Kenny Brodeur\Downloads\PcDocPro_Setup.exe
2013-05-22 18:12 - 2012-11-18 17:49 - 00000000 ___RD C:\Users\Kenny Brodeur\Desktop\Program Shrotcuts
2013-05-22 18:11 - 2013-05-19 10:52 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-05-22 18:11 - 2013-04-29 16:18 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2013-05-22 18:09 - 2013-05-22 18:09 - 00000812 ____A C:\Users\Public\Desktop\Speccy.lnk
2013-05-22 18:09 - 2013-05-22 18:09 - 00000000 ____D C:\Program Files\Speccy
2013-05-22 18:09 - 2013-05-22 18:09 - 00000000 ____A C:\Windows\setuperr.log
2013-05-22 18:06 - 2013-05-22 18:05 - 00032442 ____A C:\Users\Kenny Brodeur\Documents\cc_20130522_180558.reg
2013-05-22 18:05 - 2013-05-17 21:04 - 00000000 ___DC C:\Users\Kenny Brodeur\AppData\Local\MigWiz
2013-05-22 18:05 - 2013-03-22 20:42 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Roaming\Media Player Classic
2013-05-22 18:05 - 2013-01-03 21:14 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Local\CrashDumps
2013-05-22 18:00 - 2013-05-22 18:00 - 00001090 ____A C:\Users\Public\Desktop\CCleaner Business.lnk
2013-05-22 18:00 - 2013-05-22 18:00 - 00000000 ____D C:\Program Files (x86)\CCleaner Business
2013-05-22 17:34 - 2013-05-22 17:31 - 00000046 __ASH C:\Windows\System32\config\desktop.ini
2013-05-22 17:07 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-05-22 15:37 - 2013-05-22 15:37 - 00015899 ____A C:\Users\Kenny Brodeur\Downloads\MassageCreep - Jessa Rhodes hd 720 20 may 2013-[rarbg.com].torrent
2013-05-22 15:34 - 2013-05-22 15:34 - 00026038 ____A C:\Users\Kenny Brodeur\Downloads\Chanel Preston - Mandingo Massacre 8-[rarbg.com].torrent
2013-05-22 15:28 - 2013-05-22 15:28 - 00030143 ____A C:\Users\Kenny Brodeur\Downloads\Kamasutra.Sexual.Positions.for.Lovers.2013.480p.BluRay.x264-mSD-[rarbg.com].torrent
2013-05-22 15:25 - 2013-05-22 15:25 - 00000000 ____D C:\Program Files (x86)\ESET
2013-05-19 21:16 - 2013-02-25 17:29 - 00000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate
2013-05-19 20:25 - 2013-05-05 20:18 - 00000000 ____D C:\ProgramData\xml_param
2013-05-19 17:40 - 2013-05-19 17:40 - 00000000 ____D C:\Games
2013-05-19 13:26 - 2013-05-19 13:26 - 00142417 ____A C:\Users\Kenny Brodeur\Downloads\[kat.ph]are.you.being.served.torrent
2013-05-19 11:21 - 2009-07-13 19:34 - 00000855 ____A C:\Windows\System32\Drivers\etc\hosts_bak_876
2013-05-19 11:04 - 2013-05-19 11:04 - 00000207 ____A C:\Windows\tweaking.com-regbackup-KENNYBRODEUR-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2013-05-19 11:04 - 2013-05-19 11:04 - 00000000 ____D C:\RegBackup
2013-05-19 09:59 - 2013-05-19 09:59 - 00001129 ____A C:\Users\Public\Desktop\M.Bytes Anti-Malware.lnk
2013-05-19 09:59 - 2013-05-19 09:59 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Roaming\Malwarebytes
2013-05-19 09:59 - 2013-05-19 09:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-19 09:59 - 2013-05-19 09:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-18 17:30 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2013-05-18 16:08 - 2012-09-16 08:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-05-18 14:12 - 2013-05-18 14:12 - 00000689 ____A C:\Users\Kenny Brodeur\Desktop\Music Videos.lnk
2013-05-18 13:55 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2013-05-18 13:55 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\inetsrv
2013-05-18 13:54 - 2012-09-16 08:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-18 13:36 - 2013-05-18 13:36 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2013-05-18 13:36 - 2013-05-18 13:36 - 00000000 ____D C:\Windows\System32\BestPractices
2013-05-18 13:36 - 2013-05-05 21:58 - 00000000 ____D C:\inetpub
2013-05-18 13:36 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-18 12:21 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2013-05-18 09:08 - 2013-05-14 20:26 - 00001543 ____A C:\Users\Kenny Brodeur\Desktop\Explorer.lnk
2013-05-18 09:06 - 2013-05-18 09:06 - 00000836 ____A C:\Users\Kenny Brodeur\Desktop\Tixati.lnk
2013-05-18 09:05 - 2013-05-18 09:05 - 00000662 ____A C:\Users\Kenny Brodeur\Desktop\Pictures.lnk
2013-05-18 09:04 - 2013-05-18 09:04 - 00000732 ____A C:\Users\Kenny Brodeur\Desktop\Brodeur's Programs.lnk
2013-05-18 09:04 - 2013-05-18 09:04 - 00000711 ____A C:\Users\Kenny Brodeur\Desktop\Brodeur's Music.lnk
2013-05-18 09:04 - 2013-05-18 09:04 - 00000711 ____A C:\Users\Kenny Brodeur\Desktop\Brodeur's MP3's.lnk
2013-05-18 09:04 - 2013-05-18 09:04 - 00000690 ____A C:\Users\Kenny Brodeur\Desktop\Devils Icons.lnk
2013-05-18 08:51 - 2013-05-18 08:51 - 00001408 ____A C:\Users\Kenny Brodeur\Desktop\peerblock.lnk
2013-05-18 08:42 - 2009-07-13 19:34 - 00000855 ____A C:\Windows\System32\Drivers\etc\hosts_bak_789
2013-05-18 08:31 - 2013-05-18 08:31 - 00002179 ____A C:\Users\Kenny Brodeur\Desktop\Windows Repair.lnk
2013-05-18 08:31 - 2013-05-18 08:31 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-05-17 23:17 - 2013-05-17 23:17 - 00000000 ____D C:\archive_db
2013-05-17 22:59 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\System32\restore
2013-05-17 22:13 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\SysWOW64\restore
2013-05-17 21:33 - 2012-09-19 21:59 - 00001908 ____A C:\Windows\diagwrn.xml
2013-05-17 21:33 - 2012-09-19 21:59 - 00001908 ____A C:\Windows\diagerr.xml
2013-05-17 20:35 - 2013-05-17 20:32 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Local\iWesoft
2013-05-17 20:33 - 2013-05-17 20:33 - 00000028 ____A C:\Users\Kenny Brodeur\Documents\LicenseKey.txt
2013-05-17 20:32 - 2013-05-17 20:32 - 00001319 ____A C:\Users\Kenny Brodeur\Desktop\Magic RegCleaner.lnk
2013-05-17 20:32 - 2013-05-17 20:32 - 00000000 ____D C:\Program Files (x86)\Magic Registry Cleaner
2013-05-17 20:24 - 2013-05-17 20:16 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Local\Promosoft Corporation
2013-05-17 19:57 - 2010-01-30 16:16 - 00000000 __SHD C:\Recovery
2013-05-17 19:37 - 2013-05-17 19:37 - 00000772 ____A C:\Users\Kenny Brodeur\0
2013-05-17 19:37 - 2012-09-12 15:47 - 00000000 ____D C:\users\Kenny Brodeur
2013-05-17 19:31 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\NDF
2013-05-16 18:31 - 2013-05-16 18:31 - 00000000 ____D C:\Program Files (x86)\LSoft Technologies
2013-05-16 16:04 - 2013-05-16 16:04 - 00208216 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\22740625.sys
2013-05-16 16:03 - 2012-09-12 20:23 - 00018960 ____A (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2013-05-16 14:10 - 2013-05-16 14:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-05-16 13:42 - 2013-05-16 13:42 - 00208216 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\69679998.sys
2013-05-16 13:39 - 2013-05-16 13:39 - 00208216 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\65210933.sys
2013-05-15 21:21 - 2013-05-15 21:21 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-05-15 21:21 - 2013-05-15 21:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-05-15 21:21 - 2013-05-15 21:10 - 01926648 ____A C:\Windows\System32\Drivers\Cat.DB
2013-05-15 21:21 - 2012-09-12 17:40 - 00001945 ____A C:\Windows\epplauncher.mif
2013-05-15 20:44 - 2012-09-12 16:29 - 00000000 ____D C:\Windows\Panther
2013-05-15 18:55 - 2013-04-08 14:45 - 00000000 ____D C:\Program Files\Bitdefender
2013-05-15 18:35 - 2013-05-14 17:34 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-05-15 18:35 - 2013-05-14 17:34 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-05-15 13:45 - 2013-02-11 22:20 - 10750564 ____A C:\Users\Kenny Brodeur\AppData\Local\census.cache
2013-05-15 13:07 - 2013-02-11 22:19 - 00084324 ____A C:\Users\Kenny Brodeur\AppData\Local\ars.cache
2013-05-14 20:16 - 2012-09-12 16:13 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-13 20:16 - 2013-03-10 10:33 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-05-13 20:16 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\AppCompat
2013-05-11 09:52 - 2013-05-11 09:52 - 00000000 ____D C:\Download
2013-05-11 03:00 - 2013-05-11 03:00 - 00000000 ____D C:\tmpDownload
2013-05-07 16:19 - 2012-10-24 13:23 - 00012800 ____A C:\Users\Kenny Brodeur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-07 13:39 - 2012-12-27 15:45 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-05-07 13:24 - 2013-05-07 13:24 - 00000000 ____A C:\Windows\System32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2013-05-07 13:24 - 2013-05-07 13:24 - 00000000 ____A C:\Windows\System32\Drivers\Msft_Kernel_GeneStor_01009.Wdf
2013-05-07 12:57 - 2013-05-07 12:57 - 00000000 ____D C:\ProgramData\Bell
2013-05-07 12:57 - 2013-04-26 20:56 - 00000000 ____D C:\Program Files (x86)\Bell
2013-05-07 11:56 - 2013-04-19 07:42 - 00000000 ____D C:\Program Files (x86)\IconICan Studio
2013-05-07 11:56 - 2013-02-28 14:16 - 00000000 ____D C:\Program Files\WinRAR
2013-05-07 11:56 - 2012-12-12 14:16 - 00000000 ____D C:\Program Files\SystemRequirementsLab
2013-05-07 11:56 - 2012-11-22 19:56 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2013-05-07 11:56 - 2012-11-07 17:12 - 00000000 ____D C:\Program Files\tixati
2013-05-07 11:56 - 2012-11-04 14:37 - 00000000 ____D C:\Program Files (x86)\GPU-Z
2013-05-07 11:56 - 2012-10-12 18:24 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2013-05-07 11:56 - 2012-09-16 08:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-05-07 11:56 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-05-07 11:56 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-05-07 11:56 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\servicing
2013-05-05 21:58 - 2013-05-05 21:58 - 00000000 ____D C:\ProgramData\Sony Corporation
2013-05-05 21:58 - 2013-05-05 21:58 - 00000000 ____D C:\ProgramData\PlayFirst
2013-05-05 21:58 - 2013-05-05 21:58 - 00000000 ____D C:\ProgramData\iWin
2013-05-05 21:58 - 2013-05-05 21:58 - 00000000 ____D C:\ProgramData\backup
2013-05-05 21:58 - 2013-05-05 21:58 - 00000000 ____D C:\extensions
2013-05-05 21:58 - 2013-03-13 06:53 - 00000000 ____D C:\ProgramData\Google
2013-05-05 21:58 - 2013-03-13 06:53 - 00000000 ____D C:\Program Files (x86)\Google
2013-05-05 21:58 - 2012-12-10 16:06 - 00000000 ____D C:\ProgramData\Intel
2013-05-05 21:58 - 2012-09-22 07:19 - 00000000 ____D C:\ProgramData\Trymedia
2013-05-05 21:58 - 2012-09-16 08:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-05-05 21:58 - 2012-09-12 20:21 - 00000000 ____D C:\ProgramData\Logishrd
2013-05-05 21:58 - 2012-09-12 17:20 - 00000000 ____D C:\ProgramData\PopCap Games
2013-05-05 19:27 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Services
2013-05-05 19:15 - 2012-09-12 17:21 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Roaming\Macromedia
2013-05-05 18:44 - 2012-11-24 19:44 - 00000000 ____D C:\Program Files (x86)\Intel
2013-05-05 18:44 - 2012-09-12 18:29 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-05-04 22:42 - 2013-05-04 22:42 - 00032928 ____A C:\Users\Kenny Brodeur\Downloads\[kat.ph]the.host.2013.hdrip.xvid.s4a.torrent
2013-05-04 22:30 - 2013-05-04 22:30 - 00022332 ____A C:\Users\Kenny Brodeur\Downloads\[kat.ph]john.lee.hooker.the.very.best.of.1995.mp3.320.torrent
2013-05-03 18:48 - 2013-05-03 18:48 - 00024206 ____A C:\Users\Kenny Brodeur\Downloads\[isoHunt] World Pop Singles Top-40 [April 2013].torrent
2013-05-02 08:29 - 2012-09-12 16:04 - 00278800 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2013-04-29 16:18 - 2013-01-08 12:17 - 00000045 ____A C:\Windows\SysWOW64\initdebug.nfo
2013-04-28 05:53 - 2013-03-13 06:53 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Local\Google
2013-04-27 12:51 - 2013-04-27 12:51 - 00386464 ____A (Bleeping Computer, LLC) C:\Users\Kenny Brodeur\Downloads\show-hidden.exe
2013-04-26 20:57 - 2013-04-26 20:57 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Roaming\Sierra Wireless
2013-04-26 20:57 - 2013-04-26 20:57 - 00000000 ____A C:\Windows\System32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2013-04-26 20:56 - 2013-04-26 20:56 - 00000000 ____D C:\ProgramData\Sierra Wireless
2013-04-26 20:55 - 2012-09-21 20:10 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Local\Downloaded Installations
2013-04-24 19:58 - 2013-04-24 19:58 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Roaming\atitray
2013-04-24 19:58 - 2012-12-23 16:08 - 00000000 ____D C:\Users\Kenny Brodeur\AppData\Roaming\OpenCandy

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


Last Boot: 2013-05-14 00:38

==================== End Of Log ========================
stanley62 is offline  
Old 05-23-2013, 04:19 PM   #16
Registered Member
 
Join Date: Oct 2008
Location: British Columbia
Posts: 20
OS: Windows 7 64bit



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-05-2013
Ran by Kenny Brodeur at 2013-05-23 16:07:06 Run:
Running from C:\Users\Kenny Brodeur\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

[email protected] File Recovery Professional 10 (Version: 10)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Alcor Micro USB Card Reader (Version: 1.7.17.25416)
ASUS VGA Driver (Version: 3.0.0.1)
Catalyst Control Center Graphics Previews Common (Version: 2010.1125.2148.39102)
CCleaner Business (Version: v3.19.1721)
Content Transfer (Version: 1.3.0.23190)
ESET Online Scanner v3
Garmin Lifetime Updater (Version: 2.1.11)
IconICan Studio version 2.0 (Version: 2.0)
ImgBurn (Version: 2.5.7.0)
InstallVC90Support (Version: 1.01.0000)
Intel(R) Desktop Utilities (Version: 1.0.0)
Intel(R) Network Connections 16.8.46.0 (Version: 16.8.46.0)
Intel(R) SMBus
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
K-Lite Mega Codec Pack 9.8.0 (Version: 9.8.0)
Logitech SetPoint 6.32 (Version: 6.32.20)
Magic Registry Cleaner (Version: 2.0.0.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
NovaBench 3.0.4
Paragon Hard Disk Manager™ 2010 Professional (Version: 90.00.0003)
Picasa 3 (Version: 3.9)
Realtek High Definition Audio Driver (Version: 6.0.1.6865)
Speccy (Version: 1.21)
System Requirements Lab for Intel (64-bit) (Version: 4.5.11.0)
System Requirements Lab for Intel (Version: 4.5.11.0)
TechPowerUp GPU-Z
Tweaking.com - Windows Repair (All in One) (Version: 1.9.14)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
Wondershare Video Converter Ultimate(Build 6.0.0.18) (Version: 6.0.0.18)

==================== Restore Points =========================

22-05-2013 03:08:43 Summer is here
23-05-2013 00:58:48 Installed Windows Defender
23-05-2013 01:28:35 Windows Update
23-05-2013 01:29:30 Windows Update
23-05-2013 01:31:59 Windows Update
23-05-2013 01:43:29 Tweaking.com - Windows Repair
23-05-2013 01:58:12 Windows Update
23-05-2013 02:00:18 Windows Update

==================== Hosts content: ==========================




127.0.0.1 localhost


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/22/2013 10:25:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/22/2013 06:21:40 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/22/2013 06:21:40 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/22/2013 06:21:40 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/22/2013 06:21:40 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (05/22/2013 06:21:39 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/22/2013 06:21:39 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (05/22/2013 06:21:39 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/22/2013 06:21:39 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/22/2013 06:21:39 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.


Details:
0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))


System errors:
=============
Error: (05/23/2013 03:27:13 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
atitray

Error: (05/23/2013 03:27:06 PM) (Source: Service Control Manager) (User: )
Description: The supersafer64 service failed to start due to the following error:
%%2

Error: (05/22/2013 07:15:18 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
atitray

Error: (05/22/2013 07:15:11 PM) (Source: Service Control Manager) (User: )
Description: The supersafer64 service failed to start due to the following error:
%%2

Error: (05/22/2013 07:11:03 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/22/2013 07:01:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 10 for Windows 7 for x64-based Systems.

Error: (05/22/2013 06:32:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 10 for Windows 7 for x64-based Systems.

Error: (05/22/2013 06:30:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 10 for Windows 7 for x64-based Systems.

Error: (05/22/2013 06:29:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 10 for Windows 7 for x64-based Systems.

Error: (05/22/2013 06:22:18 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056


Microsoft Office Sessions:
=========================
Error: (02/21/2013 04:52:39 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2013-04-24 22:22:34.224
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-24 22:22:34.204
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-24 22:22:26.099
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-24 22:22:26.074
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-02-18 17:04:48.707
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_179\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-12-24 20:21:23.190
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\PeerGuardian2\pgfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-12-24 20:21:23.180
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\PeerGuardian2\pgfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-12-24 20:21:02.320
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\PeerGuardian2\pgfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-12-24 20:21:02.310
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\PeerGuardian2\pgfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-12-24 20:20:45.379
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\PeerGuardian2\pgfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
stanley62 is offline  
Old 05-23-2013, 04:23 PM   #17
Registered Member
 
Join Date: Oct 2008
Location: British Columbia
Posts: 20
OS: Windows 7 64bit



Do you want me to run the fix option? I won't until I hear back from you. :)
stanley62 is offline  
Old 05-23-2013, 09:23 PM   #18
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



You may do that, but there won´t happen anything. I have to analyze your log and create a script for you, first. ;)
TB-PsYcHoTiC is offline  
Old 05-23-2013, 11:01 PM   #19
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



Fix with FRST

  • Open notepad (Start =>All Programs => Accessories => Notepad).
  • Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
  • Save it to the same direction as frst.exe (or frst64.exe).

    Code:
    DeleteJunctionsInDirectory: C:\Program Files\Windows Defender\MpSvc.dll
    DeleteJunctionsInDirectory: c:\Program Files (x86)\Microsoft Security Client 
    search: MPSvc.dll
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.
TB-PsYcHoTiC is offline  
Old 05-26-2013, 10:38 PM   #20
Security Team
Analyst
 
Join Date: Nov 2011
Posts: 754
OS: Win7 SP 1



Are you still with me?
TB-PsYcHoTiC is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Happili Virus Redirect
Hello: I've been hit with the Happili virus where it redirects me when I conduct a google search. Attached is the GMER and TDSS files. Your help is greatly appreciated. Thank you. -ttvr4
ttvr4 Resolved HJT Threads 14 05-15-2012 11:47 AM
Bad Image Errors
I'm trying to get rid of some bad image errors and rundll errors during start-up on my windows xp computer. I ran the HiJackThis program and here is the log. I don't know which ones to delete. Please help. How do I avoid this in the future? Logfile of Trend Micro HijackThis v2.0.4 Scan...
Generalpork12 Resolved HJT Threads 15 02-16-2012 03:52 PM
"System Fix" virus hijacked computer
Hello, I’ve got a computer infected with the “System Fix” Virus. I believe the OS is Windows XP Professional. Searching the Tech Support Forum lead me to this thread: https://www.techsupportforum.com/forums/f50/im-in-trouble-614906.html Since that thread is getting quite long, I figured...
SilentJim Resolved HJT Threads 48 12-02-2011 08:10 AM
System Restore Virus Not removed completely
I recently got a System Restore Virus and was able to remove a lot of it using Malwarebytes. My scan is now clean although my TrendMicro Software is picking up several viruses/trojans that it cannot remove and google searches are redirected. I had difficulty downloading and running dds (it runs...
tdoby724 Resolved HJT Threads 16 11-07-2011 02:04 PM
error from upgradation to oel 6 from oel5_6
--> Missing Dependency: libiso9660.so.5()(64bit) is needed by package xine-lib-1.1.19-2.el5.rf.x86_64 (installed) java-1.4.2-gcj-compat-devel-1.4.2.0-40jpp.115.i386 from installed has depsolving problems --> Missing Dependency: python(abi) = 2.4 is needed by package...
csayantan Linux Support 1 02-20-2011 09:04 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 10:31 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts