[Inactive] Sus.
Page 1 of 2 12 LastLast
Results 1 to 15 of 17

Thread: [Inactive] Sus.

  1. #1
    Join Date
    Mar 2007
    Posts
    689

    Resolved [Inactive] Sus.

    My new laptop came with Kaspersky 30 day free trial which included a banner ad blocker which i found speeded up my web surfing.Does anyone know if there are any free banner ad blocking prog's available or do they only come with certain internet security suites.
    Also last couple of days i've been getting runtime error's on shutdown,is there anything i can do about this . This laptop is only a month old and weird
    thing's are happening,on the last day of the Kaspersky trial a dodgy program
    came up saying that i had a huge number of trojans,viruses etc, and to
    download it to fix them.But i just pressed cancel a few times and restart
    and it never came back,it kind of put me off Kaspersky so i'm now trying
    ESET Trial but it doesn't have "banner ad blocker".
    Should i start doing the intensive care scan's or am i just being paranoid.
    Malwarebytes Anti-Malware 1.60.1.1000
    www.malwarebytes.org

    Database version: v2012.03.22.04

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Christine :: CHRISTINE-PC [administrator]

    22/03/2012 20:21:40
    mbam-log-2012-03-22 (20-21-40).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 207514
    Time elapsed: 2 minute(s), 21 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

  2. #2
    Join Date
    Mar 2007
    Posts
    689

    Sus.

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-03-22 20:45:09
    Windows 6.1.7601 Service Pack 1
    Running: bnl65vt7.exe


    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\4cedde691bcc
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90a4dea5529a
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90a4dea5529a@6c9b027885e3 0x48 0x15 0x92 0xD7 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90a4dea5529a@307c308d569d 0xED 0x2A 0x6E 0x1B ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90a4dea5529a@34159e9be787 0x23 0x91 0x96 0x89 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90a4dea5529a@1474110c0886 0xA1 0x59 0x93 0x87 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\4cedde691bcc (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90a4dea5529a (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90a4dea5529a@6c9b027885e3 0x48 0x15 0x92 0xD7 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90a4dea5529a@307c308d569d 0xED 0x2A 0x6E 0x1B ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90a4dea5529a@34159e9be787 0x23 0x91 0x96 0x89 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90a4dea5529a@1474110c0886 0xA1 0x59 0x93 0x87 ...

    ---- EOF - GMER 1.0.15 ----

  3. #3
    Join Date
    Mar 2007
    Posts
    689

    Sus.

    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-03-22 20:53:16
    -----------------------------
    20:53:16.309 OS Version: Windows x64 6.1.7601 Service Pack 1
    20:53:16.309 Number of processors: 4 586 0x2A07
    20:53:16.309 ComputerName: CHRISTINE-PC UserName: Christine
    20:53:16.964 Initialize success
    20:53:51.898 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    20:53:51.898 Disk 0 Vendor: SAMSUNG_ 2AR1 Size: 953869MB BusType: 3
    20:53:51.914 Disk 0 MBR read successfully
    20:53:51.914 Disk 0 MBR scan
    20:53:51.930 Disk 0 unknown MBR code
    20:53:51.930 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
    20:53:51.945 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 514048 MB offset 206848
    20:53:51.945 Disk 0 Partition - 00 0F Extended LBA 419098 MB offset 1052977152
    20:53:51.976 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 20622 MB offset 1911289856
    20:53:52.008 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 419097 MB offset 1052979200
    20:53:52.039 Disk 0 scanning C:\windows\system32\drivers
    20:53:58.139 Service scanning
    20:54:14.347 Modules scanning
    20:54:14.363 Disk 0 trace - called modules:
    20:54:14.893 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
    20:54:14.893 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80077ce060]
    20:54:14.909 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007521050]
    20:54:14.924 Scan finished successfully
    20:54:59.977 Disk 0 MBR has been saved successfully to "C:\Users\Christine\Desktop\MBR.dat"
    20:54:59.993 The log file has been saved successfully to "C:\Users\Christine\Desktop\aswMBR.txt"

  4. #4
    Join Date
    Mar 2007
    Posts
    689

    sus.

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 16/02/2012 16:51:31
    System Uptime: 22/03/2012 20:02:14 (1 hours ago)
    .
    Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | RF511/RF411/RF711
    Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz | CPU 1 | 2501/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 502 GiB total, 428.848 GiB free.
    D: is FIXED (NTFS) - 409 GiB total, 385.453 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID:
    Description:
    Device ID: BTHENUM\{00005557-0000-1000-8000-0002EE000001}_VID&00010001_PID&00FD\8&15C4787D&0&6C9B027885E3_C00000000
    Manufacturer:
    Name:
    PNP Device ID: BTHENUM\{00005557-0000-1000-8000-0002EE000001}_VID&00010001_PID&00FD\8&15C4787D&0&6C9B027885E3_C00000000
    Service:
    .
    ==== System Restore Points ===================
    .
    RP54: 05/03/2012 03:11:03 - Installed Microsoft Fix it 50123
    RP55: 06/03/2012 12:06:40 - Windows Update
    RP56: 06/03/2012 20:34:23 - Installed Grand Theft Auto Vice City
    RP57: 09/03/2012 22:04:04 - Windows Update
    RP58: 13/03/2012 11:44:46 - Windows Update
    RP59: 14/03/2012 18:18:23 - Windows Update
    RP60: 20/03/2012 13:14:17 - Windows Update
    RP61: 21/03/2012 16:17:56 - Installed Adobe Reader X (10.1.0).
    RP62: 21/03/2012 18:25:24 - Installed TotalMedia
    .
    ==== Installed Programs ======================
    .
    ?? ??? ?? Windows Live Mesh ActiveX ???
    ??? ActiveX ?? Windows Live Mesh ???? ??????? ???????
    ???? ??? Windows Live
    ???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ???????
    ???? Windows Live
    ????? Windows Live
    ?????? ??????? ?? Windows Live
    ??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ???????????
    ??????? Windows Live Mesh ActiveX ??(????)
    ??????? Windows Live Mesh ActiveX ???
    ???????? ?????????? Windows Live
    ????????? ActiveX ?? Windows Live Mesh ????????????????????????? (???)
    ?????????? Windows Live
    ??????????? ?? Windows Live
    ActiveX-kontroll för fjärran****ningar för Windows Live Mesh
    ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ??????
    Adobe AIR
    Adobe Reader X (10.1.2)
    Agatha Christie - Death on the Nile
    Apple Application Support
    Apple Software Update
    ArcSoft TotalMedia 3
    „Windows Live Essentials“
    „Windows Live Mail“
    „Windows Live Mesh ActiveX“ nuotoliniu ryšiu valdiklis
    „Windows Live Messenger“
    „Windows Live“ fotogalerija
    BatteryLifeExtender
    Bejeweled 2 Deluxe
    Bing Bar
    Build-a-lot
    ChargeableUSB
    Chuzzle Deluxe
    Contrôle ActiveX Windows Live Mesh pour connexions Ã* distance
    Control ActiveX de Windows Live Mesh para conexiones remotas
    Control ActiveX Windows Live Mesh pentru conexiuni la distan?a
    Controle ActiveX do Windows Live Mesh para Conexões Remotas
    Controlo ActiveX do Windows Live Mesh para Ligações Remotas
    CyberLink Media Suite
    CyberLink Media+ Player10
    CyberLink MediaShow
    CyberLink Power2Go
    CyberLink PowerDirector
    CyberLink YouCam
    D3DX10
    Diner Dash 2 Restaurant Rescue
    Easy Content Share
    Easy Display Manager
    Easy Migration
    Easy Network Manager
    Easy SpeedUp Manager
    EasyBatteryManager
    EasyFileShare
    Farm Frenzy
    Fast Start
    Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych
    Fotogalerija Windows Live
    Galeria de Fotografias do Windows Live
    Galeria fotografii uslugi Windows Live
    Galerie de photos Windows Live
    Galerie foto Windows Live
    GalerÃ*a fotográfica de Windows Live
    Grand Theft Auto Vice City
    Insaniquarium Deluxe
    Intel(R) Control Center
    Intel(R) Management Engine Components
    Intel(R) Processor Graphics
    Intel(R) Rapid Storage Technology
    John Deere Drive Green
    Junk Mail filter update
    Kontrola Windows Live Mesh ActiveX za daljinske veze
    Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
    Malwarebytes Anti-Malware version 1.60.1.1000
    Mesh Runtime
    Microsoft Office 2010
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Movie Color Enhancer
    MSVCRT
    MSVCRT_amd64
    Multimedia POP
    OvládacÃ* prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojenÃ*
    OvládacÃ* prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
    Peggle
    Penguins!
    PhoneShare
    Plants vs. Zombies
    Poczta uslugi Windows Live
    Podstawowe programy Windows Live
    Polar Golfer
    Pošta Windows Live
    QuickTime
    Raccolta foto di Windows Live
    Realtek Ethernet Controller Driver
    Realtek High Definition Audio Driver
    Renesas Electronics USB 3.0 Host Controller Driver
    S?????? f?t???af??? t?? Windows Live
    Samsung AnyWeb Print
    Samsung Printer Live Update
    Samsung Recovery Solution 5
    Samsung Support Center 1.0
    Samsung Universal Print Driver
    Samsung Universal Scan Driver
    Samsung Update Plus
    SamsungMovie
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    SISShortcut
    Skypeâ„¢ 4.2
    SpywareBlaster 4.6
    St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    User Guide
    Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi
    WildTangent Games
    WildTangent ORB Game Console
    Windows Live
    Windows Live ??
    Windows Live ?? ???
    Windows Live ???
    Windows Live ????
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Fotótár
    Windows Live Foto-galerija
    Windows Live fotoattelu galerija
    Windows Live Fotogalerie
    Windows Live Fotogalleri
    Windows Live Fotogaléria
    Windows Live Fotograf Galerisi
    Windows Live Galeria de Fotos
    Windows Live Galerija fotografija
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
    Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
    Windows Live Mesh ActiveX-objekt til fjernforbindelser
    Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz
    Windows Live Mesh ActiveX control for remote connections
    Windows Live Mesh ActiveX kontrola za daljinske veze
    Windows Live Mesh ActiveX vadikla attalajiem savienojumiem
    Windows Live Meshin etäyhteyksien ActiveX-komponentti
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Pošta
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Temel Parçalar
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Liven asennustyökalu
    Windows Liven sähköposti
    Windows Liven valokuvavalikoima
    WordCaptureX Pro
    Zuma Deluxe
    .
    ==== Event Viewer Messages From Past Week ========
    .
    22/03/2012 17:41:40, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
    22/03/2012 03:26:31, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
    22/03/2012 03:26:31, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
    21/03/2012 10:45:39, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
    21/03/2012 10:45:39, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    21/03/2012 10:45:39, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    20/03/2012 13:17:17, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.121.1871.0).
    15/03/2012 19:13:09, Error: bowser [8003] - The master browser has received a server announcement from the computer TRACY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{6FCCD9FA-0DCF-4AE2-93FB-2541A7BEBD63}. The master browser is stopping or an election is being forced.
    15/03/2012 18:46:02, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    15/03/2012 14:18:10, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    .
    ==== End Of File ===========================

  5. #5
    Join Date
    Mar 2007
    Posts
    689

    sus.

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Christine at 21:00:19 on 2012-03-22
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8104.6302 [GMT 0:00]
    .
    AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
    SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: ESET Personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\nvvsvc.exe
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\system32\WLANExt.exe
    C:\windows\system32\conhost.exe
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\windows\System32\alg.exe
    C:\windows\system32\svchost.exe -k bthsvcs
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\windows\System32\rundll32.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\windows\system32\taskeng.exe
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\windows\system32\taskeng.exe
    C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
    C:\windows\system32\igfxext.exe
    C:\windows\system32\igfxsrvc.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
    C:\windows\system32\hkcmd.exe
    C:\windows\system32\igfxtray.exe
    C:\windows\system32\igfxpers.exe
    C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\windows\SysWOW64\RunDll32.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
    C:\windows\system32\DllHost.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\windows\system32\svchost.exe -k imgsvc
    C:\windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
    C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
    C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\windows\SysWOW64\Macromed\Flash\FlashUtil11f_ActiveX.exe
    C:\windows\system32\DllHost.exe
    C:\windows\system32\DllHost.exe
    C:\windows\SysWOW64\cmd.exe
    C:\windows\system32\conhost.exe
    C:\windows\SysWOW64\cscript.exe
    C:\windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.co.uk/
    uDefault_Page_URL = hxxp://samsung.msn.com
    mStart Page = hxxp://samsung.msn.com
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Samsung BHO Class: {aa609d72-8482-4076-8991-8cdae5b93bcb} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
    BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - C:\Program Files (x86)\WOT\WOT.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - C:\Program Files (x86)\WOT\WOT.dll
    mRunOnce: [UnKIS] wscript.exe //b C:\Users\CHRIST~1\AppData\Local\Temp\UnKIS.vbs
    mRunOnce: [UnKAV] wscript.exe //b C:\Users\CHRIST~1\AppData\Local\Temp\UnKAV.vbs
    mRunOnce: [UnPURE] wscript.exe //b C:\Users\CHRIST~1\AppData\Local\Temp\UnPURE.vbs
    mRunOnce: [0002E7B0.kln] C:\Users\CHRIST~1\AppData\Local\Temp\\0002E7B0.vbs
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
    TCP: DhcpNameServer = 192.168.2.1 194.168.4.100 194.168.8.100
    TCP: Interfaces\{6FCCD9FA-0DCF-4AE2-93FB-2541A7BEBD63} : DhcpNameServer = 192.168.2.1 194.168.4.100 194.168.8.100
    TCP: Interfaces\{6FCCD9FA-0DCF-4AE2-93FB-2541A7BEBD63}\35B4952414730353 : DhcpNameServer = 192.168.0.1
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
    AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Samsung BHO Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
    BHO-X64: Samsung BHO Helper - No File
    BHO-X64: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB-X64: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
    mRunOnce-x64: [UnKIS] wscript.exe //b C:\Users\CHRIST~1\AppData\Local\Temp\UnKIS.vbs
    mRunOnce-x64: [UnKAV] wscript.exe //b C:\Users\CHRIST~1\AppData\Local\Temp\UnKAV.vbs
    mRunOnce-x64: [UnPURE] wscript.exe //b C:\Users\CHRIST~1\AppData\Local\Temp\UnPURE.vbs
    mRunOnce-x64: [0002E7B0.kln] C:\Users\CHRIST~1\AppData\Local\Temp\\0002E7B0.vbs
    IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    AppInit_DLLs-X64: C:\windows\SysWOW64\nvinit.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 epfwwfp;epfwwfp;C:\windows\system32\DRIVERS\epfwwfp.sys --> C:\windows\system32\DRIVERS\epfwwfp.sys [?]
    R0 nvpciflt;nvpciflt;C:\windows\system32\DRIVERS\nvpciflt.sys --> C:\windows\system32\DRIVERS\nvpciflt.sys [?]
    R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\windows\system32\DRIVERS\EpfwLWF.sys --> C:\windows\system32\DRIVERS\EpfwLWF.sys [?]
    R1 SABI;SAMSUNG Kernel Driver For Windows 7;\??\C:\windows\system32\Drivers\SABI.sys --> C:\windows\system32\Drivers\SABI.sys [?]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
    R2 eamonm;eamonm;C:\windows\system32\DRIVERS\eamonm.sys --> C:\windows\system32\DRIVERS\eamonm.sys [?]
    R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-9-22 974944]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-9-7 2009704]
    R2 TurboB;Turbo Boost UI Monitor driver;C:\windows\system32\DRIVERS\TurboB.sys --> C:\windows\system32\DRIVERS\TurboB.sys [?]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-9-7 2655768]
    R3 BTWAMPFL;BTWAMPFL;C:\windows\system32\DRIVERS\btwampfl.sys --> C:\windows\system32\DRIVERS\btwampfl.sys [?]
    R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\system32\DRIVERS\btwl2cap.sys --> C:\windows\system32\DRIVERS\btwl2cap.sys [?]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\system32\DRIVERS\clwvd.sys --> C:\windows\system32\DRIVERS\clwvd.sys [?]
    R3 ETD;ELAN PS/2 Port Input Device;C:\windows\system32\DRIVERS\ETD.sys --> C:\windows\system32\DRIVERS\ETD.sys [?]
    R3 IntcDAud;Intel(R) Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
    R3 MEIx64;Intel(R) Management Engine Interface ;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\system32\DRIVERS\nusb3hub.sys --> C:\windows\system32\DRIVERS\nusb3hub.sys [?]
    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\system32\DRIVERS\nusb3xhc.sys --> C:\windows\system32\DRIVERS\nusb3xhc.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
    S3 Samsung UPD Service;Samsung UPD Service;"C:\windows\System32\SUPDSvc.exe" --> C:\windows\System32\SUPDSvc.exe [?]
    S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]
    S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-8 150016]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== File Associations ===============
    .
    JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
    VBEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
    VBSFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
    .
    =============== Created Last 30 ================
    .
    2012-03-22 16:02:42 118784 ----a-w- C:\windows\SysWow64\MSSTDFMT.DLL
    2012-03-22 16:02:42 1071088 ----a-w- C:\windows\SysWow64\MSCOMCTL.OCX
    2012-03-22 16:02:35 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
    2012-03-22 13:30:09 -------- d-----w- C:\Users\Christine\AppData\Local\{C02FA772-DB6A-4C15-B684-93AA7765F740}
    2012-03-22 13:29:56 -------- d-----w- C:\Users\Christine\AppData\Local\{80FDD766-FFD9-4ECA-AE71-C352EA37BB81}
    2012-03-22 03:35:51 -------- d-----w- C:\windows\pss
    2012-03-21 18:26:43 22784 ----a-w- C:\windows\SysWow64\drivers\afc.sys
    2012-03-21 18:25:38 245408 ----a-w- C:\windows\SysWow64\unicows.dll
    2012-03-21 18:24:35 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
    2012-03-21 18:24:35 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
    2012-03-21 18:24:35 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
    2012-03-21 18:24:35 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
    2012-03-21 18:23:33 362624 ----a-w- C:\windows\System32\drivers\AF15BDA.sys
    2012-03-21 18:23:33 28672 ----a-w- C:\windows\System32\AF15BDAEX.dll
    2012-03-21 18:23:33 126 ----a-w- C:\windows\System32\AF15IRTBL.bin
    2012-03-21 15:41:46 -------- d-----w- C:\Users\Christine\AppData\Local\{8808E5BC-EBD6-4029-B588-D760579FB395}
    2012-03-21 15:41:34 -------- d-----w- C:\Users\Christine\AppData\Local\{DC921195-C61D-4451-874D-731E38351FA1}
    2012-03-20 13:20:06 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5867AF63-6246-454D-AC63-ED28920BBA5D}\mpengine.dll
    2012-03-20 13:12:26 -------- d-----w- C:\Users\Christine\AppData\Local\{1DC3B888-7FDC-4C53-BE59-B25C29CEBFE9}
    2012-03-20 13:12:12 -------- d-----w- C:\Users\Christine\AppData\Local\{DF60A4C2-7FD6-4198-A6D6-7730379D6811}
    2012-03-19 11:14:31 -------- d-----w- C:\Users\Christine\AppData\Local\{80FC6C08-C7E6-4D64-AC41-F4C332272B46}
    2012-03-19 11:14:20 -------- d-----w- C:\Users\Christine\AppData\Local\{BDFFBB58-D30C-4293-AA79-ACF467998EE0}
    2012-03-18 14:54:23 -------- d-----w- C:\Program Files\CCleaner
    2012-03-18 10:21:21 -------- d-----w- C:\Users\Christine\AppData\Local\{CD44E069-DB4A-4F56-9982-8E5CA4AB4E07}
    2012-03-18 10:21:06 -------- d-----w- C:\Users\Christine\AppData\Local\{3B56772E-CD7D-4243-997F-E1C88FD72075}
    2012-03-17 16:13:27 -------- d-----w- C:\Users\Christine\AppData\Local\{92CB0408-CDF7-4D27-BBD4-B7BA62F65BCB}
    2012-03-17 16:13:13 -------- d-----w- C:\Users\Christine\AppData\Local\{7F7B1FAB-1CAF-4250-BD6E-C666463ADEFA}
    2012-03-16 23:42:54 -------- d-----w- C:\Users\Christine\AppData\Local\{F55CDCB8-EF0F-45A5-B70C-AC67975360D6}
    2012-03-16 23:42:33 -------- d-----w- C:\Users\Christine\AppData\Local\{2ADCAC63-398E-4C53-B248-5061FB39E3CA}
    2012-03-16 11:39:15 -------- d-----w- C:\Users\Christine\AppData\Local\{15D0F1D6-1EAD-429F-87A6-27B44D38FC45}
    2012-03-16 11:39:03 -------- d-----w- C:\Users\Christine\AppData\Local\{50A9F224-5A16-4DFD-ADD2-A0F551DB545D}
    2012-03-15 19:01:47 -------- d-----w- C:\Users\Christine\AppData\Roaming\ESET
    2012-03-15 19:01:47 -------- d-----w- C:\Users\Christine\AppData\Local\ESET
    2012-03-15 19:00:58 -------- d-----w- C:\Program Files\ESET
    2012-03-15 18:46:58 -------- d-----w- C:\Program Files\iTunes
    2012-03-15 18:46:58 -------- d-----w- C:\Program Files\iPod
    2012-03-15 18:46:58 -------- d-----w- C:\Program Files (x86)\iTunes
    2012-03-15 08:17:38 -------- d-----w- C:\Users\Christine\AppData\Local\{5BA54D24-9DC9-44FF-AF3B-5D36B3081992}
    2012-03-15 08:17:15 -------- d-----w- C:\Users\Christine\AppData\Local\{0C6450B8-06D7-42A4-879B-C8BD13D455A5}
    2012-03-14 18:22:39 5559152 ----a-w- C:\windows\System32\ntoskrnl.exe
    2012-03-14 18:22:38 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
    2012-03-14 18:22:37 3913584 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
    2012-03-14 13:38:20 -------- d-----w- C:\Users\Christine\AppData\Local\{9F605CB6-5322-4C8F-8319-CAD67463A354}
    2012-03-14 13:38:04 -------- d-----w- C:\Users\Christine\AppData\Local\{2328DF13-F1CC-454B-907D-35693934A3FB}
    2012-03-14 13:27:51 3145728 ----a-w- C:\windows\System32\win32k.sys
    2012-03-14 13:27:49 1544192 ----a-w- C:\windows\System32\DWrite.dll
    2012-03-14 13:27:49 1077248 ----a-w- C:\windows\SysWow64\DWrite.dll
    2012-03-14 13:27:30 826880 ----a-w- C:\windows\SysWow64\rdpcore.dll
    2012-03-14 13:27:30 1031680 ----a-w- C:\windows\System32\rdpcore.dll
    2012-03-14 13:27:29 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe
    2012-03-14 13:27:29 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys
    2012-03-14 13:27:29 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys
    2012-03-14 13:27:28 77312 ----a-w- C:\windows\System32\rdpwsx.dll
    2012-03-14 13:27:28 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll
    2012-03-13 11:47:06 -------- d-----w- C:\Users\Christine\AppData\Local\{3D2619D5-91F7-4860-B72B-66A7908F8353}
    2012-03-13 11:46:52 -------- d-----w- C:\Users\Christine\AppData\Local\{DC120C69-37BF-4E95-AF6C-04271482F82F}
    2012-03-12 13:59:42 -------- d-----w- C:\Users\Christine\AppData\Local\{338E3CDE-8F21-43D1-942E-7AA659A85C03}
    2012-03-12 13:59:28 -------- d-----w- C:\Users\Christine\AppData\Local\{119E93C3-F66F-4CEB-8362-6297009E3ACB}
    2012-03-11 11:26:57 -------- d-----w- C:\Users\Christine\AppData\Local\{2AB7BFB8-F59C-49F2-AE59-2B91CD358687}
    2012-03-11 11:26:44 -------- d-----w- C:\Users\Christine\AppData\Local\{4AD184FA-3FE6-46EF-9C3D-1B46F49A8E88}
    2012-03-10 13:58:34 -------- d-----w- C:\Users\Christine\AppData\Local\{F75971B2-C7E9-4590-9E28-79A3807FBAD4}
    2012-03-10 13:58:12 -------- d-----w- C:\Users\Christine\AppData\Local\{347B1417-A860-4692-AB26-F495CB95B3CC}
    2012-03-09 13:44:42 -------- d-----w- C:\Users\Christine\AppData\Local\{91C7B52A-3FB1-42D2-BFE1-75C742B7794D}
    2012-03-09 13:44:31 -------- d-----w- C:\Users\Christine\AppData\Local\{B26A35CA-A30B-468A-B788-4226B43B42EF}
    2012-03-08 13:39:43 -------- d-----w- C:\Users\Christine\AppData\Local\{AB9D40D7-89C1-4D29-87CA-F96E13F65379}
    2012-03-08 13:39:28 -------- d-----w- C:\Users\Christine\AppData\Local\{A601B262-0364-47A3-9561-1BFC1CBE8DD4}
    2012-03-07 16:22:52 -------- d-----w- C:\Users\Christine\AppData\Local\{663D35C7-97BB-40CA-BA70-BC173E8DA397}
    2012-03-07 16:22:30 -------- d-----w- C:\Users\Christine\AppData\Local\{599346E7-122E-4B09-93B4-C58AB29FF9CF}
    2012-03-06 20:34:18 -------- d-----w- C:\Program Files (x86)\Rockstar Games
    2012-03-06 12:20:04 -------- d-----w- C:\Users\Christine\AppData\Local\{BC8EE86B-AEDB-4753-9C73-D405805735AE}
    2012-03-06 12:19:50 -------- d-----w- C:\Users\Christine\AppData\Local\{58B6DFDE-4B95-4C08-903A-06DEA14E9EE4}
    2012-03-05 22:33:52 -------- d-----w- C:\Users\Christine\AppData\Local\{CC21EDF2-92C7-4998-AB21-C0BC6062FF42}
    2012-03-05 22:33:30 -------- d-----w- C:\Users\Christine\AppData\Local\{92B929D0-648A-425D-B735-70BE5F1EC25C}
    2012-03-05 09:51:30 -------- d-----w- C:\Users\Christine\AppData\Local\{FBE42EF4-7FC3-4BAF-869F-FBEC8A5A22AC}
    2012-03-05 09:51:16 -------- d-----w- C:\Users\Christine\AppData\Local\{FDB6B16D-42AA-4842-9E2E-850D354E4913}
    2012-03-04 14:19:36 -------- d-----w- C:\ProgramData\NokiaInstallerCache
    2012-03-04 10:38:37 -------- d-----w- C:\Users\Christine\AppData\Local\{8C88D54C-F801-4240-A9B8-50E5D3772C30}
    2012-03-04 10:38:25 -------- d-----w- C:\Users\Christine\AppData\Local\{5F27D670-0E30-43EB-9B9E-E9D41867941D}
    2012-03-03 11:42:40 -------- d-----w- C:\Users\Christine\AppData\Local\{78E9C6BD-605F-427C-ADF6-A51FC18DC63A}
    2012-03-03 11:42:17 -------- d-----w- C:\Users\Christine\AppData\Local\{B7B64E73-6423-473E-B5FA-44708BAE3CD7}
    2012-03-03 04:54:58 2301208 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
    2012-03-03 04:54:48 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
    2012-03-03 04:54:40 710992 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2012-03-02 11:48:27 -------- d-----w- C:\Users\Christine\AppData\Local\{9F8EED43-D3A1-4293-B157-92C532F79D02}
    2012-03-02 11:48:06 -------- d-----w- C:\Users\Christine\AppData\Local\{16781CBD-E52F-4EA5-8F42-207C12E8B143}
    2012-03-01 23:11:10 -------- d-----w- C:\Users\Christine\AppData\Local\{BF315AD0-63C1-46BC-A451-50924BDE21FA}
    2012-03-01 23:10:48 -------- d-----w- C:\Users\Christine\AppData\Local\{4DFE24A9-9951-4B08-9EB2-8F010955C3FA}
    2012-03-01 11:08:19 -------- d-----w- C:\Users\Christine\AppData\Local\{91A4C1CC-6F1E-408A-B778-C06932EC6C6A}
    2012-03-01 11:07:37 -------- d-----w- C:\Users\Christine\AppData\Local\{4C054B8E-CD39-4A54-BE2F-467538F02C53}
    2012-02-29 11:01:19 -------- d-----w- C:\Users\Christine\AppData\Local\{9B4554F5-8711-455D-8C39-F0B9A5D2A968}
    2012-02-29 11:01:03 -------- d-----w- C:\Users\Christine\AppData\Local\{F8F382CE-C896-4215-A646-37F4D3FC28E0}
    2012-02-29 00:03:11 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
    2012-02-29 00:03:11 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
    2012-02-29 00:03:11 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
    2012-02-29 00:03:11 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
    2012-02-29 00:03:11 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
    2012-02-29 00:03:11 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
    2012-02-29 00:03:11 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
    2012-02-28 12:20:19 -------- d-----w- C:\Users\Christine\AppData\Local\{A61B2CFD-413F-4405-B478-999A9F59F980}
    2012-02-28 12:20:08 -------- d-----w- C:\Users\Christine\AppData\Local\{4341C0C8-5B60-43FE-ABB9-40E8695818FB}
    2012-02-27 22:53:20 -------- d-----w- C:\Users\Christine\AppData\Local\Diagnostics
    2012-02-27 15:20:47 -------- d-----w- C:\Users\Christine\AppData\Local\{A8E01477-FA57-4500-BFF2-C4241F4851B7}
    2012-02-27 15:20:25 -------- d-----w- C:\Users\Christine\AppData\Local\{F1260A93-437E-4B57-BEBD-EA92EB993CEC}
    2012-02-26 15:05:11 -------- d-----w- C:\Users\Christine\AppData\Local\{DEBA0C9F-071E-4975-940E-DCF1FDBC79E6}
    2012-02-26 15:04:49 -------- d-----w- C:\Users\Christine\AppData\Local\{1F125638-D4EB-4307-A612-52BB2BC42AE4}
    2012-02-26 09:40:04 -------- d-----w- C:\Users\Christine\AppData\Local\{3133B9DF-6525-49BF-A7E8-BA9DAAC89A2C}
    2012-02-26 09:39:41 -------- d-----w- C:\Users\Christine\AppData\Local\{07F51936-07D8-4645-9DD4-DD60DF0B97BA}
    2012-02-25 17:14:10 -------- d-----w- C:\Users\Christine\AppData\Local\{BBF9EAC8-CD3D-4E59-9F40-065C5214E5A2}
    2012-02-25 17:14:00 -------- d-----w- C:\Users\Christine\AppData\Local\{73B40A7F-0A08-43FA-B125-3037A7ACA781}
    2012-02-24 20:01:56 -------- d-----w- C:\Users\Christine\AppData\Local\{9F7EF0A3-1AB0-40DF-8D48-7AEA9A50CC4A}
    2012-02-24 20:01:42 -------- d-----w- C:\Users\Christine\AppData\Local\{4E63E165-4DA2-4695-8DCA-BF7923E2983F}
    2012-02-23 15:32:17 -------- d-----w- C:\Users\Christine\AppData\Roaming\Malwarebytes
    2012-02-23 15:32:12 23152 ----a-w- C:\windows\System32\drivers\mbam.sys
    2012-02-23 15:32:12 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-02-23 15:32:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-02-23 10:48:42 -------- d-----w- C:\Users\Christine\AppData\Local\{DDCA99E2-53CF-4345-A854-2D1F5E85DA09}
    2012-02-23 10:48:29 -------- d-----w- C:\Users\Christine\AppData\Local\{BC21E6F2-87F4-42B2-BE93-F81D5BFFFBDA}
    2012-02-23 10:48:29 -------- d-----w- C:\Users\Christine\AppData\Local\{7343DDFD-9533-4579-8379-847EE8A0FF37}
    2012-02-22 10:28:22 -------- d-----w- C:\Users\Christine\AppData\Local\{2A732ADD-4942-45A0-BA6D-A19CC323E24A}
    2012-02-22 10:28:11 -------- d-----w- C:\Users\Christine\AppData\Local\{BF93D570-A24F-41CC-925A-DD54200B661A}
    2012-02-21 21:59:59 414368 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    .
    ==================== Find3M ====================
    .
    2012-02-23 09:18:36 279656 ------w- C:\windows\System32\MpSigStub.exe
    2012-01-04 10:44:20 509952 ----a-w- C:\windows\System32\ntshrui.dll
    2012-01-04 08:58:41 442880 ----a-w- C:\windows\SysWow64\ntshrui.dll
    2011-12-30 06:26:08 515584 ----a-w- C:\windows\System32\timedate.cpl
    2011-12-30 05:27:56 478720 ----a-w- C:\windows\SysWow64\timedate.cpl
    2011-12-28 03:59:24 498688 ----a-w- C:\windows\System32\drivers\afd.sys
    .
    ============= FINISH: 21:00:41.63 ===============

  6. #6
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    I don't see anything malicious there.

  7. #7
    Join Date
    Mar 2007
    Posts
    689

    sus.

    Can you tell me what all the foreign language stuff is in add remove program's
    and can i delete it.It's been there since i bought the notebook,never seen this before

  8. #8
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    What foreign stuff?

  9. #9
    Join Date
    Apr 2000
    Location
    Sheboygan, WI
    Posts
    53,392
    And where did you buy the computer?

  10. #10
    Join Date
    Mar 2007
    Posts
    689

    sus.

    Windows live mesh,active x then the rest is in foreign language,also noticed this in add remove program's and it's in some of the scan's i sent

  11. #11
    Join Date
    Mar 2007
    Posts
    689

    sus.

    PC World-Glasgow

  12. #12
    Join Date
    Mar 2007
    Posts
    689

    sus.

    Scotland

  13. #13
    Join Date
    Mar 2007
    Posts
    689

    sus.

    MS Windows 7 Home Premium 64-bit SP1, Intel Core i5-2450M,CPU @2.50GHz
    8.0gb RAM,Intel HD Graphic's-Samsung RF511.

  14. #14
    Join Date
    Apr 2000
    Location
    Sheboygan, WI
    Posts
    53,392
    Temel Parçalar seems to be Windows Live Essentials in Turkish

    Windows Live Mesh is listed in several languages
    http://en.wikipedia.org/wiki/Windows_Live_Mesh.

  15. #15
    Join Date
    Mar 2007
    Posts
    689

    sus.

    I dont use win live essential's in any language never mind turkish
    should i delete the foreign language ones and leave english one in case i need it some time
    there's lot's of them in various languages in uninstall program'sthank's

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •