-
March 22nd, 2012, 04:24 PM
#1
[Inactive] Sus.
My new laptop came with Kaspersky 30 day free trial which included a banner ad blocker which i found speeded up my web surfing.Does anyone know if there are any free banner ad blocking prog's available or do they only come with certain internet security suites.
Also last couple of days i've been getting runtime error's on shutdown,is there anything i can do about this . This laptop is only a month old and weird
thing's are happening,on the last day of the Kaspersky trial a dodgy program
came up saying that i had a huge number of trojans,viruses etc, and to
download it to fix them.But i just pressed cancel a few times and restart
and it never came back,it kind of put me off Kaspersky so i'm now trying
ESET Trial but it doesn't have "banner ad blocker".
Should i start doing the intensive care scan's or am i just being paranoid.
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Database version: v2012.03.22.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Christine :: CHRISTINE-PC [administrator]
22/03/2012 20:21:40
mbam-log-2012-03-22 (20-21-40).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 207514
Time elapsed: 2 minute(s), 21 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
March 22nd, 2012, 04:47 PM
#2
Sus.
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-03-22 20:45:09
Windows 6.1.7601 Service Pack 1
Running: bnl65vt7.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\4cedde691bcc
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90a4dea5529a
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90a4dea5529a@6c9b027885e3 0x48 0x15 0x92 0xD7 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90a4dea5529a@307c308d569d 0xED 0x2A 0x6E 0x1B ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90a4dea5529a@34159e9be787 0x23 0x91 0x96 0x89 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90a4dea5529a@1474110c0886 0xA1 0x59 0x93 0x87 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\4cedde691bcc (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90a4dea5529a (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90a4dea5529a@6c9b027885e3 0x48 0x15 0x92 0xD7 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90a4dea5529a@307c308d569d 0xED 0x2A 0x6E 0x1B ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90a4dea5529a@34159e9be787 0x23 0x91 0x96 0x89 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90a4dea5529a@1474110c0886 0xA1 0x59 0x93 0x87 ...
---- EOF - GMER 1.0.15 ----
-
March 22nd, 2012, 04:56 PM
#3
Sus.
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-03-22 20:53:16
-----------------------------
20:53:16.309 OS Version: Windows x64 6.1.7601 Service Pack 1
20:53:16.309 Number of processors: 4 586 0x2A07
20:53:16.309 ComputerName: CHRISTINE-PC UserName: Christine
20:53:16.964 Initialize success
20:53:51.898 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:53:51.898 Disk 0 Vendor: SAMSUNG_ 2AR1 Size: 953869MB BusType: 3
20:53:51.914 Disk 0 MBR read successfully
20:53:51.914 Disk 0 MBR scan
20:53:51.930 Disk 0 unknown MBR code
20:53:51.930 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
20:53:51.945 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 514048 MB offset 206848
20:53:51.945 Disk 0 Partition - 00 0F Extended LBA 419098 MB offset 1052977152
20:53:51.976 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 20622 MB offset 1911289856
20:53:52.008 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 419097 MB offset 1052979200
20:53:52.039 Disk 0 scanning C:\windows\system32\drivers
20:53:58.139 Service scanning
20:54:14.347 Modules scanning
20:54:14.363 Disk 0 trace - called modules:
20:54:14.893 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
20:54:14.893 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80077ce060]
20:54:14.909 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007521050]
20:54:14.924 Scan finished successfully
20:54:59.977 Disk 0 MBR has been saved successfully to "C:\Users\Christine\Desktop\MBR.dat"
20:54:59.993 The log file has been saved successfully to "C:\Users\Christine\Desktop\aswMBR.txt"
-
March 22nd, 2012, 05:19 PM
#4
sus.
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 16/02/2012 16:51:31
System Uptime: 22/03/2012 20:02:14 (1 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | RF511/RF411/RF711
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz | CPU 1 | 2501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 502 GiB total, 428.848 GiB free.
D: is FIXED (NTFS) - 409 GiB total, 385.453 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: BTHENUM\{00005557-0000-1000-8000-0002EE000001}_VID&00010001_PID&00FD\8&15C4787D&0&6C9B027885E3_C00000000
Manufacturer:
Name:
PNP Device ID: BTHENUM\{00005557-0000-1000-8000-0002EE000001}_VID&00010001_PID&00FD\8&15C4787D&0&6C9B027885E3_C00000000
Service:
.
==== System Restore Points ===================
.
RP54: 05/03/2012 03:11:03 - Installed Microsoft Fix it 50123
RP55: 06/03/2012 12:06:40 - Windows Update
RP56: 06/03/2012 20:34:23 - Installed Grand Theft Auto Vice City
RP57: 09/03/2012 22:04:04 - Windows Update
RP58: 13/03/2012 11:44:46 - Windows Update
RP59: 14/03/2012 18:18:23 - Windows Update
RP60: 20/03/2012 13:14:17 - Windows Update
RP61: 21/03/2012 16:17:56 - Installed Adobe Reader X (10.1.0).
RP62: 21/03/2012 18:25:24 - Installed TotalMedia
.
==== Installed Programs ======================
.
?? ??? ?? Windows Live Mesh ActiveX ???
??? ActiveX ?? Windows Live Mesh ???? ??????? ???????
???? ??? Windows Live
???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ???????
???? Windows Live
????? Windows Live
?????? ??????? ?? Windows Live
??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ???????????
??????? Windows Live Mesh ActiveX ??(????)
??????? Windows Live Mesh ActiveX ???
???????? ?????????? Windows Live
????????? ActiveX ?? Windows Live Mesh ????????????????????????? (???)
?????????? Windows Live
??????????? ?? Windows Live
ActiveX-kontroll för fjärran****ningar för Windows Live Mesh
ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ??????
Adobe AIR
Adobe Reader X (10.1.2)
Agatha Christie - Death on the Nile
Apple Application Support
Apple Software Update
ArcSoft TotalMedia 3
„Windows Live Essentials“
„Windows Live Mail“
„Windows Live Mesh ActiveX“ nuotoliniu ryšiu valdiklis
„Windows Live Messenger“
„Windows Live“ fotogalerija
BatteryLifeExtender
Bejeweled 2 Deluxe
Bing Bar
Build-a-lot
ChargeableUSB
Chuzzle Deluxe
Contrôle ActiveX Windows Live Mesh pour connexions Ã* distance
Control ActiveX de Windows Live Mesh para conexiones remotas
Control ActiveX Windows Live Mesh pentru conexiuni la distan?a
Controle ActiveX do Windows Live Mesh para Conexões Remotas
Controlo ActiveX do Windows Live Mesh para Ligações Remotas
CyberLink Media Suite
CyberLink Media+ Player10
CyberLink MediaShow
CyberLink Power2Go
CyberLink PowerDirector
CyberLink YouCam
D3DX10
Diner Dash 2 Restaurant Rescue
Easy Content Share
Easy Display Manager
Easy Migration
Easy Network Manager
Easy SpeedUp Manager
EasyBatteryManager
EasyFileShare
Farm Frenzy
Fast Start
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych
Fotogalerija Windows Live
Galeria de Fotografias do Windows Live
Galeria fotografii uslugi Windows Live
Galerie de photos Windows Live
Galerie foto Windows Live
GalerÃ*a fotográfica de Windows Live
Grand Theft Auto Vice City
Insaniquarium Deluxe
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
John Deere Drive Green
Junk Mail filter update
Kontrola Windows Live Mesh ActiveX za daljinske veze
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
Malwarebytes Anti-Malware version 1.60.1.1000
Mesh Runtime
Microsoft Office 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Movie Color Enhancer
MSVCRT
MSVCRT_amd64
Multimedia POP
OvládacÃ* prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojenÃ*
OvládacÃ* prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
Peggle
Penguins!
PhoneShare
Plants vs. Zombies
Poczta uslugi Windows Live
Podstawowe programy Windows Live
Polar Golfer
Pošta Windows Live
QuickTime
Raccolta foto di Windows Live
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
S?????? f?t???af??? t?? Windows Live
Samsung AnyWeb Print
Samsung Printer Live Update
Samsung Recovery Solution 5
Samsung Support Center 1.0
Samsung Universal Print Driver
Samsung Universal Scan Driver
Samsung Update Plus
SamsungMovie
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
SISShortcut
Skypeâ„¢ 4.2
SpywareBlaster 4.6
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
User Guide
Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi
WildTangent Games
WildTangent ORB Game Console
Windows Live
Windows Live ??
Windows Live ?? ???
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotótár
Windows Live Foto-galerija
Windows Live fotoattelu galerija
Windows Live Fotogalerie
Windows Live Fotogalleri
Windows Live Fotogaléria
Windows Live Fotograf Galerisi
Windows Live Galeria de Fotos
Windows Live Galerija fotografija
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
Windows Live Mesh ActiveX-objekt til fjernforbindelser
Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz
Windows Live Mesh ActiveX control for remote connections
Windows Live Mesh ActiveX kontrola za daljinske veze
Windows Live Mesh ActiveX vadikla attalajiem savienojumiem
Windows Live Meshin etäyhteyksien ActiveX-komponentti
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Pošta
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Parçalar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennustyökalu
Windows Liven sähköposti
Windows Liven valokuvavalikoima
WordCaptureX Pro
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
22/03/2012 17:41:40, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
22/03/2012 03:26:31, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
22/03/2012 03:26:31, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
21/03/2012 10:45:39, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
21/03/2012 10:45:39, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
21/03/2012 10:45:39, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
20/03/2012 13:17:17, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.121.1871.0).
15/03/2012 19:13:09, Error: bowser [8003] - The master browser has received a server announcement from the computer TRACY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{6FCCD9FA-0DCF-4AE2-93FB-2541A7BEBD63}. The master browser is stopping or an election is being forced.
15/03/2012 18:46:02, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
15/03/2012 14:18:10, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
.
==== End Of File ===========================
-
March 22nd, 2012, 05:20 PM
#5
sus.
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Christine at 21:00:19 on 2012-03-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8104.6302 [GMT 0:00]
.
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\System32\alg.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\rundll32.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxtray.exe
C:\windows\system32\igfxpers.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\windows\system32\DllHost.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil11f_ActiveX.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uDefault_Page_URL = hxxp://samsung.msn.com
mStart Page = hxxp://samsung.msn.com
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Samsung BHO Class: {aa609d72-8482-4076-8991-8cdae5b93bcb} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - C:\Program Files (x86)\WOT\WOT.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - C:\Program Files (x86)\WOT\WOT.dll
mRunOnce: [UnKIS] wscript.exe //b C:\Users\CHRIST~1\AppData\Local\Temp\UnKIS.vbs
mRunOnce: [UnKAV] wscript.exe //b C:\Users\CHRIST~1\AppData\Local\Temp\UnKAV.vbs
mRunOnce: [UnPURE] wscript.exe //b C:\Users\CHRIST~1\AppData\Local\Temp\UnPURE.vbs
mRunOnce: [0002E7B0.kln] C:\Users\CHRIST~1\AppData\Local\Temp\\0002E7B0.vbs
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
TCP: DhcpNameServer = 192.168.2.1 194.168.4.100 194.168.8.100
TCP: Interfaces\{6FCCD9FA-0DCF-4AE2-93FB-2541A7BEBD63} : DhcpNameServer = 192.168.2.1 194.168.4.100 194.168.8.100
TCP: Interfaces\{6FCCD9FA-0DCF-4AE2-93FB-2541A7BEBD63}\35B4952414730353 : DhcpNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Samsung BHO Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
BHO-X64: Samsung BHO Helper - No File
BHO-X64: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
mRunOnce-x64: [UnKIS] wscript.exe //b C:\Users\CHRIST~1\AppData\Local\Temp\UnKIS.vbs
mRunOnce-x64: [UnKAV] wscript.exe //b C:\Users\CHRIST~1\AppData\Local\Temp\UnKAV.vbs
mRunOnce-x64: [UnPURE] wscript.exe //b C:\Users\CHRIST~1\AppData\Local\Temp\UnPURE.vbs
mRunOnce-x64: [0002E7B0.kln] C:\Users\CHRIST~1\AppData\Local\Temp\\0002E7B0.vbs
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
AppInit_DLLs-X64: C:\windows\SysWOW64\nvinit.dll
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;C:\windows\system32\DRIVERS\epfwwfp.sys --> C:\windows\system32\DRIVERS\epfwwfp.sys [?]
R0 nvpciflt;nvpciflt;C:\windows\system32\DRIVERS\nvpciflt.sys --> C:\windows\system32\DRIVERS\nvpciflt.sys [?]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\windows\system32\DRIVERS\EpfwLWF.sys --> C:\windows\system32\DRIVERS\EpfwLWF.sys [?]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;\??\C:\windows\system32\Drivers\SABI.sys --> C:\windows\system32\Drivers\SABI.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 eamonm;eamonm;C:\windows\system32\DRIVERS\eamonm.sys --> C:\windows\system32\DRIVERS\eamonm.sys [?]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-9-22 974944]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-9-7 2009704]
R2 TurboB;Turbo Boost UI Monitor driver;C:\windows\system32\DRIVERS\TurboB.sys --> C:\windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-9-7 2655768]
R3 BTWAMPFL;BTWAMPFL;C:\windows\system32\DRIVERS\btwampfl.sys --> C:\windows\system32\DRIVERS\btwampfl.sys [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\system32\DRIVERS\btwl2cap.sys --> C:\windows\system32\DRIVERS\btwl2cap.sys [?]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\system32\DRIVERS\clwvd.sys --> C:\windows\system32\DRIVERS\clwvd.sys [?]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\system32\DRIVERS\ETD.sys --> C:\windows\system32\DRIVERS\ETD.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface ;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\system32\DRIVERS\nusb3hub.sys --> C:\windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\system32\DRIVERS\nusb3xhc.sys --> C:\windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
S3 Samsung UPD Service;Samsung UPD Service;"C:\windows\System32\SUPDSvc.exe" --> C:\windows\System32\SUPDSvc.exe [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-8 150016]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
VBEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
VBSFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-03-22 16:02:42 118784 ----a-w- C:\windows\SysWow64\MSSTDFMT.DLL
2012-03-22 16:02:42 1071088 ----a-w- C:\windows\SysWow64\MSCOMCTL.OCX
2012-03-22 16:02:35 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
2012-03-22 13:30:09 -------- d-----w- C:\Users\Christine\AppData\Local\{C02FA772-DB6A-4C15-B684-93AA7765F740}
2012-03-22 13:29:56 -------- d-----w- C:\Users\Christine\AppData\Local\{80FDD766-FFD9-4ECA-AE71-C352EA37BB81}
2012-03-22 03:35:51 -------- d-----w- C:\windows\pss
2012-03-21 18:26:43 22784 ----a-w- C:\windows\SysWow64\drivers\afc.sys
2012-03-21 18:25:38 245408 ----a-w- C:\windows\SysWow64\unicows.dll
2012-03-21 18:24:35 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-03-21 18:24:35 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-03-21 18:24:35 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-03-21 18:24:35 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-03-21 18:23:33 362624 ----a-w- C:\windows\System32\drivers\AF15BDA.sys
2012-03-21 18:23:33 28672 ----a-w- C:\windows\System32\AF15BDAEX.dll
2012-03-21 18:23:33 126 ----a-w- C:\windows\System32\AF15IRTBL.bin
2012-03-21 15:41:46 -------- d-----w- C:\Users\Christine\AppData\Local\{8808E5BC-EBD6-4029-B588-D760579FB395}
2012-03-21 15:41:34 -------- d-----w- C:\Users\Christine\AppData\Local\{DC921195-C61D-4451-874D-731E38351FA1}
2012-03-20 13:20:06 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5867AF63-6246-454D-AC63-ED28920BBA5D}\mpengine.dll
2012-03-20 13:12:26 -------- d-----w- C:\Users\Christine\AppData\Local\{1DC3B888-7FDC-4C53-BE59-B25C29CEBFE9}
2012-03-20 13:12:12 -------- d-----w- C:\Users\Christine\AppData\Local\{DF60A4C2-7FD6-4198-A6D6-7730379D6811}
2012-03-19 11:14:31 -------- d-----w- C:\Users\Christine\AppData\Local\{80FC6C08-C7E6-4D64-AC41-F4C332272B46}
2012-03-19 11:14:20 -------- d-----w- C:\Users\Christine\AppData\Local\{BDFFBB58-D30C-4293-AA79-ACF467998EE0}
2012-03-18 14:54:23 -------- d-----w- C:\Program Files\CCleaner
2012-03-18 10:21:21 -------- d-----w- C:\Users\Christine\AppData\Local\{CD44E069-DB4A-4F56-9982-8E5CA4AB4E07}
2012-03-18 10:21:06 -------- d-----w- C:\Users\Christine\AppData\Local\{3B56772E-CD7D-4243-997F-E1C88FD72075}
2012-03-17 16:13:27 -------- d-----w- C:\Users\Christine\AppData\Local\{92CB0408-CDF7-4D27-BBD4-B7BA62F65BCB}
2012-03-17 16:13:13 -------- d-----w- C:\Users\Christine\AppData\Local\{7F7B1FAB-1CAF-4250-BD6E-C666463ADEFA}
2012-03-16 23:42:54 -------- d-----w- C:\Users\Christine\AppData\Local\{F55CDCB8-EF0F-45A5-B70C-AC67975360D6}
2012-03-16 23:42:33 -------- d-----w- C:\Users\Christine\AppData\Local\{2ADCAC63-398E-4C53-B248-5061FB39E3CA}
2012-03-16 11:39:15 -------- d-----w- C:\Users\Christine\AppData\Local\{15D0F1D6-1EAD-429F-87A6-27B44D38FC45}
2012-03-16 11:39:03 -------- d-----w- C:\Users\Christine\AppData\Local\{50A9F224-5A16-4DFD-ADD2-A0F551DB545D}
2012-03-15 19:01:47 -------- d-----w- C:\Users\Christine\AppData\Roaming\ESET
2012-03-15 19:01:47 -------- d-----w- C:\Users\Christine\AppData\Local\ESET
2012-03-15 19:00:58 -------- d-----w- C:\Program Files\ESET
2012-03-15 18:46:58 -------- d-----w- C:\Program Files\iTunes
2012-03-15 18:46:58 -------- d-----w- C:\Program Files\iPod
2012-03-15 18:46:58 -------- d-----w- C:\Program Files (x86)\iTunes
2012-03-15 08:17:38 -------- d-----w- C:\Users\Christine\AppData\Local\{5BA54D24-9DC9-44FF-AF3B-5D36B3081992}
2012-03-15 08:17:15 -------- d-----w- C:\Users\Christine\AppData\Local\{0C6450B8-06D7-42A4-879B-C8BD13D455A5}
2012-03-14 18:22:39 5559152 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-03-14 18:22:38 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 18:22:37 3913584 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-03-14 13:38:20 -------- d-----w- C:\Users\Christine\AppData\Local\{9F605CB6-5322-4C8F-8319-CAD67463A354}
2012-03-14 13:38:04 -------- d-----w- C:\Users\Christine\AppData\Local\{2328DF13-F1CC-454B-907D-35693934A3FB}
2012-03-14 13:27:51 3145728 ----a-w- C:\windows\System32\win32k.sys
2012-03-14 13:27:49 1544192 ----a-w- C:\windows\System32\DWrite.dll
2012-03-14 13:27:49 1077248 ----a-w- C:\windows\SysWow64\DWrite.dll
2012-03-14 13:27:30 826880 ----a-w- C:\windows\SysWow64\rdpcore.dll
2012-03-14 13:27:30 1031680 ----a-w- C:\windows\System32\rdpcore.dll
2012-03-14 13:27:29 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe
2012-03-14 13:27:29 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys
2012-03-14 13:27:29 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys
2012-03-14 13:27:28 77312 ----a-w- C:\windows\System32\rdpwsx.dll
2012-03-14 13:27:28 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll
2012-03-13 11:47:06 -------- d-----w- C:\Users\Christine\AppData\Local\{3D2619D5-91F7-4860-B72B-66A7908F8353}
2012-03-13 11:46:52 -------- d-----w- C:\Users\Christine\AppData\Local\{DC120C69-37BF-4E95-AF6C-04271482F82F}
2012-03-12 13:59:42 -------- d-----w- C:\Users\Christine\AppData\Local\{338E3CDE-8F21-43D1-942E-7AA659A85C03}
2012-03-12 13:59:28 -------- d-----w- C:\Users\Christine\AppData\Local\{119E93C3-F66F-4CEB-8362-6297009E3ACB}
2012-03-11 11:26:57 -------- d-----w- C:\Users\Christine\AppData\Local\{2AB7BFB8-F59C-49F2-AE59-2B91CD358687}
2012-03-11 11:26:44 -------- d-----w- C:\Users\Christine\AppData\Local\{4AD184FA-3FE6-46EF-9C3D-1B46F49A8E88}
2012-03-10 13:58:34 -------- d-----w- C:\Users\Christine\AppData\Local\{F75971B2-C7E9-4590-9E28-79A3807FBAD4}
2012-03-10 13:58:12 -------- d-----w- C:\Users\Christine\AppData\Local\{347B1417-A860-4692-AB26-F495CB95B3CC}
2012-03-09 13:44:42 -------- d-----w- C:\Users\Christine\AppData\Local\{91C7B52A-3FB1-42D2-BFE1-75C742B7794D}
2012-03-09 13:44:31 -------- d-----w- C:\Users\Christine\AppData\Local\{B26A35CA-A30B-468A-B788-4226B43B42EF}
2012-03-08 13:39:43 -------- d-----w- C:\Users\Christine\AppData\Local\{AB9D40D7-89C1-4D29-87CA-F96E13F65379}
2012-03-08 13:39:28 -------- d-----w- C:\Users\Christine\AppData\Local\{A601B262-0364-47A3-9561-1BFC1CBE8DD4}
2012-03-07 16:22:52 -------- d-----w- C:\Users\Christine\AppData\Local\{663D35C7-97BB-40CA-BA70-BC173E8DA397}
2012-03-07 16:22:30 -------- d-----w- C:\Users\Christine\AppData\Local\{599346E7-122E-4B09-93B4-C58AB29FF9CF}
2012-03-06 20:34:18 -------- d-----w- C:\Program Files (x86)\Rockstar Games
2012-03-06 12:20:04 -------- d-----w- C:\Users\Christine\AppData\Local\{BC8EE86B-AEDB-4753-9C73-D405805735AE}
2012-03-06 12:19:50 -------- d-----w- C:\Users\Christine\AppData\Local\{58B6DFDE-4B95-4C08-903A-06DEA14E9EE4}
2012-03-05 22:33:52 -------- d-----w- C:\Users\Christine\AppData\Local\{CC21EDF2-92C7-4998-AB21-C0BC6062FF42}
2012-03-05 22:33:30 -------- d-----w- C:\Users\Christine\AppData\Local\{92B929D0-648A-425D-B735-70BE5F1EC25C}
2012-03-05 09:51:30 -------- d-----w- C:\Users\Christine\AppData\Local\{FBE42EF4-7FC3-4BAF-869F-FBEC8A5A22AC}
2012-03-05 09:51:16 -------- d-----w- C:\Users\Christine\AppData\Local\{FDB6B16D-42AA-4842-9E2E-850D354E4913}
2012-03-04 14:19:36 -------- d-----w- C:\ProgramData\NokiaInstallerCache
2012-03-04 10:38:37 -------- d-----w- C:\Users\Christine\AppData\Local\{8C88D54C-F801-4240-A9B8-50E5D3772C30}
2012-03-04 10:38:25 -------- d-----w- C:\Users\Christine\AppData\Local\{5F27D670-0E30-43EB-9B9E-E9D41867941D}
2012-03-03 11:42:40 -------- d-----w- C:\Users\Christine\AppData\Local\{78E9C6BD-605F-427C-ADF6-A51FC18DC63A}
2012-03-03 11:42:17 -------- d-----w- C:\Users\Christine\AppData\Local\{B7B64E73-6423-473E-B5FA-44708BAE3CD7}
2012-03-03 04:54:58 2301208 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-03-03 04:54:48 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-03-03 04:54:40 710992 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-03-02 11:48:27 -------- d-----w- C:\Users\Christine\AppData\Local\{9F8EED43-D3A1-4293-B157-92C532F79D02}
2012-03-02 11:48:06 -------- d-----w- C:\Users\Christine\AppData\Local\{16781CBD-E52F-4EA5-8F42-207C12E8B143}
2012-03-01 23:11:10 -------- d-----w- C:\Users\Christine\AppData\Local\{BF315AD0-63C1-46BC-A451-50924BDE21FA}
2012-03-01 23:10:48 -------- d-----w- C:\Users\Christine\AppData\Local\{4DFE24A9-9951-4B08-9EB2-8F010955C3FA}
2012-03-01 11:08:19 -------- d-----w- C:\Users\Christine\AppData\Local\{91A4C1CC-6F1E-408A-B778-C06932EC6C6A}
2012-03-01 11:07:37 -------- d-----w- C:\Users\Christine\AppData\Local\{4C054B8E-CD39-4A54-BE2F-467538F02C53}
2012-02-29 11:01:19 -------- d-----w- C:\Users\Christine\AppData\Local\{9B4554F5-8711-455D-8C39-F0B9A5D2A968}
2012-02-29 11:01:03 -------- d-----w- C:\Users\Christine\AppData\Local\{F8F382CE-C896-4215-A646-37F4D3FC28E0}
2012-02-29 00:03:11 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-02-29 00:03:11 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-02-29 00:03:11 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-02-29 00:03:11 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-02-29 00:03:11 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-02-29 00:03:11 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-02-29 00:03:11 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-02-28 12:20:19 -------- d-----w- C:\Users\Christine\AppData\Local\{A61B2CFD-413F-4405-B478-999A9F59F980}
2012-02-28 12:20:08 -------- d-----w- C:\Users\Christine\AppData\Local\{4341C0C8-5B60-43FE-ABB9-40E8695818FB}
2012-02-27 22:53:20 -------- d-----w- C:\Users\Christine\AppData\Local\Diagnostics
2012-02-27 15:20:47 -------- d-----w- C:\Users\Christine\AppData\Local\{A8E01477-FA57-4500-BFF2-C4241F4851B7}
2012-02-27 15:20:25 -------- d-----w- C:\Users\Christine\AppData\Local\{F1260A93-437E-4B57-BEBD-EA92EB993CEC}
2012-02-26 15:05:11 -------- d-----w- C:\Users\Christine\AppData\Local\{DEBA0C9F-071E-4975-940E-DCF1FDBC79E6}
2012-02-26 15:04:49 -------- d-----w- C:\Users\Christine\AppData\Local\{1F125638-D4EB-4307-A612-52BB2BC42AE4}
2012-02-26 09:40:04 -------- d-----w- C:\Users\Christine\AppData\Local\{3133B9DF-6525-49BF-A7E8-BA9DAAC89A2C}
2012-02-26 09:39:41 -------- d-----w- C:\Users\Christine\AppData\Local\{07F51936-07D8-4645-9DD4-DD60DF0B97BA}
2012-02-25 17:14:10 -------- d-----w- C:\Users\Christine\AppData\Local\{BBF9EAC8-CD3D-4E59-9F40-065C5214E5A2}
2012-02-25 17:14:00 -------- d-----w- C:\Users\Christine\AppData\Local\{73B40A7F-0A08-43FA-B125-3037A7ACA781}
2012-02-24 20:01:56 -------- d-----w- C:\Users\Christine\AppData\Local\{9F7EF0A3-1AB0-40DF-8D48-7AEA9A50CC4A}
2012-02-24 20:01:42 -------- d-----w- C:\Users\Christine\AppData\Local\{4E63E165-4DA2-4695-8DCA-BF7923E2983F}
2012-02-23 15:32:17 -------- d-----w- C:\Users\Christine\AppData\Roaming\Malwarebytes
2012-02-23 15:32:12 23152 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-02-23 15:32:12 -------- d-----w- C:\ProgramData\Malwarebytes
2012-02-23 15:32:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-23 10:48:42 -------- d-----w- C:\Users\Christine\AppData\Local\{DDCA99E2-53CF-4345-A854-2D1F5E85DA09}
2012-02-23 10:48:29 -------- d-----w- C:\Users\Christine\AppData\Local\{BC21E6F2-87F4-42B2-BE93-F81D5BFFFBDA}
2012-02-23 10:48:29 -------- d-----w- C:\Users\Christine\AppData\Local\{7343DDFD-9533-4579-8379-847EE8A0FF37}
2012-02-22 10:28:22 -------- d-----w- C:\Users\Christine\AppData\Local\{2A732ADD-4942-45A0-BA6D-A19CC323E24A}
2012-02-22 10:28:11 -------- d-----w- C:\Users\Christine\AppData\Local\{BF93D570-A24F-41CC-925A-DD54200B661A}
2012-02-21 21:59:59 414368 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
==================== Find3M ====================
.
2012-02-23 09:18:36 279656 ------w- C:\windows\System32\MpSigStub.exe
2012-01-04 10:44:20 509952 ----a-w- C:\windows\System32\ntshrui.dll
2012-01-04 08:58:41 442880 ----a-w- C:\windows\SysWow64\ntshrui.dll
2011-12-30 06:26:08 515584 ----a-w- C:\windows\System32\timedate.cpl
2011-12-30 05:27:56 478720 ----a-w- C:\windows\SysWow64\timedate.cpl
2011-12-28 03:59:24 498688 ----a-w- C:\windows\System32\drivers\afd.sys
.
============= FINISH: 21:00:41.63 ===============
-
March 22nd, 2012, 08:41 PM
#6
I don't see anything malicious there.
-
March 22nd, 2012, 10:16 PM
#7
sus.
Can you tell me what all the foreign language stuff is in add remove program's
and can i delete it.It's been there since i bought the notebook,never seen this before
-
March 22nd, 2012, 10:21 PM
#8
-
March 22nd, 2012, 10:23 PM
#9
And where did you buy the computer?
-
March 22nd, 2012, 10:28 PM
#10
sus.
Windows live mesh,active x then the rest is in foreign language,also noticed this in add remove program's and it's in some of the scan's i sent
-
March 22nd, 2012, 10:34 PM
#11
sus.
PC World-Glasgow
-
March 22nd, 2012, 10:40 PM
#12
sus.
Scotland
-
March 22nd, 2012, 10:50 PM
#13
sus.
MS Windows 7 Home Premium 64-bit SP1, Intel Core i5-2450M,CPU @2.50GHz
8.0gb RAM,Intel HD Graphic's-Samsung RF511.
-
March 22nd, 2012, 11:12 PM
#14
Temel Parçalar seems to be Windows Live Essentials in Turkish
Windows Live Mesh is listed in several languages
http://en.wikipedia.org/wiki/Windows_Live_Mesh.
-
March 22nd, 2012, 11:25 PM
#15
sus.
I dont use win live essential's in any language never mind turkish
should i delete the foreign language ones and leave english one in case i need it some time
there's lot's of them in various languages in uninstall program'sthank's
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|