Quantcast
Channel: Tech Support Guy
Viewing all articles
Browse latest Browse all 29110

Random audio files playing in the background. Virus?

May 30, 2013, 9:11 am
$
0
0
I have random audio files playing in the background when all programs are closed. I have found a couple trojans and removed them but cant make the audio files to stop playing. Here are my logs.

Hijackthis Log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:39:36 AM, on 5/30/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Chris Lummus\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.foxnews.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={B28CA58F-C328-11E2-9199-A4BADBFAE4E9}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, enhanced for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
O4 - HKLM\..\Run: [SPIRunE] Rundll32 SPIRunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun
O4 - HKUS\S-1-5-18\..\Run: [Deployment] rundll32.exe "C:\Users\Chris Lummus\AppData\Local\Google\Deployment\lwzuefc.dll",vc1OutVideoDoneW (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Deployment] rundll32.exe "C:\Users\Chris Lummus\AppData\Local\Google\Deployment\lwzuefc.dll",vc1OutVideoDoneW (User 'Default user')
O4 - Global Startup: Intuit Data Protect.lnk = C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
O4 - Global Startup: QuickBooks_Standard_21.lnk = C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {FFD85DC8-5261-4D11-B728-F7C59D911691} - http://www.iolo.com/purchase/WebReso...86547820000000
O18 - Protocol: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Kaspersky Security Scan Service (KSS) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: QBIDPService (QBVSS) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9979 bytes

DDS Log


DDS (Ver_2012-11-07.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16483 BrowserJavaVersion: 10.5.1
Run by Chris Lummus at 8:41:33 on 2013-05-30
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8183.5600 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\servicing\TrustedInstaller.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\SearchFilterHost.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\SERVIC~2\NETWOR~1\AppData\Local\Temp\mpam-478cef1b.exe
c:\65a34abd3791813dcbaf9235ae1c\mpsigstub.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.foxnews.com/
uWindow Title = Internet Explorer, enhanced for Bing and MSN
mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={B28CA58F-C328-11E2-9199-A4BADBFAE4E9}
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun: [SPIRunE] Rundll32 SPIRunE.dll,RunDLLEntry
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
dRun: [Deployment] rundll32.exe "C:\Users\Chris Lummus\AppData\Local\Google\Deployment\lwzuefc.dll",vc1OutVideoDoneW
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INTUIT~1.LNK - C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {FFD85DC8-5261-4D11-B728-F7C59D911691} - hxxp://www.iolo.com/purchase/WebResource.axd?d=PO7P-LiUBjyfGDiabIpF4fQExoDwbhOUWJ_W4YtJ_7kls_MShO2kWyWaeuTGxOJpZkbc1QaYKZxdi0XT Iz9vutu_lVOhiFAz6nG6Ai_mtip3Vay2jcxaHSE2ukEZ70YimPNPDQ2&t=63478654782000000 0
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{4D6EC5DC-4BCF-46EC-B5AD-1A4EDE72A478} : DHCPNameServer = 192.168.1.1 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - <orphaned>
x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2012-7-30 31432]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2013-4-12 1070080]
R2 KSS;Kaspersky Security Scan Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [2012-4-25 202296]
R2 PDFsFilter;PDFsFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2012-7-30 82160]
R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2012-3-9 1248256]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2012-7-12 216064]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-7-12 215040]
R3 t3;Sound Blaster X-Fi Xtreme Audio;C:\Windows\System32\drivers\t3.sys [2009-5-6 639512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-15 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-15 180736]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-14 1255736]
S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-7-12 202752]
S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-7-30 79360]
S4 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [?]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile=NOTEPAD.EXE "%1"
FileExt: .vbs: VBSFile=NOTEPAD.EXE "%1"
FileExt: .js: JSFile=NOTEPAD.EXE "%1"
FileExt: .jse: JSEFile=NOTEPAD.EXE "%1"
FileExt: .wsf: WSFFile=NOTEPAD.EXE "%1"
.
=============== Created Last 30 ================
.
2013-05-30 13:41:29 -------- d-----w- C:\65a34abd3791813dcbaf9235ae1c
2013-05-30 13:40:40 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{32E6F627-E5C0-4384-A167-424BFED176BC}\mpengine.dll
2013-05-28 21:22:39 -------- d-----w- C:\ProgramData\Kaspersky Lab
2013-05-28 21:22:39 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2013-05-28 15:25:45 9460464 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-05-24 13:36:09 -------- d--h--w- C:\Windows\msdownld.tmp
2013-05-23 21:26:24 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2013-05-23 21:26:17 -------- d-----w- C:\Program Files\Microsoft Security Client
2013-05-23 13:48:52 103832 ----a-w- C:\Users\Chris Lummus\GoToAssistDownloadHelper.exe
2013-05-22 21:55:12 -------- d-----w- C:\ProgramData\PC Optimizer Pro
2013-05-22 21:46:50 -------- d-----w- C:\ProgramData\HitmanPro
2013-05-22 21:44:11 -------- d-----w- C:\Program Files (x86)\SweetIM
2013-05-16 08:02:15 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-16 08:02:15 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-05-15 22:58:02 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-15 22:58:02 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-05-15 22:58:02 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-05-15 22:57:53 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-05-15 22:57:52 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-05-15 22:57:52 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-05-15 22:57:52 111448 ----a-w- C:\Windows\System32\consent.exe
2013-05-15 22:57:41 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-05-15 22:57:41 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-05-15 22:57:40 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-05-15 14:32:36 9456 ----a-w- C:\Windows\SysWow64\sabprocenum.sys
2013-05-13 14:16:06 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-05-13 14:15:51 -------- d-----w- C:\Program Files\iPod
2013-05-13 14:15:50 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-13 14:15:50 -------- d-----w- C:\Program Files\iTunes
2013-05-13 14:15:50 -------- d-----w- C:\Program Files (x86)\iTunes
2013-05-13 14:14:50 -------- d-----w- C:\Program Files\Bonjour
2013-05-13 14:14:50 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-05-08 14:24:04 -------- d-----r- C:\Users\Chris Lummus\AppData\Roaming\Brother
2013-04-30 16:12:47 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-04-30 16:12:47 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-04-30 16:12:46 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-04-30 16:12:46 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2013-04-30 16:12:46 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-04-30 16:12:46 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-04-30 16:12:46 1448448 ----a-w- C:\Windows\System32\lsasrv.dll
.
==================== Find3M ====================
.
2013-05-15 17:53:34 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 17:53:34 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-02 14:07:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-05 01:08:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-04-05 01:00:30 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-04-05 00:59:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-04-05 00:56:16 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-04-05 00:55:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-04-04 22:11:34 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-04-04 22:02:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-04-04 22:02:17 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-04-04 21:58:51 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-04-04 21:57:45 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-04-04 19:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
2013-03-18 04:59:04 57584 ----a-w- C:\Windows\System32\iolobtdfg.exe
2013-03-18 04:58:56 26184 ----a-w- C:\Windows\System32\smrgdf.exe
2013-03-18 04:43:58 2155688 ----a-w- C:\Windows\System32\Incinerator64.dll
2013-03-18 04:43:56 2097472 ----a-w- C:\Windows\SysWow64\Incinerator32.dll
.
============= FINISH: 8:42:20.05 ===============

Attatch.txt log

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-07.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 7/12/2012 12:29:49 PM
System Uptime: 5/30/2013 8:26:23 AM (0 hours ago)
.
Motherboard: DELL Inc. | | 0X501H
Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz | CPU 1 | 2668/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 585 GiB total, 344.946 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP86: 5/22/2013 8:08:03 PM - Scheduled Checkpoint
RP87: 5/23/2013 8:32:59 AM - Removed Internet Explorer Toolbar 4.8 by SweetPacks
RP88: 5/23/2013 8:36:04 AM - Removed SpyHunter
RP89: 5/23/2013 4:34:21 PM - Windows Update
RP90: 5/24/2013 8:34:17 AM - Windows Modules Installer
RP91: 5/24/2013 8:49:36 AM - Windows Modules Installer
RP92: 5/24/2013 8:59:16 AM - Windows Modules Installer
RP93: 5/27/2013 10:25:41 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Reader XI (11.0.03)
Adobe Shockwave Player 11.6
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI AVIVO64 Codecs
ATI Catalyst Install Manager
Bonjour
Brother HL-4040CDN
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Creative Audio Control Panel
Creative Software AutoUpdate
Creative Sound Blaster Properties x64 Edition
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DW 1525 Driver Installation
Google Earth
Google Update Helper
Host OpenAL
HP Officejet Pro 8500 A910 Basic Device Software
HP Officejet Pro 8500 A910 Help
HP Officejet Pro 8500 A910 Product Improvement Study
HP Update
I.R.I.S. OCR
iolo technologies' System Mechanic
iSEEK AnswerWorks English Runtime
iTunes
Java Auto Updater
Java(TM) 7 Update 5
JavaFX 2.1.1
JMicron JMB36X Driver
Kaspersky Security Scan
Malwarebytes Anti-Malware version 1.75.0.1300
Marketsplash Shortcuts
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
QuickBooks
QuickBooks Pro 2011
Quicken 2012
Realtek 8136 8168 8169 Ethernet Driver
Realtek USB 2.0 Card Reader
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Shared C Run-time for x64
SUPERAntiSpyware
swMSM
System Checkup 3.3
TFP for 2012
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Windows Live ID Sign-in Assistant
.
==== Event Viewer Messages From Past Week ========
.
5/30/2013 8:41:35 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Link...D-99752CCA7094 Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/30/2013 8:41:30 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\NETWORK SERVICE Error Code: 0x8007042c Error description: The dependency service or group failed to start.
5/30/2013 8:41:30 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/30/2013 8:41:29 AM, Error: Service Control Manager [7003] - The Microsoft Network Inspection System service depends the following service: BFE. This service might not be installed.
5/30/2013 8:41:29 AM, Error: Service Control Manager [7001] - The Microsoft Network Inspection service depends on the Microsoft Network Inspection System service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.
5/30/2013 8:41:05 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.151.1262.0).
5/30/2013 8:40:58 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.151.1262.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9506.0 Error code: 0x80070643 Error description: Fatal error during installation.
5/30/2013 8:40:54 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start.
5/30/2013 8:40:54 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/30/2013 8:27:13 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
5/30/2013 8:27:13 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
5/30/2013 8:27:11 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
5/30/2013 8:22:36 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
5/29/2013 8:22:50 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
5/29/2013 8:22:50 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
5/29/2013 8:22:48 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/29/2013 8:22:29 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache ElRawDisk MpFilter SASDIFSV SASKUTIL spldr Wanarpv6
5/29/2013 8:22:19 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
5/29/2013 10:53:33 AM, Error: Service Control Manager [7034] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 3 time(s).
5/29/2013 10:53:33 AM, Error: Service Control Manager [7034] - The User Profile Service service terminated unexpectedly. It has done this 3 time(s).
5/29/2013 10:53:33 AM, Error: Service Control Manager [7034] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 3 time(s).
5/29/2013 10:29:58 AM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
5/29/2013 10:29:58 AM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
5/29/2013 10:29:58 AM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/29/2013 10:23:57 AM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/29/2013 10:23:57 AM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/29/2013 10:23:57 AM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/29/2013 1:17:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
5/28/2013 3:15:26 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort2.
5/28/2013 10:26:05 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Link...D-99752CCA7094 Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/28/2013 10:26:03 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\NETWORK SERVICE Error Code: 0x8007042c Error description: The dependency service or group failed to start.
5/28/2013 10:26:03 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/28/2013 10:26:03 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.151.1089.0).
5/28/2013 10:25:57 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.151.1089.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9506.0 Error code: 0x80070643 Error description: Fatal error during installation.
5/28/2013 10:25:55 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start.
5/28/2013 10:25:55 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/27/2013 10:26:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Link...D-99752CCA7094 Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/27/2013 10:26:35 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\NETWORK SERVICE Error Code: 0x8007042c Error description: The dependency service or group failed to start.
5/27/2013 10:26:35 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/27/2013 10:26:35 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.151.1013.0).
5/27/2013 10:26:30 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.151.1013.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9506.0 Error code: 0x80070643 Error description: Fatal error during installation.
5/27/2013 10:26:26 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start.
5/27/2013 10:26:26 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/26/2013 10:26:03 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Link...D-99752CCA7094 Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/26/2013 10:26:01 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\NETWORK SERVICE Error Code: 0x8007042c Error description: The dependency service or group failed to start.
5/26/2013 10:26:01 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/26/2013 10:26:01 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.151.952.0).
5/26/2013 10:25:56 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.151.952.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9506.0 Error code: 0x80070643 Error description: Fatal error during installation.
5/26/2013 10:25:53 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start.
5/26/2013 10:25:53 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/26/2013 1:36:15 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Link...D-99752CCA7094 Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/26/2013 1:36:12 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\NETWORK SERVICE Error Code: 0x8007042c Error description: The dependency service or group failed to start.
5/26/2013 1:36:12 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/26/2013 1:36:12 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.151.940.0).
5/26/2013 1:36:07 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.151.940.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9506.0 Error code: 0x80070643 Error description: Fatal error during installation.
5/26/2013 1:36:04 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start.
5/26/2013 1:36:04 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/25/2013 10:26:30 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Link...D-99752CCA7094 Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/25/2013 10:26:28 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\NETWORK SERVICE Error Code: 0x8007042c Error description: The dependency service or group failed to start.
5/25/2013 10:26:28 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/25/2013 10:26:28 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.151.912.0).
5/25/2013 10:26:22 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.151.912.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9506.0 Error code: 0x80070643 Error description: Fatal error during installation.
5/25/2013 10:26:20 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start.
5/25/2013 10:26:20 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/23/2013 4:35:17 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Link...D-99752CCA7094 Signature Type: Network Inspection System Update Type: Full User: ChrisLummus-PC\Chris Lummus Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/23/2013 4:35:14 PM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: ChrisLummus-PC\Chris Lummus Error Code: 0x8007042c Error description: The dependency service or group failed to start.
5/23/2013 4:35:14 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: ChrisLummus-PC\Chris Lummus Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/23/2013 4:35:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.151.765.0).
5/23/2013 4:34:59 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.151.765.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9506.0 Error code: 0x80070643 Error description: Fatal error during installation.
5/23/2013 4:34:56 PM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start.
5/23/2013 4:34:56 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start.
5/23/2013 4:00:35 PM, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.
.
==== End Of File ===========================

Ark.txt log

GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-05-30 11:03:43
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 SAMSUNG_HD642JJ rev.1AA01117 596.17GB
Running: GMER.exe; Driver: C:\Users\CHRISL~1\AppData\Local\Temp\uglcyaoc.sys


---- User code sections - GMER 2.1 ----

.text C:\Windows\system32\svchost.exe[496] C:\Windows\system32\WININET.dll!HttpSendRequestW 000000007683d1e8 14 bytes {JMP QWORD [RIP+0x0]}
.text C:\Windows\system32\svchost.exe[496] C:\Windows\system32\WININET.dll!HttpSendRequestA 00000000768b9dd0 14 bytes {JMP QWORD [RIP+0x0]}
.text C:\Windows\system32\svchost.exe[496] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefefe7490 9 bytes {JMP QWORD [RIP+0x0]}
.text C:\Windows\system32\svchost.exe[496] C:\Windows\system32\ole32.dll!CoCreateInstance + 11 000007fefefe749b 3 bytes [00, 00, 00]
.text C:\Windows\system32\svchost.exe[496] C:\Windows\system32\ole32.dll!CoGetClassObject 000007fefeff2e18 14 bytes {JMP QWORD [RIP+0x0]}
.text C:\Windows\system32\svchost.exe[496] C:\Windows\system32\ws2_32.dll!GetAddrInfoW + 1 000007fefec423c1 13 bytes {JMP QWORD [RIP+0x0]}
.text C:\Windows\system32\svchost.exe[496] C:\Windows\system32\winmm.dll!waveOutOpen 000007fefa3938d0 14 bytes {JMP QWORD [RIP+0x0]}
.text C:\Windows\system32\svchost.exe[496] C:\Windows\system32\dsound.dll!DirectSoundCreate 0000000000e85a84 14 bytes {JMP QWORD [RIP+0x0]}
.text C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe[1844] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000074961465 2 bytes [96, 74]
.text C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe[1844] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000749614bb 2 bytes [96, 74]
.text ... * 2
.text C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE[948] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074961465 2 bytes [96, 74]
.text C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE[948] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000749614bb 2 bytes [96, 74]
.text ... * 2
.text C:\Windows\SysWOW64\rundll32.exe[2356] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 26 0000000070c313c6 2 bytes [C3, 70]
.text C:\Windows\SysWOW64\rundll32.exe[2356] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 74 0000000070c313f6 2 bytes [C3, 70]
.text C:\Windows\SysWOW64\rundll32.exe[2356] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 257 0000000070c314ad 2 bytes [C3, 70]
.text C:\Windows\SysWOW64\rundll32.exe[2356] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 303 0000000070c314db 2 bytes [C3, 70]
.text ... * 2
.text C:\Windows\SysWOW64\rundll32.exe[2356] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 79 0000000070c31577 2 bytes [C3, 70]
.text C:\Windows\SysWOW64\rundll32.exe[2356] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 175 0000000070c315d7 2 bytes [C3, 70]
.text C:\Windows\SysWOW64\rundll32.exe[2356] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 620 0000000070c31794 2 bytes [C3, 70]
.text C:\Windows\SysWOW64\rundll32.exe[2356] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 921 0000000070c318c1 2 bytes [C3, 70]
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4504] C:\Windows\syswow64\USER32.dll!EnableWindow 0000000075fa2da4 5 bytes JMP 0000000165be9ebc
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4504] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamW 0000000075fbcbf3 5 bytes JMP 0000000165d391b6
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4504] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075fbcfca 5 bytes JMP 0000000165b4189b
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4504] C:\Windows\syswow64\USER32.dll!DialogBoxParamA 0000000075fdcb0c 5 bytes JMP 0000000165d39151
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4504] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamA 0000000075fdce64 5 bytes JMP 0000000165d3921b
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4504] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectA 0000000075fefbd1 5 bytes JMP 0000000165d390d8
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4504] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectW 0000000075fefc9d 5 bytes JMP 0000000165d3905f
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4504] C:\Windows\syswow64\USER32.dll!MessageBoxExA 0000000075fefcd6 5 bytes JMP 0000000165d38ffb
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4504] C:\Windows\syswow64\USER32.dll!MessageBoxExW 0000000075fefcfa 5 bytes JMP 0000000165d38f97
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4504] C:\Windows\syswow64\OLEAUT32.dll!OleCreatePropertyFrameIndirect 0000000074df93ec 5 bytes JMP 0000000165d393d0
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4504] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074961465 2 bytes [96, 74]
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4504] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000749614bb 2 bytes [96, 74]
.text ... * 2
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4504] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll !PropertySheetW 000000007243388e 5 bytes JMP 0000000165d39280
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4504] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll !PropertySheet 00000000724d7922 5 bytes JMP 0000000165d39328
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4504] C:\Windows\syswow64\comdlg32.dll!PageSetupDlgW 0000000074ae2694 5 bytes JMP 0000000165d395c8
? C:\Windows\system32\mssprxy.dll [4504] entry point in ".rdata" section 0000000068b571e6
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_W 00000000771025fd 6 bytes JMP 0000000165c08054
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_A 0000000077112a63 6 bytes JMP 0000000165ba980d
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\kernel32.dll!CreateThread 00000000761d34b5 5 bytes JMP 0000000165ba75e3
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075f98a29 5 bytes JMP 0000000165c103df
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\USER32.dll!CreateWindowExA 0000000075f9d22e 5 bytes JMP 0000000165bb3643
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\USER32.dll!EnableWindow 0000000075fa2da4 5 bytes JMP 0000000165be9ebc
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\USER32.dll!CallNextHookEx 0000000075fa6285 5 bytes JMP 0000000165c07ff1
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000075fa7603 5 bytes JMP 0000000165be25b4
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamW 0000000075fbcbf3 5 bytes JMP 0000000165d391b6
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075fbcfca 5 bytes JMP 0000000165b4189b
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000075fbf52b 5 bytes JMP 0000000165c2ed14
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\USER32.dll!DialogBoxParamA 0000000075fdcb0c 5 bytes JMP 0000000165d39151
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamA 0000000075fdce64 5 bytes JMP 0000000165d3921b
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectA 0000000075fefbd1 5 bytes JMP 0000000165d390d8
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectW 0000000075fefc9d 5 bytes JMP 0000000165d3905f
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\USER32.dll!MessageBoxExA 0000000075fefcd6 5 bytes JMP 0000000165d38ffb
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\USER32.dll!MessageBoxExW 0000000075fefcfa 5 bytes JMP 0000000165d38f97
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\ole32.dll!OleLoadFromStream 00000000762d6143 5 bytes JMP 0000000165d39984
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString 0000000074d93e59 5 bytes JMP 0000000165d39a7c
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\OLEAUT32.dll!VariantClear 0000000074d93eae 5 bytes JMP 0000000165d39afa
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen 0000000074d94731 5 bytes JMP 0000000165d399ee
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType 0000000074d95dee 5 bytes JMP 0000000165d39a9a
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\OLEAUT32.dll!OleCreatePropertyFrameIndirect 0000000074df93ec 5 bytes JMP 0000000165d393d0
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074961465 2 bytes [96, 74]
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000749614bb 2 bytes [96, 74]
.text ... * 2
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll !PropertySheetW 000000007243388e 5 bytes JMP 0000000165d39280
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll !PropertySheet 00000000724d7922 5 bytes JMP 0000000165d39328
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4656] C:\Windows\syswow64\comdlg32.dll!PageSetupDlgW 0000000074ae2694 5 bytes JMP 0000000165d395c8
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_W 00000000771025fd 6 bytes JMP 0000000165c08054
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_A 0000000077112a63 6 bytes JMP 0000000165ba980d
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\kernel32.dll!CreateThread 00000000761d34b5 5 bytes JMP 0000000165ba75e3
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075f98a29 5 bytes JMP 0000000165c103df
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\USER32.dll!CreateWindowExA 0000000075f9d22e 5 bytes JMP 0000000165bb3643
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\USER32.dll!EnableWindow 0000000075fa2da4 5 bytes JMP 0000000165be9ebc
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\USER32.dll!CallNextHookEx 0000000075fa6285 5 bytes JMP 0000000165c07ff1
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000075fa7603 5 bytes JMP 0000000165be25b4
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamW 0000000075fbcbf3 5 bytes JMP 0000000165d391b6
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075fbcfca 5 bytes JMP 0000000165b4189b
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\USER32.dll!UnhookWindowsHookEx 0000000075fbf52b 5 bytes JMP 0000000165c2ed14
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\USER32.dll!DialogBoxParamA 0000000075fdcb0c 5 bytes JMP 0000000165d39151
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\USER32.dll!DialogBoxIndirectParamA 0000000075fdce64 5 bytes JMP 0000000165d3921b
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectA 0000000075fefbd1 5 bytes JMP 0000000165d390d8
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectW 0000000075fefc9d 5 bytes JMP 0000000165d3905f
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\USER32.dll!MessageBoxExA 0000000075fefcd6 5 bytes JMP 0000000165d38ffb
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\USER32.dll!MessageBoxExW 0000000075fefcfa 5 bytes JMP 0000000165d38f97
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\ole32.dll!OleLoadFromStream 00000000762d6143 5 bytes JMP 0000000165d39984
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString 0000000074d93e59 5 bytes JMP 0000000165d39a7c
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\OLEAUT32.dll!VariantClear 0000000074d93eae 5 bytes JMP 0000000165d39afa
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen 0000000074d94731 5 bytes JMP 0000000165d399ee
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType 0000000074d95dee 5 bytes JMP 0000000165d39a9a
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\OLEAUT32.dll!OleCreatePropertyFrameIndirect 0000000074df93ec 5 bytes JMP 0000000165d393d0
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074961465 2 bytes [96, 74]
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000749614bb 2 bytes [96, 74]
.text ... * 2
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll !PropertySheetW 000000007243388e 5 bytes JMP 0000000165d39280
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll !PropertySheet 00000000724d7922 5 bytes JMP 0000000165d39328
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[3596] C:\Windows\syswow64\comdlg32.dll!PageSetupDlgW 0000000074ae2694 5 bytes JMP 0000000165d395c8

---- Devices - GMER 2.1 ----

Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-2 fffffa800856f0a8

---- Trace I/O - GMER 2.1 ----

Trace ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa800856f0a8]<< fffffa800856f0a8
Trace 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007dd2790] fffffa8007dd2790
Trace 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa8007b71060] fffffa8007b71060
Trace \Driver\atapi[0xfffffa8007cd2a60] -> IRP_MJ_CREATE -> 0xfffffa800856f0a8 fffffa800856f0a8

---- Threads - GMER 2.1 ----

Thread [700:3648] 0000000067544f10
Thread [700:5500] 0000000077122e25
Thread [700:2308] 00000000730829e1
Thread [700:4028] 0000000077123e45
Thread [700:4108] 00000000730829e1
Thread [700:252] 00000000730829e1
Thread [700:5884] 00000000730829e1
Thread [700:2648] 00000000730829e1
Thread [700:5300] 0000000072b562ee

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\PDFsFilter\Parameters\{109388c4-cc55-11e1-a5df-806e6f6e6963}@NumExtendFileExtentsSaved 929932

---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 Windows 7 default MBR code found via API
Disk \Device\Harddisk0\DR0 unknown MBR code
Disk \Device\Harddisk0\DR0 sector 0: rootkit-like behavior

---- Files - GMER 2.1 ----

File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\4Q7LCHXJ\cb=gapi[4].js 57590 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\4Q7LCHXJ\vpaidacudeo[2].swf 210327 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\4Q7LCHXJ\oio[1].js 5040 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\4Q7LCHXJ\banner_renderer_detect[1].js 6466 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\4Q7LCHXJ\Icon_AdChoices[1].png 1337 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\4Q7LCHXJ\BertholdAkzidenzGroteskBold[1].swf 13502 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\log[1].gif 43 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\adhoc[2].xml 1748 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\receivethenpush[1].js 160 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\x[1].gif 43 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\cms-2c[1].htm 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\pd[3].htm 68 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\ros;dcopt=ist;pos=top;tile=1;gender=m;ag=a99;gen re=rock;tile=1;sz=300x250;ord=6326188764[1].htm 800 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\optn=64[1].js 6695 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\;page=passback_default;cat=;subcat=;tile=1;sz=72 8x90;ord=6853737051269969[1].js 1043 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\12340-ARNG-NPS-PS-DR02-160x600[1].swf 41217 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\B7319627[1].htm 6078 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\1865512013_swf_0[1].swf 78677 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\1865541707_img480_0[1].jpg 45513 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\Pix-1x1[1].gif 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\lmb_lre_VerticalAgeRngTapTentNapHatDanceCNHP15s4 5k_DD625Pres_0413_300x250[1].swf 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\sed[1].htm 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\like[3].htm 14453 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\3016[1].js 3718 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\63V2QCNW\3321[1].htm 233 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\c[3].gif 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\1635055048663078723@x15[1].htm 884 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\adhoc[3].xml 1727 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\admeld-match[1].js 300 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\SPug[1].htm 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\sync[1].gif 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\xrefid[1].gif 43 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\rocketfuel_sync[1].htm 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\ec0983aa-1dce-46df-97df-a0d7cde24d46[1].swf 40551 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\728x90[1].swf 89954 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\si[1].htm 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\log[5].gif 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\log[6].gif 43 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\;dcopt=ist;page=hollywire_atf;tile=1;sz=728x90;o rd=7082628710668887[1].js 404 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\adChoicesLogo16x16[1].png 548 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\vpaidacudeo[2].swf 210327 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\default[7].htm 2177 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\VastVpaidShim[2].swf 80139 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\ping[3].htm 589 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\log[1].gif 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\7C6HW94J\Scout[1].swf 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\StdBanner[1].js 33106 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\crossdomain[10].xml 317 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\crossdomain[1].xml 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\crossdomain[3].xml 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\crossdomain[5].xml 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\Matomy[1].htm 2692 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\adinfo[1].js 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\am_js[1].js 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\2365[1].png 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\brightroll[1].bid 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\yWcn99Bqcinnf7ILrHue[2].xml 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\Pix-1x1[2].gif 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\pubcode.min[1].js 6905 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\log[2].gif 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\log[3].gif 43 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\vpaid1adsdk[1].swf 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\blank[1].gif 49 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\blank[2].gif 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\1635055048643481972@x10[1].htm 870 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\1635055048644875015@Top1[1].htm 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\optoutx[1].js 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\opt_log[1].htm 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\106[1].gif 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\11684149558225033355[1].gif 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\11875145665@x23[1].htm 3492 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\1202554961@x23[1].htm 3484 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\12340-ARNG-NPS-PS-DR02-160x600[1].js 0 bytes
File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\9EVP7NEU\nyc-to-start-nissan-leaf-electric-pilot-program[1].htm 11029 bytes

---- EOF - GMER 2.1 ----
Search
Viewing all articles
Browse latest Browse all 29110

Trending Articles

Practice Sheet of Right form of verbs for HSC Students

September 22, 2019, 11:40 pm

Download: FK ft Shenky – Nakuyewa ”Prod by: Shenky”

February 16, 2017, 4:24 pm

How to win at Markstrat (Markstrat Tips and Tricks) – Vodites

January 5, 2014, 10:34 pm

Ominde Commission Report and Recommendations – Ominde Report of 1964

March 16, 2015, 5:14 am

Bureau of Internal Revenue: Regional Offices (Directory)

January 9, 2014, 11:06 pm

GO 53 on Enhancement of Ex-gratia upto 5 Lakhs Toddy Tappers in Telangana

March 26, 2017, 11:23 pm

Cakewalk CA-2A Leveling Amplifier v2.0.1.97 WiN, v2.0.1.96 OSX Incl Keygen

October 17, 2016, 7:20 am

Mp3 Download: Mdu - Kunjenjenjena

December 7, 2017, 8:16 am

How the kill the job , when DTP request running for long hours.

July 26, 2013, 2:41 am

Microsoft Intune から展開しているアプリのアップデートについて

October 17, 2016, 4:11 am

18-year-old girl was beaten for half an hour by two Northampton men in 'an...

September 1, 2017, 10:00 pm

Car crash in Dunton Bassett leaves driver in critical condition

October 7, 2014, 7:51 am

Macky 2, Two Others In Road Accident

March 29, 2015, 5:34 am

Application log 00000000000000089514: Could not convert queue DLVST90CLNT

May 14, 2015, 11:27 pm

Detroit mafia: D’Anna Brothers agree to plea deal

April 21, 2016, 6:56 am

Delivery block field greyed out using VA02

January 26, 2016, 2:52 pm

Muloraki Au

June 22, 2016, 1:44 am

【個人撮影】スマホのプライベート映像♪「中に出さないで///」カラオケ屋での生ハメ撮りが流出w【リベンジポルノ】@PornHub

October 12, 2017, 2:23 pm

BREAKING NEWS: Diamond Platnumz Is Reported Dead After Ghastly Car Accident

February 9, 2018, 4:56 am

FIAT 500 B0111 B0112

July 5, 2018, 10:31 am
Search