[SOLVED] [HELP] Win7 Premium(x64) lags and huge cpu usage sometimes

[malis2007]

My laptop lags and uses alot of CPU while not opening much apps(like opening firefox only), and takes long to log-in. Although i have intel core i7 1.73GHz and 6GB rams and much free space in drive (C)[more than 20GB free space], not to mention that my laptop is well-cooled as well :/ Thus, i think that there is something wrong.. maybe malware related problem? so i thought about running a scan by malwarebytes first.. and it's log was:

 Malwarebytes Anti-Malware www.malwarebytes.org  Scan Date: 30/06/2014 Scan Time: 08:22:56 PM Logfile: Malwarebytes.txt Administrator: Yes  Version: 2.00.2.1012 Malware Database: v2014.06.30.09 Rootkit Database: v2014.06.30.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled  OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: ali  Scan Type: Hyper Scan Result: Completed Objects Scanned: 348115 Time Elapsed: 7 min, 36 sec  Memory: Enabled Startup: Enabled Filesystem: Disabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled  Processes: 0 (No malicious items detected)  Modules: 0 (No malicious items detected)  Registry Keys: 0 (No malicious items detected)  Registry Values: 0 (No malicious items detected)  Registry Data: 0 (No malicious items detected)  Folders: 2 PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627, Quarantined, [1091d7a72556e25458dae6b157ab34cc],   Files: 38 PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\Autorun.inf, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\crx.tar, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\GameApps.ini, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\GameConsole.exe, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\GameEngine.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\GLOBALUNINSTALL.TNT, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\hmac.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\iehpr.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\iestage2.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\IEToolbar.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\IEToolbar64.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\INSTALL.TNT, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\log.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\MinecraftShims64.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\npTNT2.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\npTNT2Ghost.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\PARTNER.TNT, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\passport.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\passport64.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\pinnedSearch.htm, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\pinnedSearch_FindWide.htm, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\progress.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\regsvr.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\RemoteSkin.wms, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\sqlite.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\tnt2chrome.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\TNT2User.exe, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\TNT2UserPS.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\TNT2UserPS64.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\TntMagicDel.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\UnInjLib.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\UnInjLib64.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\UNINSTALL.TNT, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\UninstallDlg.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\untar.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\UPDATE.TNT, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\xpi.tar, Quarantined, [1091d7a72556e25458dae6b157ab34cc],  PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\zipunzip.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],   Physical Sectors: 0 (No malicious items detected)   (end)

But still after restarting, my pc still lags and huge amount of cpu is being used(wasted) in small stuff like opening or browsing through firefox, or just by using only the disk clean up tool! Not to mention the delay in the log-in process. Here is the DDS.txt log:

 DDS (Ver_2012-11-20.01) - NTFS_AMD64  Internet Explorer: 11.0.9600.17126  BrowserJavaVersion: 10.25.2 Run by ali at 1:23:17 on 2014-07-01 Microsoft Windows 7 Home Premium   6.1.7601.1.1256.20.1033.18.6069.2279 [GMT 2:00] . AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} FW: ESET Personal firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\FBAgent.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files (x86)\Internet Download Manager\IDMan.exe C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe C:\Windows\AsScrPro.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files\Intel\TurboBoost\TurboBoost.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\explorer.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\explorer.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll EB: Web Test Recorder 10.0: {3142C289-F319-47F5-A594-A827028714C9} -  EB: Web Test Recorder 10.0: {3142c289-f319-47f5-a594-a827028714c9} -  uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot uPolicies-Explorer: NoDriveAutoRun- = dword:0 uPolicies-Explorer: NoDriveTypeAutoRun- = dword:0 uPolicies-Explorer: NoDriveAutoRun = dword:67108863 uPolicies-Explorer: NoDriveTypeAutoRun = dword:253 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDriveTypeAutoRun = dword:253 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-Explorer: NoDriveAutoRun- = dword:0 mPolicies-Explorer: NoDriveTypeAutoRun- = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains.    If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1374545831534 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1374021286188 TCP: NameServer = 41.128.225.225 41.128.225.226 TCP: Interfaces\{1DF79A7C-6F29-4AAF-B4FD-772F63ACE586} : NameServer = 208.67.222.123,208.67.220.123,192.168.1.1 TCP: Interfaces\{1DF79A7C-6F29-4AAF-B4FD-772F63ACE586} : DHCPNameServer = 41.128.225.225 41.128.225.226 TCP: Interfaces\{1DF79A7C-6F29-4AAF-B4FD-772F63ACE586}\16C696 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{1DF79A7C-6F29-4AAF-B4FD-772F63ACE586}\C696E6B6 : DHCPNameServer = 41.128.225.225 41.128.225.226 TCP: Interfaces\{1DF79A7C-6F29-4AAF-B4FD-772F63ACE586}\D416C69637 : DHCPNameServer = 197.199.255.254 217.52.47.130 TCP: Interfaces\{8A68948D-B161-4ED7-8BBE-9F3776C9E0DF}\16C696 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{D13B58AE-512F-4510-A695-2D1472BC76B5}\16C696 : DHCPNameServer = 213.131.66.248 213.131.65.20 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll x64-BHO: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} -  x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice . INFO: x64-HKLM has more than 50 listed domains.    If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  x64-STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll Hosts: 127.0.0.1	ads.mcafee.com Hosts: 127.0.0.1	directads.mcafee.com Hosts: 127.0.0.1	analytics.microsoft.com Hosts: 127.0.0.1	metrics.bitdefender.com Hosts: 127.0.0.1	metrics.mcafee.com . Note: multiple HOSTS entries found. Please refer to Attach.txt . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\ali\AppData\Roaming\Mozilla\Firefox\Profiles\hl4pq7ka.default\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2013-9-17 62136] R0 fsbts;fsbts;C:\Windows\System32\drivers\fsbts.sys [2013-6-24 56016] R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2010-8-16 24680] R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2013-9-17 239320] R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2013-9-17 44120] R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2010-11-20 379520] R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-9-12 1337752] R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2013-8-6 172920] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-6-30 1809720] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-6-30 860472] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-6-21 413472] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-17 13832] R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-17 134928] R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-11-20 2314240] R3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2010-5-3 44032] R3 bcbtums;Bluetooth USB LD Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-8-9 170712] R3 btwampfl;btwampfl;C:\Windows\System32\drivers\btwampfl.sys [2013-8-9 166104] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-11-20 35104] R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-7-21 129024] R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\System32\drivers\FLxHCIc.sys [2012-11-8 249584] R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\System32\drivers\FLxHCIh.sys [2012-11-8 77040] R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-11-20 56344] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-6-30 25816] R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-6-30 122584] R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-6-30 63704] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2010-4-14 54824] S3 ERmvrDrv;ESET standalone malware removal tool kernel-mode driver;C:\Windows\System32\drivers\ERKRmvrDrv.sys [2013-8-12 44120] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-6-19 57840] S3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\Windows\System32\drivers\hitmanpro37.sys [2013-2-6 32152] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-30 111616] S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-24 19456] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832] S3 ST330;ST330;C:\Windows\System32\drivers\st330.sys [2011-3-22 47616] S3 STBUS;STBUS;C:\Windows\System32\drivers\stbus.sys [2011-3-22 24576] S3 STETH;SpeedTouch Ethernet Adapter NT Driver;C:\Windows\System32\drivers\steth.sys [2011-3-22 58880] S3 stppp;Speedtouch PPP Adapter Adapter;C:\Windows\System32\drivers\stppp.sys [2012-4-14 54272] S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-1-10 42184] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-6-30 56832] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 VBoxUSB;VirtualBox USB;C:\Windows\System32\drivers\VBoxUSB.sys [2012-4-3 117040] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-4 1255736] S4 BcmBtRSupport;Bluetooth Driver Management Service;C:\Windows\System32\BtwRSupportService.exe [2013-8-9 2252504] S4 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976] S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176] S4 RsFx0105;RsFx0105 Driver;C:\Windows\System32\drivers\RsFx0105.sys [2011-9-22 311144] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464] S4 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-7-25 126976] . =============== File Associations =============== . ShellExec: FRONTPG.EXE: edit=C:\PROGRA~2\Office10\FRONTPG.EXE . =============== Created Last 30 ================ . 2019-10-09 08:40:57	--------	d-----w-	C:\Users\ali\AppData\Roaming\Crypto Obfuscator For .Net v2012 R2 2014-06-30 22:45:59	1402880	-c--a-w-	C:\Utilman.exe 2014-06-30 21:40:39	76232	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{09AA9FF6-694E-49AA-99B6-2A60AB1D7605}\offreg.dll 2014-06-30 18:41:18	810200	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe 2014-06-30 18:19:25	122584	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-06-30 18:17:42	91352	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys 2014-06-30 18:17:42	63704	----a-w-	C:\Windows\System32\drivers\mwac.sys 2014-06-30 18:17:42	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys 2014-06-30 18:17:42	--------	d-----w-	C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-06-30 17:47:53	--------	d-s---w-	C:\Windows\System32\CompatTel 2014-06-30 17:37:41	167424	----a-w-	C:\Program Files\Windows Media Player\wmplayer.exe 2014-06-30 17:37:41	164864	----a-w-	C:\Program Files (x86)\Windows Media Player\wmplayer.exe 2014-06-30 17:37:40	12625920	----a-w-	C:\Windows\System32\wmploc.DLL 2014-06-30 17:37:39	12625408	----a-w-	C:\Windows\SysWow64\wmploc.DLL 2014-06-30 15:47:21	--------	d-----w-	C:\Windows\Migration 2014-06-30 15:23:51	327168	----a-w-	C:\Windows\System32\mswsock.dll 2014-06-30 15:23:51	231424	----a-w-	C:\Windows\SysWow64\mswsock.dll 2014-06-30 14:47:49	--------	d-----w-	C:\Users\ali\AppData\Local\Temporary Projects 2014-06-30 13:57:00	3178496	----a-w-	C:\Windows\System32\rdpcorets.dll 2014-06-30 13:57:00	16384	----a-w-	C:\Windows\System32\RdpGroupPolicyExtension.dll 2014-06-30 13:53:39	506368	----a-w-	C:\Windows\System32\aepdu.dll 2014-06-30 13:53:39	424448	----a-w-	C:\Windows\System32\aeinv.dll 2014-06-30 13:51:29	1474048	----a-w-	C:\Windows\System32\crypt32.dll 2014-06-30 13:50:48	202752	----a-w-	C:\Windows\System32\scrrun.dll 2014-06-30 13:50:48	156160	----a-w-	C:\Windows\System32\cscript.exe 2014-06-30 13:50:48	150016	----a-w-	C:\Windows\System32\wshom.ocx 2014-06-30 13:50:48	121856	----a-w-	C:\Windows\SysWow64\wshom.ocx 2014-06-30 13:50:47	168960	----a-w-	C:\Windows\System32\wscript.exe 2014-06-30 13:50:47	163840	----a-w-	C:\Windows\SysWow64\scrrun.dll 2014-06-30 13:50:47	141824	----a-w-	C:\Windows\SysWow64\wscript.exe 2014-06-30 13:50:47	126976	----a-w-	C:\Windows\SysWow64\cscript.exe 2014-06-30 13:48:28	2048	----a-w-	C:\Windows\SysWow64\tzres.dll 2014-06-30 13:48:28	2048	----a-w-	C:\Windows\System32\tzres.dll 2014-06-30 13:47:05	1030144	----a-w-	C:\Windows\System32\TSWorkspace.dll 2014-06-30 13:47:04	792576	----a-w-	C:\Windows\SysWow64\TSWorkspace.dll 2014-06-30 13:45:59	230400	----a-w-	C:\Windows\System32\drivers\portcls.sys 2014-06-30 13:45:59	116736	----a-w-	C:\Windows\System32\drivers\drmk.sys 2014-06-30 13:45:54	76800	----a-w-	C:\Windows\System32\drivers\hidclass.sys 2014-06-30 13:45:54	32896	----a-w-	C:\Windows\System32\drivers\hidparse.sys 2014-06-30 13:42:28	624128	----a-w-	C:\Windows\System32\qedit.dll 2014-06-30 13:42:27	509440	----a-w-	C:\Windows\SysWow64\qedit.dll 2014-06-30 13:42:27	465920	----a-w-	C:\Windows\System32\WMPhoto.dll 2014-06-30 13:42:27	417792	----a-w-	C:\Windows\SysWow64\WMPhoto.dll 2014-06-30 13:42:26	633856	----a-w-	C:\Windows\System32\comctl32.dll 2014-06-30 13:42:26	497152	----a-w-	C:\Windows\System32\drivers\afd.sys 2014-06-30 13:42:25	530432	----a-w-	C:\Windows\SysWow64\comctl32.dll 2014-06-30 13:42:24	335360	----a-w-	C:\Windows\System32\msieftp.dll 2014-06-30 13:42:24	301568	----a-w-	C:\Windows\SysWow64\msieftp.dll . ==================== Find3M  ==================== . 2014-05-30 10:02:37	2724864	----a-w-	C:\Windows\System32\mshtml.tlb 2014-05-30 10:02:09	4096	----a-w-	C:\Windows\System32\ieetwcollectorres.dll 2014-05-30 09:39:43	548352	----a-w-	C:\Windows\System32\vbscript.dll 2014-05-30 09:39:23	66048	----a-w-	C:\Windows\System32\iesetup.dll 2014-05-30 09:38:29	48640	----a-w-	C:\Windows\System32\ieetwproxystub.dll 2014-05-30 09:21:23	139264	----a-w-	C:\Windows\System32\ieUnatt.exe 2014-05-30 09:21:05	111616	----a-w-	C:\Windows\System32\ieetwcollector.exe 2014-05-30 09:20:36	752640	----a-w-	C:\Windows\System32\jscript9diag.dll 2014-05-30 09:11:24	940032	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe 2014-05-30 09:08:22	5782528	----a-w-	C:\Windows\System32\jscript9.dll 2014-05-30 09:02:39	2724864	----a-w-	C:\Windows\SysWow64\mshtml.tlb 2014-05-30 08:55:36	38400	----a-w-	C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-05-30 08:44:28	455168	----a-w-	C:\Windows\SysWow64\vbscript.dll 2014-05-30 08:43:06	61952	----a-w-	C:\Windows\SysWow64\iesetup.dll 2014-05-30 08:42:16	51200	----a-w-	C:\Windows\SysWow64\ieetwproxystub.dll 2014-05-30 08:28:33	112128	----a-w-	C:\Windows\SysWow64\ieUnatt.exe 2014-05-30 08:27:56	592896	----a-w-	C:\Windows\SysWow64\jscript9diag.dll 2014-05-30 08:24:19	1249280	----a-w-	C:\Windows\System32\mshtmlmedia.dll 2014-05-30 08:23:22	2040832	----a-w-	C:\Windows\System32\inetcpl.cpl 2014-05-30 08:10:46	32256	----a-w-	C:\Windows\SysWow64\JavaScriptCollectionAgent.dll 2014-05-30 07:56:56	2266112	----a-w-	C:\Windows\System32\wininet.dll 2014-05-30 07:56:50	4244992	----a-w-	C:\Windows\SysWow64\jscript9.dll 2014-05-30 07:50:09	1068032	----a-w-	C:\Windows\SysWow64\mshtmlmedia.dll 2014-05-30 07:49:38	1964544	----a-w-	C:\Windows\SysWow64\inetcpl.cpl 2014-05-30 07:21:10	1790976	----a-w-	C:\Windows\SysWow64\wininet.dll 2014-04-25 02:34:59	801280	----a-w-	C:\Windows\System32\usp10.dll 2014-04-25 02:06:17	626688	----a-w-	C:\Windows\SysWow64\usp10.dll 2014-04-12 02:22:05	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys 2014-04-12 02:22:05	155072	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys 2014-04-12 02:19:38	29184	----a-w-	C:\Windows\System32\sspisrv.dll 2014-04-12 02:19:38	136192	----a-w-	C:\Windows\System32\sspicli.dll 2014-04-12 02:19:37	28160	----a-w-	C:\Windows\System32\secur32.dll 2014-04-12 02:19:32	1460736	----a-w-	C:\Windows\System32\lsasrv.dll 2014-04-12 02:19:05	31232	----a-w-	C:\Windows\System32\lsass.exe 2014-04-12 02:12:06	22016	----a-w-	C:\Windows\SysWow64\secur32.dll 2014-04-12 02:10:56	96768	----a-w-	C:\Windows\SysWow64\sspicli.dll 2014-04-05 02:47:20	1903552	----a-w-	C:\Windows\System32\drivers\tcpip.sys 2014-04-05 02:47:09	288192	----a-w-	C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-08-15 09:20:36	2174976	----a-w-	C:\Program Files (x86)\Common Files\atimpenc.dll . ============= FINISH:  1:24:18.21 ===============

 

[malis2007]

And the Attach.txt log:

 . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium  Boot Device: \Device\HarddiskVolume2 Install Date: 15/01/2011 02:30:05 AM System Uptime: 30/06/2014 09:56:44 PM (4 hours ago) . Motherboard: ASUSTeK Computer Inc.         |  | N53Jq Processor: Intel(R) Core(TM) i7 CPU       Q 740  @ 1.73GHz | Socket 989 | 1734/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 149 GiB total, 52.537 GiB free. D: is FIXED (NTFS) - 426 GiB total, 34.399 GiB free. E: is CDROM () G: is Removable . ==== Disabled Device Manager Items ============= . Class GUID:  Description: Bluetooth Peripheral Device Device ID: BTHENUM\{00005557-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A9\8&15AC57A2&0&0025D0B055ED_C00000003 Manufacturer:  Name: Bluetooth Peripheral Device PNP Device ID: BTHENUM\{00005557-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A9\8&15AC57A2&0&0025D0B055ED_C00000003 Service:  . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Bluetooth Device (Personal Area Network) Device ID: BTH\MS_BTHPAN\7&2F9FD3E4&0&2 Manufacturer: Microsoft Name: Bluetooth Device (Personal Area Network) PNP Device ID: BTH\MS_BTHPAN\7&2F9FD3E4&0&2 Service: BthPan . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Bluetooth Device (RFCOMM Protocol TDI) Device ID: BTH\MS_RFCOMM\7&2F9FD3E4&0&0 Manufacturer: Microsoft Name: Bluetooth Device (RFCOMM Protocol TDI) PNP Device ID: BTH\MS_RFCOMM\7&2F9FD3E4&0&0 Service: RFCOMM . Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318} Description: Bluetooth Hands-free Audio Device ID: BTHENUM\{24DF01A9-3E4F-4C9F-9F66-5AA8AB14F8F4}_LOCALMFG&0000\8&15AC57A2&0&000000000000_00000000 Manufacturer: Broadcom Name: Bluetooth Hands-free Audio PNP Device ID: BTHENUM\{24DF01A9-3E4F-4C9F-9F66-5AA8AB14F8F4}_LOCALMFG&0000\8&15AC57A2&0&000000000000_00000000 Service: btwaudio . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Device ID: PCI\VEN_1969&DEV_1063&SUBSYS_18201043&REV_C0\FF1CF4B9BCAEC5FF00 Manufacturer: Atheros Name: Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) PNP Device ID: PCI\VEN_1969&DEV_1063&SUBSYS_18201043&REV_C0\FF1CF4B9BCAEC5FF00 Service: L1C . Class GUID:  Description: Bluetooth Peripheral Device Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A9\8&15AC57A2&0&0025D0B055ED_C00000003 Manufacturer:  Name: Bluetooth Peripheral Device PNP Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A9\8&15AC57A2&0&0025D0B055ED_C00000003 Service:  . Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Description: USB2.0 UVC 2M WebCam Device ID: USB\VID_13D3&PID_5122&MI_00\7&458BFA4&0&0000 Manufacturer: Azureware Name: USB2.0 UVC 2M WebCam PNP Device ID: USB\VID_13D3&PID_5122&MI_00\7&458BFA4&0&0000 Service: SNP2UVC . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft Virtual WiFi Miniport Adapter Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&4240F00&0&01 Manufacturer: Microsoft Name: Microsoft Virtual WiFi Miniport Adapter PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&4240F00&0&01 Service: vwifimp . Class GUID:  Description:  Device ID: ROOT\WPD\0000 Manufacturer:  Name:  PNP Device ID: ROOT\WPD\0000 Service:  . Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Description: Bluetooth Remote Control Device ID: BTHENUM\{84A1E9B8-12BA-4A9C-8AB0-A43784E0D149}_LOCALMFG&0000\8&15AC57A2&0&000000000000_00000000 Manufacturer: Broadcom Name: Bluetooth Remote Control PNP Device ID: BTHENUM\{84A1E9B8-12BA-4A9C-8AB0-A43784E0D149}_LOCALMFG&0000\8&15AC57A2&0&000000000000_00000000 Service: btwrchid . Class GUID:  Description: Bluetooth Peripheral Device Device ID: BTHENUM\{00005601-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A9\8&15AC57A2&0&0025D0B055ED_C00000003 Manufacturer:  Name: Bluetooth Peripheral Device PNP Device ID: BTHENUM\{00005601-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A9\8&15AC57A2&0&0025D0B055ED_C00000003 Service:  . ==== System Restore Points =================== . RP754: 30/06/2014 07:31:33 PM - Windows Update RP755: 30/06/2014 09:03:29 PM - Installed Windows ARP Spoofer RP756: 30/06/2014 09:36:37 PM - Removed Windows ARP Spoofer RP757: 30/06/2014 09:48:11 PM - Windows Update RP758: 30/06/2014 10:02:55 PM - Installed SwitchSniffer RP759: 30/06/2014 10:09:48 PM - Installed SwitchSniffer RP760: 30/06/2014 10:11:52 PM - Removed SwitchSniffer RP761: 01/07/2014 01:17:51 AM - Windows Update . ==== Hosts File Hijack ====================== . Hosts: 127.0.0.1	ads.mcafee.com Hosts: 127.0.0.1	directads.mcafee.com Hosts: 127.0.0.1	analytics.microsoft.com Hosts: 127.0.0.1	metrics.bitdefender.com Hosts: 127.0.0.1	metrics.mcafee.com Hosts: 127.0.0.1	om.symantec.com Hosts: 127.0.0.1	ox-d.majorgeeks.com Hosts: 127.0.0.1	ads.bleepingcomputer.com Hosts: 127.0.0.1	sdc.mcafee.com Hosts: 127.0.0.1	wdcs.trendmicro.com Hosts: 127.0.0.1	www.spywareinfo.com . ==== Installed Programs ====================== .  Tools for .Net 3.5 بريد Windows Live تحديث لـ Microsoft Office Excel 2007 Help (KB963678) تحديث لـ Microsoft Office Powerpoint 2007 Help (KB963669) تحديث لـ Microsoft Office Word 2007 Help (KB963665) دعم تطبيق Apple 7-Zip 9.22 (x64 edition) Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop CS Adobe Photoshop CS5.1 12.1 Adobe Reader XI (11.0.03) Adobe Shockwave Player 12.0 Alcor Micro USB Card Reader Apple Mobile Device Support Apple Software Update ASUS AI Recovery ASUS AP Bank ASUS Data Security Manager ASUS FancyStart ASUS LifeFrame3 ASUS Live Update ASUS MultiFrame ASUS Power4Gear Hybrid ASUS SmartLogon ASUS Splendid Video Enhancement Technology ASUS Video Magic ASUS Virtual Camera ASUS_N3_Series ATK Package Auslogics Duplicate File Finder Blend for Visual Studio 2012 Blend for Visual Studio 2012 ENU resources Blend for Visual Studio Add-in for Adobe FXG Import Blend for Visual Studio SDK for .NET 4.5 Blend for Visual Studio SDK for Silverlight 5 Boingo Wi-Fi Bonjour Canon iP2700 series Printer Driver ControlDeck Cooking Dash CyberLink LabelPrint CyberLink MediaShow Espresso CyberLink PhotoNow CyberLink Power2Go CyberLink PowerDirector CyberLink PowerDVD 9 D3DX10 Dotfuscator and Analytics Community Edition Dropbox Entity Framework Designer for Visual Studio 2012 - enu ESET Smart Security ETDWare PS/2-x64 7.0.5.13_WHQL Explorer Suite III ExpressGate Cloud Fast Boot FileZilla Client 3.7.3 Fresco Logic USB3.0 Host Controller Game Park Console Google Chrome Google Earth Google Update Helper Governor of Poker Hotel Dash Suite Success Hotfix for Microsoft Visual Basic 2010 Express - ENU (KB2635973) iCloud Image Resizer for Windows Image Resizer for Windows (64 bit) Imgur Uploader Inno Setup version 5.5.1 Intel(R) Management Engine Components Intel(R) Turbo Boost Technology Monitor Internet Download Manager IrfanView (remove only) iTunes Java 7 Update 25 Java Auto Updater JavaScript Tooling Junk Mail filter update LocalESPC LocalESPCui for en-us Luxor 3 Mahjongg dimensions Malwarebytes Anti-Malware version 2.0.2.1012 MediaFire Express MGC Chat App (BETA) version 1.0 Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft .NET Framework 4.5 Multi-Targeting Pack Microsoft .NET Framework 4.5 SDK Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft ASP.NET MVC 3 Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - ENU Microsoft ASP.NET MVC 4 Runtime Microsoft ASP.NET Web Pages Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - ENU Microsoft ASP.NET Web Pages 2 Runtime Microsoft Expression Blend SDK for .NET 4 Microsoft Expression Blend SDK for Silverlight 4 Microsoft Help Viewer 1.1 Microsoft Help Viewer 2.0 Microsoft LightSwitch for Visual Studio 2012 Core Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU Microsoft LightSwitch for Visual Studio 2012 v3.0 Core Microsoft LightSwitch for Visual Studio 2012 v3.0 CoreRes - ENU Microsoft NuGet - Visual Studio 2012 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Arabic) 2007 Microsoft Office Excel MUI (Arabic) 2007 Microsoft Office File Validation Add-In Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Arabic) 2007 Microsoft Office PowerPoint MUI (Arabic) 2007 Microsoft Office Professional 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proofing (Arabic) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Arabic) 2007 Microsoft Office Shared 64-bit MUI (Arabic) 2007 Microsoft Office Shared MUI (Arabic) 2007 Microsoft Office Word MUI (Arabic) 2007 Microsoft Portable Library Multi-Targeting Pack Microsoft Portable Library Multi-Targeting Pack Language Pack - enu Microsoft Report Viewer Add-On for Visual Studio 2012 Microsoft Silverlight Microsoft Silverlight 4 SDK Microsoft Silverlight 5 SDK Microsoft SkyDrive Microsoft SQL Server 2008 (64-bit) Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 RsFx Driver Microsoft Visual Basic 2010 Express - ENU Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 Microsoft Visual C++ 2012 32bit Compilers - ENU Resources Microsoft Visual C++ 2012 Compilers Microsoft Visual C++ 2012 Compilers - ENU Resources Microsoft Visual C++ 2012 Core Libraries Microsoft Visual C++ 2012 Extended Libraries Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86-x64 Compilers Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU Microsoft Visual Studio 2010 Office Developer Tools (x64) Microsoft Visual Studio 2010 Service Pack 1 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2012 Devenv Microsoft Visual Studio 2012 Devenv Resources Microsoft Visual Studio 2012 IntelliTrace Core amd64 Microsoft Visual Studio 2012 IntelliTrace Core x86 Microsoft Visual Studio 2012 IntelliTrace Front End x86 Microsoft Visual Studio 2012 Performance Collection Tools Microsoft Visual Studio 2012 Performance Collection Tools - ENU Microsoft Visual Studio 2012 Preparation Microsoft Visual Studio 2012 SharePoint Developer Tools Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack Microsoft Visual Studio 2012 Shell (Minimum) Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies Microsoft Visual Studio 2012 Shell (Minimum) Resources Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU Microsoft Visual Studio Premium 2012 Microsoft Visual Studio Premium 2012 - ENU Microsoft Visual Studio Professional 2012 Microsoft Visual Studio Professional 2012 - ENU Microsoft Visual Studio Team Foundation Server 2012 Object Model Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU Microsoft Visual Studio Ultimate 2012 Microsoft Visual Studio Ultimate 2012 - ENU Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources Microsoft Web Deploy 3.0 Microsoft Web Developer Tools 2012.2 - Visual Studio 2012 Microsoft Web Platform Installer 4.0 Movie Maker Mozilla Firefox 30.0 (x86 en-US) Mozilla Maintenance Service MSVC80_x64_v2 MSVC90_x64 MSVC90_x86 MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) Net4Switch Notepad++ NVIDIA 3D Vision Driver 320.49 NVIDIA Control Panel 320.49 NVIDIA Display Control Panel NVIDIA GeForce Experience 1.5 NVIDIA Graphics Driver 320.49 NVIDIA HD Audio Driver 1.3.24.2 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.13.0604 NVIDIA Stereoscopic 3D Driver NVIDIA Update 4.11.9 NVIDIA Update Components NVIDIA Updatus Paint Shop Pro 5.0 PDF-XChange 4 Pro Photo Common Photo Gallery Plants vs Zombies PMB PreEmptive Analytics Visual Studio Components Prerequisites for SSDT  QuickTime Realtek High Definition Audio Driver RealUpgrade 1.1 Resource Hacker Version 3.6.0 S34NCS OC version 5.0 Safari Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition  Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition  Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition  Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition  Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition  Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition  Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition  Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition  Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition  Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition  Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition  Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition  Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition  Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition  Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition  Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition  Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition  Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition  Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition  Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition  Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) Skype™ 6.11 SonicMaster Sql Server Customer Experience Improvement Program swMSM syncables desktop SE Unlocker 1.9.2 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition Update for Microsoft Visual Studio 2012 (KB2781514) USB2.0 UVC 2M WebCam VirusTotal Uploader 2.0 Visual Studio 2012 Prerequisites Visual Studio 2012 Prerequisites - ENU Language Pack Visual Studio 2012 Update 3 (KB2707250) Visual Studio Extensions for Windows Library for JavaScript VLC media player 2.0.8 WCF Data Services 5.0 (for OData v3) Primary Components WCF Data Services Tools for Microsoft Visual Studio 2012 WCF RIA Services V1.0 SP2 WIDCOMM Bluetooth Software WinDirStat 1.1.2 Windows App Certification Kit Native Components Windows App Certification Kit x64 Windows Azure Tools for LightSwitch HTML Client for Visual Studio 2012 Windows Driver Package - Broadcom HIDClass  (06/11/2009 6.2.0.9500) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Runtime Intellisense Content - en-us Windows Software Development Kit Windows Software Development Kit DirectX x64 Remote Windows Software Development Kit DirectX x86 Remote Windows Software Development Kit for Windows Store Apps Windows Software Development Kit for Windows Store Apps DirectX x64 Remote Windows Software Development Kit for Windows Store Apps DirectX x86 Remote Windows XP Targeting with C++ WinFlash WinRAR 5.00 beta 6 (64-bit) Wireless Console 3 XnView 1.99.6 معرض الصور . ==== Event Viewer Messages From Past Week ======== . 30/06/2014 12:18:40 AM, Error: Service Control Manager [7023]  - The Server service terminated with the following error:  The data is invalid. 30/06/2014 12:18:38 AM, Error: Microsoft-Windows-Directory-Services-SAM [12291]  - SAM failed to start the TCP/IP or SPX/IPX listening thread 30/06/2014 12:18:37 AM, Error: Service Control Manager [7023]  - The Windows Update service terminated with the following error:  %%-2147467243 30/06/2014 09:58:55 PM, Error: Service Control Manager [7003]  - The Net.Pipe Listener Adapter service depends the following service: was. This service might not be installed. 30/06/2014 09:58:55 PM, Error: Service Control Manager [7003]  - The Net.Msmq Listener Adapter service depends the following service: msmq. This service might not be installed. 30/06/2014 09:58:55 PM, Error: Service Control Manager [7001]  - The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 30/06/2014 09:57:49 PM, Error: Ntfs [137]  - The default transaction resource manager on volume D: encountered a non-retryable error and could not start.  The data contains the error code. 30/06/2014 09:32:32 PM, Error: Service Control Manager [7000]  - The NextSecurity Packet Driver service failed to start due to the following error:  The system cannot find the file specified. 30/06/2014 09:16:32 PM, Error: Service Control Manager [7000]  - The NextSecurity Packet Driver service failed to start due to the following error:  This driver has been blocked from loading 30/06/2014 09:16:32 PM, Error: Application Popup [1060]  - \SystemRoot\SysWow64\drivers\nspacket.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 30/06/2014 07:35:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows 7 for x64-based Systems (KB2872339). 30/06/2014 07:33:30 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows 7 for x64-based Systems (KB2871997). 30/06/2014 06:56:20 PM, Error: EventLog [6008]  - The previous system shutdown at 06:44:45 م on ‏30/‏06/‏2014 was unexpected. 30/06/2014 06:23:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2957689). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2929733). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2919469). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2918077). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2904266). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2893519). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2891804). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2853952). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2847077). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2843630). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2830477). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2800095). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2965788). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2957509). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2957189). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2939576). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2930275). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2893294). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2884256). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2875783). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2872339). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2868626). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2864058). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2847311). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2898857). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070652: Security Update for Microsoft Office Excel 2007 (KB2827324). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070652: Security Update for Microsoft Office 2007 suites (KB2827326). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070652: Security Update for Microsoft Office 2007 suites (KB2760591). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Security Essentials - 4.4.304.0 (KB2902885). 30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4.5 on Windows 7, Vista, Windows Server 2008, Windows Server 2008 R2 for x64 (KB2861208). 30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2952664). 30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2888049). 30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2882822). 30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2846960). 30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2957503). 30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2912390). 30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2876331). 30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2871997). 30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2868038). 30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2862973). 30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2862335). 30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240). 30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698). 30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Internet Explorer 10 for Windows 7 for x64-based Systems (KB2909210). 30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070652: Security Update for Microsoft Office 2007 suites (KB2880508). 30/06/2014 05:09:56 PM, Error: Service Control Manager [7030]  - The ESET Service service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly. 30/06/2014 04:41:58 PM, Error: Microsoft Antimalware [2001]  -  30/06/2014 03:28:31 PM, Error: Service Control Manager [7034]  - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly.  It has done this 1 time(s). 30/06/2014 03:15:41 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 30/06/2014 03:15:39 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD DfsC discache eamonm ehdrv EpfwLWF ESProtectionDriver MpFilter NetBIOS nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl 30/06/2014 03:15:37 AM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start. 30/06/2014 03:15:37 AM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning. 30/06/2014 03:15:37 AM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start. 30/06/2014 03:15:37 AM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start. 30/06/2014 03:15:37 AM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning. 30/06/2014 03:15:37 AM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start. 30/06/2014 03:15:37 AM, Error: Service Control Manager [7001]  - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error:  A device attached to the system is not functioning. 30/06/2014 03:15:37 AM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning. 30/06/2014 03:15:37 AM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning. . ==== End Of File ===========================

And the checkup.txt log:

  Results of screen317's Security Check version 0.99.85    Windows 7 Service Pack 1 x64     Internet Explorer 11   [b][u]``````````````Antivirus/Firewall Check:``````````````[/b][/u]   Windows Firewall Enabled!   ESET Smart Security 7.0     Antivirus up to date!    [b][u]`````````Anti-malware/Other Utilities Check:`````````[/b][/u]   MVPS Hosts File    VirusTotal Uploader 2.0     Visual Studio Extensions for Windows Library for JavaScript   Java 7 Update 25    JavaScript Tooling      [color=red][b]Java version out of Date![/b][/color]    Adobe Flash Player 11.8.800.94 [b][color=red]Flash Player out of Date![/color][/b]    Adobe Reader XI    Mozilla Firefox (30.0)   Google Chrome 29.0.1547.57    Google Chrome 29.0.1547.62   [b][u]````````Process Check: objlist.exe by Laurent````````[/b][/u]    ESET NOD32 Antivirus egui.exe    ESET NOD32 Antivirus ekrn.exe    Malwarebytes Anti-Malware mbamservice.exe    Malwarebytes Anti-Malware mbam.exe    Malwarebytes Anti-Malware mbamscheduler.exe    [b][u]`````````````````System Health check`````````````````[/b][/u]   Total Fragmentation on Drive C:   [b][u]````````````````````End of Log``````````````````````[/b][/u]

Not to mention that alot of windows updates were failed aswell :/ Thanks alot for reading, and in advanced. YOUR EFFORTS! :)

 

[Corrine]

Hi, malis2007.

Sorry for the delay in responding. I've been tied up all day.

Unfortunately, your logs are completely unreadable. Please launch Notepad. Click Format and check the box for Word Wrap. Then post the logs again without using code.

Thank you!

 

[malis2007]

Hey.. i am sorry about that unreadable thing.. tried to make it multi-lined but failed as i had been away from pc for along time, due to school stuff XD
Anyway..

the old MalwareBytes log:

===============================================================

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Scan Date: 30/06/2014
Scan Time: 08:22:56 PM
Logfile: Malwarebytes.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.30.09
Rootkit Database: v2014.06.30.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: ali

Scan Type: Hyper Scan
Result: Completed
Objects Scanned: 348115
Time Elapsed: 7 min, 36 sec

Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627, Quarantined, [1091d7a72556e25458dae6b157ab34cc],

Files: 38
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\Autorun.inf, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\crx.tar, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\GameApps.ini, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\GameConsole.exe, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\GameEngine.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\GLOBALUNINSTALL.TNT, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\hmac.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\iehpr.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\iestage2.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\IEToolbar.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\IEToolbar64.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\INSTALL.TNT, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\log.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\MinecraftShims64.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\npTNT2.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\npTNT2Ghost.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\PARTNER.TNT, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\passport.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\passport64.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\pinnedSearch.htm, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\pinnedSearch_FindWide.htm, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\progress.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\regsvr.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\RemoteSkin.wms, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\sqlite.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\tnt2chrome.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\TNT2User.exe, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\TNT2UserPS.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\TNT2UserPS64.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\TntMagicDel.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\UnInjLib.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\UnInjLib64.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\UNINSTALL.TNT, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\UninstallDlg.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\untar.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\UPDATE.TNT, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\xpi.tar, Quarantined, [1091d7a72556e25458dae6b157ab34cc],
PUP.Optional.TidyNetwork.A, C:\Users\ali\AppData\Local\TNT2\2.0.0.1627\zipunzip.1.dll, Quarantined, [1091d7a72556e25458dae6b157ab34cc],

Physical Sectors: 0
(No malicious items detected)


(end)

===============================================================

and the new DDS.txt log:

===============================================================

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: BrowserJavaVersion: 10.60.2
Run by ali at 22:50:09 on 2014-07-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1256.20.1033.18.6069.3951 [GMT 2:00]
.
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\CISVC.EXE
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
EB: Web Test Recorder 10.0: {3142C289-F319-47F5-A594-A827028714C9} -
EB: Web Test Recorder 10.0: {3142c289-f319-47f5-a594-a827028714c9} -
uRun: [FileHippo.com] "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
mRun: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
uPolicies-Explorer: NoDriveAutoRun- = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun- = dword:0
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDriveTypeAutoRun = dword:253
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:253
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveAutoRun- = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun- = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1374545831534
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1374021286188
TCP: NameServer = 41.128.225.225 41.128.225.226
TCP: Interfaces\{1DF79A7C-6F29-4AAF-B4FD-772F63ACE586} : NameServer = 208.67.222.123,208.67.220.123,192.168.1.1
TCP: Interfaces\{1DF79A7C-6F29-4AAF-B4FD-772F63ACE586} : DHCPNameServer = 41.128.225.225 41.128.225.226
TCP: Interfaces\{1DF79A7C-6F29-4AAF-B4FD-772F63ACE586}\16C696 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{1DF79A7C-6F29-4AAF-B4FD-772F63ACE586}\353343E4 : NameServer = 208.67.222.123,208.67.220.123,192.168.1.1
TCP: Interfaces\{1DF79A7C-6F29-4AAF-B4FD-772F63ACE586}\353343E4 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{1DF79A7C-6F29-4AAF-B4FD-772F63ACE586}\C696E6B6 : DHCPNameServer = 41.128.225.225 41.128.225.226
TCP: Interfaces\{1DF79A7C-6F29-4AAF-B4FD-772F63ACE586}\D416C69637 : DHCPNameServer = 197.199.255.254 217.52.47.130
TCP: Interfaces\{8A68948D-B161-4ED7-8BBE-9F3776C9E0DF}\16C696 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D13B58AE-512F-4510-A695-2D1472BC76B5}\16C696 : DHCPNameServer = 213.131.66.248 213.131.65.20
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} -
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll
x64-Run: [egui] "C:\Program Files\ESET\ESET Smes\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
S4 RsFx0105;RsFx0105 Driver;C:\Windows\System32\drivers\RsFx0105.sys [2011-9-22 311144]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464]
S4 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-7-25 126976]
.
=============== File Associations ===============
.
ShellExec: FRONTPG.EXE: edit=C:\PROGRA~2\Office10\FRONTPG.EXE
.
=============== Created Last 30 ================
.
2019-10-09 08:40:57 -------- d-----w- C:\Users\ali\AppData\Roaming\Crypto Obfuscator For .Net v2012 R2
2014-07-02 19:51:30 -------- d-----w- C:\ProgramData\Malwarebytes Anti-Exploit
2014-07-02 19:51:28 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Exploit
2014-07-02 19:32:07 -------- dc----w- C:\SUPERDelete
2014-07-02 19:16:22 -------- d-----w- C:\Users\ali\AppData\Local\Innovative Solutions
2014-07-02 19:16:19 -------- d-----w- C:\Program Files (x86)\Innovative Solutions
2014-07-02 15:18:15 -------- d-----w- C:\Users\ali\AppData\Local\uGet
2014-07-02 13:21:50 -------- d-----w- C:\Program Files (x86)\VirusTotalUploader2
2014-07-02 13:10:57 -------- d-----w- C:\ProgramData\SecTaskMan
2014-07-02 12:13:46 -------- d-----w- C:\Users\ali\AppData\Local\Skype
2014-07-01 23:43:04 -------- d-sh--w- C:\Users\ali\AppData\Local\EmieUserList
2014-07-01 23:43:04 -------- d-sh--w- C:\Users\ali\AppData\Local\EmieSiteList
2014-07-01 21:56:17 -------- d-----w- C:\Program Files\iPod
2014-07-01 21:56:15 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-01 21:56:15 -------- d-----w- C:\Program Files\iTunes
2014-07-01 21:56:15 -------- d-----w- C:\Program Files (x86)\iTunes
2014-07-01 21:17:30 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-01 21:17:30 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-01 20:47:03 -------- d-----w- C:\Windows\en
2014-07-01 20:46:36 -------- d-----w- C:\Windows\ar
2014-07-01 20:43:49 -------- dc----w- C:\NvidiaLogging
2014-07-01 20:39:00 39712 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-07-01 20:38:59 29984 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2014-07-01 20:38:59 28448 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2014-07-01 20:31:16 6081224 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5d3fa3861cf956b0b\onedrivesetup.exe
2014-07-01 19:44:36 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-07-01 19:08:51 -------- d-----w- C:\Users\ali\AppData\Local\Adobe
2014-07-01 15:47:54 -------- d-----w- C:\ProgramData\Oracle
2014-07-01 15:46:53 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-01 14:39:26 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C514604F-CF6A-42BE-9D22-48E78EBCCD25}\mpengine.dll
2014-07-01 00:39:19 -------- d-----w- C:\Users\ali\AppData\Roaming\PowerISO
2014-07-01 00:38:21 129944 ----a-w- C:\Windows\System32\drivers\scdemu.sys
2014-07-01 00:38:02 -------- d-----w- C:\Program Files\PowerISO
2014-06-30 23:24:22 6574592 ----a-w- C:\Windows\System32\mstscax.dll
2014-06-30 23:24:22 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-06-30 22:45:59 1402880 -c--a-w- C:\Utilman.exe
2014-06-30 18:19:25 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-30 18:17:42 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-30 18:17:42 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-06-30 18:17:42 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-06-30 18:17:42 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-30 17:47:53 -------- d-s---w- C:\Windows\System32\CompatTel
2014-06-30 17:37:41 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-06-30 17:37:41 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-06-30 17:37:40 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-06-30 17:37:39 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-06-30 15:47:21 -------- d-----w- C:\Windows\Migration
2014-06-30 15:23:51 327168 ----a-w- C:\Windows\System32\mswsock.dll
2014-06-30 15:23:51 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2014-06-30 14:47:49 -------- d-----w- C:\Users\ali\AppData\Local\Temporary Projects
2014-06-30 13:57:00 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-06-30 13:57:00 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-06-30 13:53:39 506368 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-30 13:53:39 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-06-30 13:51:29 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2014-06-30 13:50:48 202752 ----a-w- C:\Windows\System32\scrrun.dll
2014-06-30 13:50:48 156160 ----a-w- C:\Windows\System32\cscript.exe
2014-06-30 13:50:48 150016 ----a-w- C:\Windows\System32\wshom.ocx
2014-06-30 13:50:48 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2014-06-30 13:50:47 168960 ----a-w- C:\Windows\System32\wscript.exe
2014-06-30 13:50:47 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2014-06-30 13:50:47 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2014-06-30 13:50:47 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2014-06-30 13:48:28 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-06-30 13:48:28 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-06-30 13:47:05 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-06-30 13:47:04 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-06-30 13:45:59 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2014-06-30 13:45:59 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2014-06-30 13:45:54 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2014-06-30 13:45:54 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2014-06-30 13:42:28 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-30 13:42:27 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-30 13:42:27 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2014-06-30 13:42:27 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2014-06-30 13:42:26 633856 ----a-w- C:\Windows\System32\comctl32.dll
2014-06-30 13:42:26 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-06-30 13:42:25 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2014-06-30 13:42:24 335360 ----a-w- C:\Windows\System32\msieftp.dll
2014-06-30 13:42:24 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2014-06-18 08:47:57 180136 ----a-w- C:\Windows\System32\drivers\idmwfp.sys
.
==================== Find3M ====================
.
2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-05 02:47:20 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-04-05 02:47:09 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-15 09:20:36 2174976 ----a-w- C:\Program Files (x86)\Common Files\atimpenc.dll
.
============= FINISH: 22:51:52.97 ===============

===============================================================

the rest of the logs will be posted in the next replies.

 

[malis2007]

The new Attach.txt log:

===============================================================

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 15/01/2011 02:30:05 AM
System Uptime: 02/07/2014 10:24:13 PM (0 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | N53Jq
Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz | Socket 989 | 1734/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 56.4 GiB free.
D: is FIXED (NTFS) - 426 GiB total, 72.445 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00005557-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A9\8&15AC57A2&0&0025D0B055ED_C00000003
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00005557-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A9\8&15AC57A2&0&0025D0B055ED_C00000003
Service:
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Bluetooth Device (Personal Area Network)
Device ID: BTH\MS_BTHPAN\7&2F9FD3E4&0&2
Manufacturer: Microsoft
Name: Bluetooth Device (Personal Area Network)
PNP Device ID: BTH\MS_BTHPAN\7&2F9FD3E4&0&2
Service: BthPan
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Bluetooth Device (RFCOMM Protocol TDI)
Device ID: BTH\MS_RFCOMM\7&2F9FD3E4&0&0
Manufacturer: Microsoft
Name: Bluetooth Device (RFCOMM Protocol TDI)
PNP Device ID: BTH\MS_RFCOMM\7&2F9FD3E4&0&0
Service: RFCOMM
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&4240F00&0&01
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&4240F00&0&01
Service: vwifimp
.
Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}
Description: Bluetooth Hands-free Audio
Device ID: BTHENUM\{24DF01A9-3E4F-4C9F-9F66-5AA8AB14F8F4}_LOCALMFG&0000\8&15AC57A2&0&000000000000_00000000
Manufacturer: Broadcom
Name: Bluetooth Hands-free Audio
PNP Device ID: BTHENUM\{24DF01A9-3E4F-4C9F-9F66-5AA8AB14F8F4}_LOCALMFG&0000\8&15AC57A2&0&000000000000_00000000
Service: btwaudio
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Device ID: PCI\VEN_1969&DEV_1063&SUBSYS_18201043&REV_C0\FF1CF4B9BCAEC5FF00
Manufacturer: Atheros
Name: Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
PNP Device ID: PCI\VEN_1969&DEV_1063&SUBSYS_18201043&REV_C0\FF1CF4B9BCAEC5FF00
Service: L1C
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A9\8&15AC57A2&0&0025D0B055ED_C00000003
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A9\8&15AC57A2&0&0025D0B055ED_C00000003
Service:
.
Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Description: Bluetooth Remote Control
Device ID: BTHENUM\{84A1E9B8-12BA-4A9C-8AB0-A43784E0D149}_LOCALMFG&0000\8&15AC57A2&0&000000000000_00000000
Manufacturer: Broadcom
Name: Bluetooth Remote Control
PNP Device ID: BTHENUM\{84A1E9B8-12BA-4A9C-8AB0-A43784E0D149}_LOCALMFG&0000\8&15AC57A2&0&000000000000_00000000
Service: btwrchid
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00005601-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A9\8&15AC57A2&0&0025D0B055ED_C00000003
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00005601-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A9\8&15AC57A2&0&0025D0B055ED_C00000003
Service:
.
Class GUID:
Description:
Device ID: ROOT\WPD\0000
Manufacturer:
Name:
PNP Device ID: ROOT\WPD\0000
Service:
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: USB2.0 UVC 2M WebCam
Device ID: USB\VID_13D3&PID_5122&MI_00\7&458BFA4&0&0000
Manufacturer: Azureware
Name: USB2.0 UVC 2M WebCam
PNP Device ID: USB\VID_13D3&PID_5122&MI_00\7&458BFA4&0&0000
Service: SNP2UVC
.
==== System Restore Points ===================
.
RP764: 01/07/2014 09:43:17 PM - Installed Java 8 Update 5 (64-bit)
RP765: 01/07/2014 10:25:49 PM - Windows Live Essentials
RP766: 01/07/2014 10:31:23 PM - Installed DirectX
RP767: 01/07/2014 10:31:57 PM - Installed DirectX
RP768: 01/07/2014 10:32:52 PM - Installed DirectX
RP769: 01/07/2014 10:33:59 PM - WLSetup
RP770: 01/07/2014 11:21:57 PM - Installed QuickTime 7
RP771: 01/07/2014 11:53:01 PM - Installed iTunes
RP772: 02/07/2014 03:35:28 PM - Windows Modules Installer
.
==== Hosts File Hijack ======================
.
Hosts: 127.0.0.1 ads.mcafee.com
Hosts: 127.0.0.1 directads.mcafee.com
Hosts: 127.0.0.1 analytics.microsoft.com
Hosts: 127.0.0.1 metrics.bitdefender.com
Hosts: 127.0.0.1 metrics.mcafee.com
Hosts: 127.0.0.1 om.symantec.com
Hosts: 127.0.0.1 ox-d.majorgeeks.com
Hosts: 127.0.0.1 ads.bleepingcomputer.com
Hosts: 127.0.0.1 sdc.mcafee.com
Hosts: 127.0.0.1 wdcs.trendmicro.com
Hosts: 127.0.0.1 Spyware Info | Spyware Info
.
==== Installed Programs ======================
.
Tools for .Net 3.5
بريد Windows Live
تحديث لـ Microsoft Office Excel 2007 Help (KB963678)
تحديث لـ Microsoft Office Powerpoint 2007 Help (KB963669)
تحديث لـ Microsoft Office Word 2007 Help (KB963665)
دعم تطبيق Apple
7-Zip 9.22 (x64 edition)
Acrobat.com
Adobe AIR
Adobe Flash Player 14 ActiveX
Adobe Flash Player 14 Plugin
Adobe Photoshop CS
Adobe Photoshop CS5.1 12.1
Adobe Reader XI (11.0.07)
Adobe Shockwave Player 12.0
Alcor Micro USB Card Reader
Apple Mobile Device Support
Apple Software Update
ASUS AI Recovery
ASUS AP Bank
ASUS Data Security Manager
ASUS FancyStart
ASUS LifeFrame3
ASUS Live Update
ASUS MultiFrame
ASUS Power4Gear Hybrid
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Video Magic
ASUS Virtual Camera
ASUS_N3_Series
ATK Package
Auslogics Duplicate File Finder
Blend for Visual Studio 2012
Blend for Visual Studio 2012 ENU resources
Blend for Visual Studio Add-in for Adobe FXG Import
Blend for Visual Studio SDK for .NET 4.5
Blend for Visual Studio SDK for Silverlight 5
Boingo Wi-Fi
Bonjour
Canon iP2700 series Printer Driver
ControlDeck
Cooking Dash
CyberLink LabelPrint
CyberLink MediaShow Espresso
CyberLink PhotoNow
CyberLink Power2Go
CyberLink PowerDirector
CyberLink PowerDVD 9
D3DX10
Dotfuscator and Analytics Community Edition
Dropbox
Entity Framework Designer for Visual Studio 2012 - enu
ESET Smart Security
ETDWare PS/2-x64 7.0.5.13_WHQL
Explorer Suite III
ExpressGate Cloud
Fast Boot
FileHippo.com Update Checker
FileZilla Client 3.9.0-beta2
Fresco Logic USB3.0 Host Controller
Game Park Console
Google Chrome
Google Earth
Google Update Helper
Governor of Poker
Hotel Dash Suite Success
Hotfix for Microsoft Visual Basic 2010 Express - ENU (KB2635973)
iCloud
Image Resizer for Windows
Image Resizer for Windows (64 bit)
Imgur Uploader
Inno Setup version 5.5.1
Intel(R) Management Engine Components
Intel(R) Turbo Boost Technology Monitor
Internet Download Manager
IrfanView (remove only)
iTunes
Java 7 Update 60
Java 8 Update 5 (64-bit)
Java Auto Updater
JavaScript Tooling
Junk Mail filter update
LocalESPC
LocalESPCui for en-us
Luxor 3
Mahjongg dimensions
Malwarebytes Anti-Exploit version 1.03.1.1220
Malwarebytes Anti-Malware version 2.0.2.1012
MediaFire Express
MGC Chat App (BETA) version 1.0
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5 Multi-Targeting Pack
Microsoft .NET Framework 4.5 SDK
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 3
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - ENU
Microsoft ASP.NET MVC 4 Runtime
Microsoft ASP.NET Web Pages
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - ENU
Microsoft ASP.NET Web Pages 2 Runtime
Microsoft Expression Blend SDK for .NET 4
Microsoft Expression Blend SDK for Silverlight 4
Microsoft Help Viewer 1.1
Microsoft Help Viewer 2.0
Microsoft LightSwitch for Visual Studio 2012 Core
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU
Microsoft LightSwitch for Visual Studio 2012 v3.0 Core
Microsoft LightSwitch for Visual Studio 2012 v3.0 CoreRes - ENU
Microsoft NuGet - Visual Studio 2012
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Arabic) 2007
Microsoft Office Excel MUI (Arabic) 2007
Microsoft Office File Validation Add-In
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Arabic) 2007
Microsoft Office PowerPoint MUI (Arabic) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proofing (Arabic) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Arabic) 2007
Microsoft Office Shared 64-bit MUI (Arabic) 2007
Microsoft Office Shared MUI (Arabic) 2007
Microsoft Office Word MUI (Arabic) 2007
Microsoft OneDrive
Microsoft Portable Library Multi-Targeting Pack
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu
Microsoft Report Viewer Add-On for Visual Studio 2012
Microsoft Silverlight
Microsoft Silverlight 4 SDK
Microsoft Silverlight 5 SDK
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 RsFx Driver
Microsoft Visual Basic 2010 Express - ENU
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727
Microsoft Visual C++ 2012 32bit Compilers - ENU Resources
Microsoft Visual C++ 2012 Compilers
Microsoft Visual C++ 2012 Compilers - ENU Resources
Microsoft Visual C++ 2012 Core Libraries
Microsoft Visual C++ 2012 Extended Libraries
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86-x64 Compilers
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
Microsoft Visual Studio 2010 Office Developer Tools (x64)
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio 2012 Devenv
Microsoft Visual Studio 2012 Devenv Resources
Microsoft Visual Studio 2012 IntelliTrace Core amd64
Microsoft Visual Studio 2012 IntelliTrace Core x86
Microsoft Visual Studio 2012 IntelliTrace Front End x86
Microsoft Visual Studio 2012 Performance Collection Tools
Microsoft Visual Studio 2012 Performance Collection Tools - ENU
Microsoft Visual Studio 2012 Preparation
Microsoft Visual Studio 2012 SharePoint Developer Tools
Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack
Microsoft Visual Studio 2012 Shell (Minimum)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
Microsoft Visual Studio 2012 Shell (Minimum) Resources
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU
Microsoft Visual Studio Premium 2012
Microsoft Visual Studio Premium 2012 - ENU
Microsoft Visual Studio Professional 2012
Microsoft Visual Studio Professional 2012 - ENU
Microsoft Visual Studio Team Foundation Server 2012 Object Model
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU
Microsoft Visual Studio Ultimate 2012
Microsoft Visual Studio Ultimate 2012 - ENU
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
Microsoft Web Deploy 3.0
Microsoft Web Developer Tools 2012.2 - Visual Studio 2012
Microsoft Web Platform Installer 4.0
Movie Maker
Mozilla Firefox 30.0 (x86 en-US)
Mozilla Maintenance Service
MSVC80_x64_v2
MSVC90_x64
MSVC90_x86
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Net4Switch
Notepad++
NVIDIA 3D Vision Driver 320.49
NVIDIA Control Panel 320.49
NVIDIA Display Control Panel
NVIDIA GeForce Experience 1.6
NVIDIA Graphics Driver 320.49
NVIDIA HD Audio Driver 1.3.24.2
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0604
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 7.2.17
NVIDIA Update Components
NVIDIA Updatus
NVIDIA Virtual Audio 1.2.1
Paint Shop Pro 5.0
Photo Common
Photo Gallery
Plants vs Zombies
PMB
PowerISO
PreEmptive Analytics Visual Studio Components
Prerequisites for SSDT
QuickTime 7
Realtek High Definition Audio Driver
RealUpgrade 1.1
Resource Hacker Version 3.6.0
S34NCS OC version 5.0
Safari
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit)
SHIELD Streaming
Skype™ 6.16
SonicMaster
Sql Server Customer Experience Improvement Program
swMSM
syncables desktop SE
Unlocker 1.9.2
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition
Update for Microsoft Visual Studio 2012 (KB2781514)
USB2.0 UVC 2M WebCam
VirusTotal Uploader 2.2
Visual Studio 2012 Prerequisites
Visual Studio 2012 Prerequisites - ENU Language Pack
Visual Studio 2012 Update 3 (KB2707250)
Visual Studio Extensions for Windows Library for JavaScript
VLC media player 2.1.3
WCF Data Services 5.0 (for OData v3) Primary Components
WCF Data Services Tools for Microsoft Visual Studio 2012
WCF RIA Services V1.0 SP2
WIDCOMM Bluetooth Software
WinDirStat 1.1.2
Windows App Certification Kit Native Components
Windows App Certification Kit x64
Windows Azure Tools for LightSwitch HTML Client for Visual Studio 2012
Windows Driver Package - Broadcom HIDClass (06/11/2009 6.2.0.9500)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Runtime Intellisense Content - en-us
Windows Software Development Kit
Windows Software Development Kit DirectX x64 Remote
Windows Software Development Kit DirectX x86 Remote
Windows Software Development Kit for Windows Store Apps
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
Windows XP Targeting with C++
WinFlash
WinRAR 5.00 beta 6 (64-bit)
Wireless Console 3
XnView 1.99.6
معرض الصور
.
==== Event Viewer Messages From Past Week ========
.
30/06/2014 12:18:40 AM, Error: Service Control Manager [7023] - The Server service terminated with the following error: The data is invalid.
30/06/2014 12:18:38 AM, Error: Microsoft-Windows-Directory-Services-SAM [12291] - SAM failed to start the TCP/IP or SPX/IPX listening thread
30/06/2014 12:18:37 AM, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-2147467243
30/06/2014 09:32:32 PM, Error: Service Control Manager [7000] - The NextSecurity Packet Driver service failed to start due to the following error: The system cannot find the file specified.
30/06/2014 09:16:32 PM, Error: Service Control Manager [7000] - The NextSecurity Packet Driver service failed to start due to the following error: This driver has been blocked from loading
30/06/2014 09:16:32 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\drivers\nspacket.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
30/06/2014 07:35:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows 7 for x64-based Systems (KB2872339).
30/06/2014 07:33:30 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows 7 for x64-based Systems (KB2871997).
30/06/2014 06:56:20 PM, Error: EventLog [6008] - The previous system shutdown at 06:44:45 م on ‏30/‏06/‏2014 was unexpected.
30/06/2014 06:23:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2957689).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2929733).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2919469).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2918077).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2904266).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2893519).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2891804).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2853952).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2847077).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2843630).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2830477).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2800095).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2965788).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2957509).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2957189).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2939576).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2930275).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2893294).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2884256).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2875783).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2872339).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2868626).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2864058).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2847311).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2898857).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070652: Security Update for Microsoft Office Excel 2007 (KB2827324).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070652: Security Update for Microsoft Office 2007 suites (KB2827326).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070652: Security Update for Microsoft Office 2007 suites (KB2760591).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Security Essentials - 4.4.304.0 (KB2902885).
30/06/2014 06:12:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4.5 on Windows 7, Vista, Windows Server 2008, Windows Server 2008 R2 for x64 (KB2861208).
30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2952664).
30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2888049).
30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2882822).
30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2846960).
30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2957503).
30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2912390).
30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2876331).
30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2871997).
30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2868038).
30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2862973).
30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2862335).
30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240).
30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698).
30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Internet Explorer 10 for Windows 7 for x64-based Systems (KB2909210).
30/06/2014 06:12:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070652: Security Update for Microsoft Office 2007 suites (KB2880508).
30/06/2014 05:09:56 PM, Error: Service Control Manager [7030] - The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
30/06/2014 04:41:58 PM, Error: Microsoft Antimalware [2001] -
30/06/2014 03:15:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
30/06/2014 03:15:39 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache eamonm ehdrv EpfwLWF ESProtectionDriver MpFilter NetBIOS nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl
30/06/2014 03:15:37 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
30/06/2014 03:15:37 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
30/06/2014 03:15:37 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
30/06/2014 03:15:37 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
30/06/2014 03:15:37 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
30/06/2014 03:15:37 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
30/06/2014 03:15:37 AM, Error: Service Control Manager [7001] - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error: A device attached to the system is not functioning.
30/06/2014 03:15:37 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
30/06/2014 03:15:37 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
02/07/2014 10:26:21 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.
02/07/2014 10:24:42 PM, Error: Service Control Manager [7003] - The Net.Pipe Listener Adapter service depends the following service: was. This service might not be installed.
02/07/2014 10:24:42 PM, Error: Service Control Manager [7003] - The Net.Msmq Listener Adapter service depends the following service: msmq. This service might not be installed.
02/07/2014 10:24:42 PM, Error: Service Control Manager [7001] - The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
02/07/2014 10:24:27 PM, Error: Ntfs [137] - The default transaction resource manager on volume D: encountered a non-retryable error and could not start. The data contains the error code.
02/07/2014 10:02:46 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/07/2014 07:22:04 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
02/07/2014 07:21:53 PM, Error: ACPI [10] - ACPI: ACPI BIOS is attempting to write to an illegal PCI Operation Region (0x4), Please contact your system vendor for technical assistance.
02/07/2014 06:33:57 PM, Error: Service Control Manager [7034] - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s).
02/07/2014 03:30:37 PM, Error: Service Control Manager [7031] - The Intel(R) Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
02/07/2014 02:18:05 PM, Error: Service Control Manager [7034] - The خدمة iPod service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================

===============================================================

and the new checkup.txt log:

===============================================================

Results of screen317's Security Check version 0.99.85
Windows 7 Service Pack 1 x64
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
ESET Smart Security 7.0
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
VirusTotal Uploader 2.2
Visual Studio Extensions for Windows Library for JavaScript
Java 7 Update 60
JavaScript Tooling
Adobe Flash Player 14.0.0.139
Adobe Reader XI
Mozilla Firefox (30.0)
Google Chrome 35.0.1916.153
Google Chrome 37.0.2062.3
````````Process Check: objlist.exe by Laurent````````
ESET NOD32 Antivirus egui.exe
ESET NOD32 Antivirus ekrn.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Exploit mbae-svc.exe
Malwarebytes Anti-Malware mbamscheduler.exe
Malwarebytes Anti-Exploit mbae.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````

 

[Corrine]

Hi, malis2007.

Thank you for the replacement logs!

I've spent some time reviewing and researching your logs and have a few other things I'd like to check. I'm not seeing the same signs in your logs that were evident last year when Broni helped you here. What does concern me is that you are again having Windows Update problems.

While I continue researching, I'm also going to discuss the Windows Update errors shown in the log with team members.

 

[Jared]

Just a tip, when posting a lot of code put it between the [ CODE ] [ /CODE ] brackets created by clicking on the hash button #

 

[malis2007]

Just to make you know, i still didn't do the "repair installation" thing. as i didn't mange to understand it. thus, i made anew topic here where NoelDP helped me.

-Edit-

Just asking, will this upgrade my windows from windows 7 to 8/8.1?
as i don't want to ^

 

[Corrine]

Just a tip, when posting a lot of code put it between the [ CODE ] [ /CODE ] brackets created by clicking on the hash button #

Actually, Jared, I prefer the code option not be used for the type of logs I review. In fact, if they are used, I will edit the post to remove the code tags. The reason is the logs are much easier to work with when copy/pasted from the text file that the tools produce. The code tag results in unnecessary scrolling to view and research the logs.

Just to make you know, i still didn't do the "repair installation" thing. as i didn't mange to understand it. thus, i made anew topic here where NoelDP helped me.

-Edit-

Just asking, will this upgrade my windows from windows 7 to 8/8.1?
as i don't want to ^

Hi, malis2007.

No, a repair install would absolutely not upgrade your computer from Windows 7 to Windows 8/8.1. In order to upgrade to Windows 8, you would first need to check compatibility, purchase a license for Windows 8, download the operating system and install it.

I'd like you to answer a couple of questions for me in your next reply.

1. Does your school provide Dreamspark?
2. Do you have a license for Crypto Obfuscator?

Although Broni had you run these tools last year, a lot has changed during that period of time and there is likely additional adware remaining even after the removal of the PUPs (Potentially Unwanted Programs) by Malwarebytes Anti-Malware. We'll start taking a look at what AdwCleaner finds.

Please download Adware Cleaner by Xplode to your Desktop. <--Note: The provided link is a direct download link. Please save it to your desktop!

• Close all open programs and internet browsers.
  Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
• Click the Scan button.
• AdwCleaner will begin. Be patient as the scan may take some time to complete.
• After the scan has finished, click the Report button. A logfile (AdwCleaner[R0].txt) will open in Notepad for review.
• Copy and paste the contents of that logfile in your next reply.
• A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

[Jared]

Okay, just trying to help.
I suppose it's easier :)

 

[malis2007]

Hey all Thanks for help.
About..

1. Does your school provide Dreamspark?
2. Do you have a license for Crypto Obfuscator?

Well, no.. my school provide nothing. xD
and i don't even know what does Dreamspark do.
and about the Crypto Obfuscator i used to use the trial version only.. but that was long time ago. xD

Downloading Adware Cleaner atm.. and will post log in the next reply.

 

[malis2007]

# AdwCleaner v3.214 - Report created 03/07/2014 at 20:01:17
# Updated 29/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : ali - ALI
# Running from : D:\Malis2007\Downloads\adwcleaner_3.214.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
Folder Found : C:\Program Files (x86)\Expat Shield
Folder Found : C:\Program Files (x86)\Toolbar Cleaner

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F5A29F21-B121-48A0-A317-737AF8BB106A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\ali\AppData\Roaming\Mozilla\Firefox\Profiles\y3qdajn6.default-1404230161963\prefs.js ]


-\\ Google Chrome v37.0.2062.3

[ File : C:\Users\ali\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2904 octets] - [03/07/2014 19:58:33]
AdwCleaner[R1].txt - [2808 octets] - [03/07/2014 20:01:17]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [2868 octets] ##########


====================================================================

i ran the tool twice as i had forgotten to run it as administrator in the first time.
and about the "repair installation" thing.. should i do it? if so.. when? and what should i download if my windows is windows 7 64bit home premium.. as i want to do the USB bootable thing. i am downloading "X17-58997.iso" but not sure if it is the right one for me.

 

[Corrine]

Hi, malis2007.

Forget about the repair install for the time being, please. Right now, I need you to run AdwCleaner again and then JRT.

1. Double-click AdwCleaner.exe to run the tool again.

• Click the Scan button.
• AdwCleaner will begin to scan your computer like it did before.
  Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
• After the scan has finished,
• This time click on the Clean button.
• Press OK when asked to close all programs and follow the onscreen prompts.
• Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
• After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
• Copy and paste the contents of that logfile in your next reply.
• A copy of that logfile will also be saved in the C:\AdwCleaner folder.

2. Please download Junkware Removal Tool to your desktop.

• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

 

[malis2007]

AdwCleaner[S0].txt Log file:

=====================================================================================

# AdwCleaner v3.214 - Report created 03/07/2014 at 21:25:13
# Updated 29/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : ali - ALI
# Running from : C:\Users\ali\Desktop\adwcleaner_3.214.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Expat Shield
Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
File Deleted : C:\END

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F5A29F21-B121-48A0-A317-737AF8BB106A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\ali\AppData\Roaming\Mozilla\Firefox\Profiles\y3qdajn6.default-1404230161963\prefs.js ]


-\\ Google Chrome v37.0.2062.3

[ File : C:\Users\ali\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2904 octets] - [03/07/2014 19:58:33]
AdwCleaner[R1].txt - [2964 octets] - [03/07/2014 20:01:17]
AdwCleaner[R2].txt - [3022 octets] - [03/07/2014 21:23:42]
AdwCleaner[S0].txt - [2700 octets] - [03/07/2014 21:25:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2760 octets] ##########

=====================================================================================

JRT.txt Log file:

=====================================================================================

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by ali on Thu 07/03/2014 at 21:32:09.34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskbarHelper_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskbarHelper_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskbarHelper_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskbarHelper_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 07/03/2014 at 21:44:34.14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

=====================================================================================

Thanks alot for helping me. :)

 

[Corrine]

Excellent!

Hey all Thanks for help.
About..

1. Does your school provide Dreamspark?
2. Do you have a license for Crypto Obfuscator?

Well, no.. my school provide nothing. xD
and i don't even know what does Dreamspark do.
and about the Crypto Obfuscator i used to use the trial version only.. but that was long time ago. xD

Now, back to your answers to my two questions. We can take care of Cryto Obfuscator leftovers. Before addressing that, however, as you've been saying your computer is slow, please tell me why you have so many programs installed, including, for example, versions of Microsoft SQL Server, Microsoft .NET Framework and Microsoft ASP.NET packages, Visual C++ and Microsoft Visual Studio programs (including Visual Studio Ultimate 2012, Microsoft Visual Studio Premium 2012 and Microsoft Visual Studio Professional 2012) programs installed. Do you use those programs for school work or projects you are working on?

 

[malis2007]

Well, i only use VB.net and C#(sometimes) for fun. but i don't know the others and i don't need them, for example the SQL stuff.. they just come with the windows updates whenever i try to remove them.

-Edit-

Btw, i am still sure that i have trojan or something like that. as sometimes my mouse movies alone!
Although i changed it(bought more than one) and changed the table which it was on as well, but still!

 

[Corrine]

You may want to take a look at the installed programs and uninstall those you aren't using. See the log in post 5. If you find you need something you've uninstalled, you can always install it again.

As to the mouse, have you checked the speed settings? Go to Control Panel\Hardware and Sound\Devices and Printers and right-click on the mouse. Select Mouse Settings and adjust the settings as needed.

Please follow these instructions carefully. Download ComboFix from the following location: Link 1

!!! IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your antivirus and anti-malware security applications. If not disabled, these programs will likely interfere with cleanup process. This can usually be accomplished by a right-click on the icon in the System Tray.
  
  Note: If you are unsure how to disable your security software, see the instructions in this topic at Tech Support Forum: How to disable your security applications.
  
• If infections are found, ComboFix will automatically reboot the machine to complete the removal process. Please ensure all opened windows are closed before proceeding.
• Double-click ComboFix.exe on your desktop and follow the prompts.
• Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
• When finished, a log will be produced. Please copy C:\ComboFix.txt in your next reply.

 

[malis2007]

about the mouse problem.. it is not related to the settings. as sometimes when i click on a link on google's search page(As example), my mouse go to the "X" button immediately and close the tab.. and sometimes the window. so i think that it is something like being remote controlled :/
anyway..,

ComboFix.txt log file:

============================================================================================

ComboFix 14-07-03.01 - ali 07/04/2014 3:19.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1256.20.1033.18.6069.4314 [GMT 2:00]
Running from: c:\users\ali\Desktop\ComboFix.exe
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personal firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Java\jre7\bin\jp2ssv.dll
c:\users\ali\AppData\Local\assembly\tmp
c:\windows\PFRO.log
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2014-06-04 to 2014-07-04 )))))))))))))))))))))))))))))))
.
.
2019-10-09 08:40 . 2019-10-09 08:40 -------- d-----w- c:\users\ali\AppData\Roaming\Crypto Obfuscator For .Net v2012 R2
2014-07-04 01:29 . 2014-07-04 01:34 -------- d-----w- c:\users\ali\AppData\Local\temp
2014-07-04 01:29 . 2014-07-04 01:33 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-07-04 01:29 . 2014-07-04 01:29 -------- d-----w- c:\users\S34N\AppData\Local\temp
2014-07-04 01:29 . 2014-07-04 01:29 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-07-04 01:29 . 2014-07-04 01:29 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2014-07-04 01:29 . 2014-07-04 01:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-04 01:29 . 2014-07-04 01:29 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2014-07-04 01:29 . 2014-07-04 01:29 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-07-03 20:51 . 2014-07-03 21:15 -------- d-----w- c:\users\ali\AppData\Local\Temporary Projects
2014-07-03 17:59 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-07-03 17:58 . 2014-07-03 19:25 -------- dc----w- C:\AdwCleaner
2014-07-03 08:39 . 2014-07-01 06:13 46704 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2014-07-02 19:51 . 2014-07-03 10:02 -------- d-----w- c:\programdata\Malwarebytes Anti-Exploit
2014-07-02 19:51 . 2014-07-02 19:51 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Exploit
2014-07-02 19:32 . 2014-07-02 19:32 -------- dc----w- C:\SUPERDelete
2014-07-02 19:16 . 2014-07-02 19:16 -------- d-----w- c:\users\ali\AppData\Local\Innovative Solutions
2014-07-02 19:16 . 2014-07-02 19:16 -------- d-----w- c:\program files (x86)\Innovative Solutions
2014-07-02 15:18 . 2014-07-02 15:19 -------- d-----w- c:\users\ali\AppData\Local\uGet
2014-07-02 13:21 . 2014-07-02 13:21 -------- d-----w- c:\program files (x86)\VirusTotalUploader2
2014-07-02 13:10 . 2014-07-02 13:20 -------- d-----w- c:\programdata\SecTaskMan
2014-07-02 12:13 . 2014-07-02 12:13 -------- d-----w- c:\users\ali\AppData\Local\Skype
2014-07-02 12:13 . 2014-07-02 12:13 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-07-01 23:43 . 2014-07-01 23:43 -------- d-sh--w- c:\users\ali\AppData\Local\EmieUserList
2014-07-01 23:43 . 2014-07-01 23:43 -------- d-sh--w- c:\users\ali\AppData\Local\EmieSiteList
2014-07-01 21:56 . 2014-07-01 21:56 -------- d-----w- c:\program files\iPod
2014-07-01 21:56 . 2014-07-01 21:57 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-01 21:56 . 2014-07-01 21:57 -------- d-----w- c:\program files\iTunes
2014-07-01 21:56 . 2014-07-01 21:57 -------- d-----w- c:\program files (x86)\iTunes
2014-07-01 21:24 . 2014-07-01 21:24 -------- d-----w- c:\program files (x86)\QuickTime
2014-07-01 21:17 . 2014-07-01 22:00 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-01 21:17 . 2014-07-01 22:00 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-01 20:47 . 2014-07-01 20:47 -------- d-----w- c:\windows\en
2014-07-01 20:46 . 2014-07-01 20:46 -------- d-----w- c:\windows\ar
2014-07-01 20:43 . 2014-07-01 20:43 -------- dc----w- C:\NvidiaLogging
2014-07-01 20:39 . 2013-05-14 19:28 39712 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-07-01 20:38 . 2013-05-14 19:27 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-07-01 20:38 . 2013-05-14 19:27 28448 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-07-01 20:31 . 2014-07-01 20:31 6081224 -c--a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5d3fa3861cf956b0b\onedrivesetup.exe
2014-07-01 19:45 . 2014-07-01 19:45 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-07-01 19:44 . 2014-07-01 19:44 313256 ----a-w- c:\windows\system32\javaws.exe
2014-07-01 19:44 . 2014-07-01 19:44 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-07-01 19:44 . 2014-07-01 19:44 191400 ----a-w- c:\windows\system32\javaw.exe
2014-07-01 19:44 . 2014-07-01 19:44 190888 ----a-w- c:\windows\system32\java.exe
2014-07-01 19:44 . 2014-07-01 19:44 -------- d-----w- c:\program files\Java
2014-07-01 19:08 . 2014-07-02 17:56 -------- d-----w- c:\users\ali\AppData\Local\Adobe
2014-07-01 15:49 . 2014-07-01 15:49 -------- d-----w- c:\users\ali\AppData\Roaming\Oracle
2014-07-01 15:47 . 2014-07-01 15:48 -------- d-----w- c:\programdata\Oracle
2014-07-01 15:46 . 2014-05-07 13:02 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-01 00:39 . 2014-07-01 00:39 -------- d-----w- c:\users\ali\AppData\Roaming\PowerISO
2014-07-01 00:38 . 2014-03-30 06:26 129944 ----a-w- c:\windows\system32\drivers\scdemu.sys
2014-07-01 00:38 . 2014-07-01 00:38 -------- d-----w- c:\program files\PowerISO
2014-06-30 23:24 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-06-30 23:24 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-06-30 22:45 . 2009-07-14 01:39 1402880 -c--a-w- C:\Utilman.exe
2014-06-30 18:41 . 2014-05-30 09:49 48640 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2014-06-30 18:19 . 2014-07-04 01:33 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-30 18:17 . 2014-06-30 18:17 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-06-30 18:17 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-30 18:17 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-30 18:17 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-30 17:47 . 2014-06-30 17:47 -------- d-s---w- c:\windows\system32\CompatTel
2014-06-30 17:37 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-06-30 17:37 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-06-30 17:37 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-06-30 17:37 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-06-30 17:37 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-06-30 15:47 . 2014-06-30 15:47 -------- d-----w- c:\windows\Migration
2014-06-30 15:23 . 2014-06-30 15:23 327168 ----a-w- c:\windows\system32\mswsock.dll
2014-06-30 15:23 . 2014-06-30 15:23 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2014-06-30 13:57 . 2014-05-08 09:32 3178496 ----a-w- c:\windows\system32\rdpcorets.dll
2014-06-30 13:57 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-30 13:53 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-06-30 13:53 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-30 13:51 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2014-06-30 13:50 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2014-06-30 13:50 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2014-06-30 13:50 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2014-06-30 13:50 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2014-06-30 13:50 . 2014-03-25 02:43 14175744 ----a-w- c:\windows\system32\shell32.dll
2014-06-30 13:50 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2014-06-30 13:50 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2014-06-30 13:50 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2014-06-30 13:50 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
2014-06-30 13:48 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2014-06-30 13:48 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-06-30 13:47 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-06-30 13:47 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-06-30 13:45 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2014-06-30 13:45 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2014-06-30 13:45 . 2013-07-03 04:05 76800 ----a-w- c:\windows\system32\drivers\hidclass.sys
2014-06-30 13:45 . 2013-07-03 04:05 32896 ----a-w- c:\windows\system32\drivers\hidparse.sys
2014-06-30 13:42 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-30 13:42 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-30 13:42 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-06-30 13:42 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-06-30 13:42 . 2013-09-28 01:09 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-06-30 13:42 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2014-06-30 13:42 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2014-06-30 13:42 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2014-06-30 13:42 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-06-18 08:47 . 2014-06-09 08:41 180136 ----a-w- c:\windows\system32\drivers\idmwfp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-01 15:17 . 2011-02-04 17:05 95414520 ----a-w- c:\windows\system32\MRT.exe
2012-08-15 09:20 . 2012-08-15 09:20 2174976 ----a-w- c:\program files (x86)\Common Files\atimpenc.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-01 20:31 223432 ----a-w- c:\users\ali\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-01 20:31 223432 ----a-w- c:\users\ali\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-01 20:31 223432 ----a-w- c:\users\ali\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-13 23:00 130736 ----a-w- c:\users\ali\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-13 23:00 130736 ----a-w- c:\users\ali\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-13 23:00 130736 ----a-w- c:\users\ali\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-13 23:00 130736 ----a-w- c:\users\ali\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2012-11-23 307712]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2014-06-17 3837520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes Anti-Exploit"="c:\program files (x86)\Malwarebytes Anti-Exploit\mbae.exe" [2014-06-14 382608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
R3 ERmvrDrv;ESET standalone malware removal tool kernel-mode driver;c:\windows\system32\drivers\ERKRmvrDrv.sys;c:\windows\SYSNATIVE\drivers\ERKRmvrDrv.sys [x]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R3 hzrDrvDmd;Hazard Shield demand driver;c:\program files\Hazard Shield\hzrDriver2.sys;c:\program files\Hazard Shield\hzrDriver2.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 ST330;ST330;c:\windows\system32\DRIVERS\st330.sys;c:\windows\SYSNATIVE\DRIVERS\st330.sys [x]
R3 STBUS;STBUS;c:\windows\system32\DRIVERS\stbus.sys;c:\windows\SYSNATIVE\DRIVERS\stbus.sys [x]
R3 STETH;SpeedTouch Ethernet Adapter NT Driver;c:\windows\system32\DRIVERS\steth.sys;c:\windows\SYSNATIVE\DRIVERS\steth.sys [x]
R3 stppp;Speedtouch PPP Adapter Adapter;c:\windows\system32\DRIVERS\stppp.sys;c:\windows\SYSNATIVE\DRIVERS\stppp.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 BcmBtRSupport;Bluetooth Driver Management Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
R4 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R4 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\645E.tmp;c:\windows\SYSNATIVE\645E.tmp [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
R4 reparse;reparse;c:\windows\system32\DRIVERS\cbreparse.sys;c:\windows\SYSNATIVE\DRIVERS\cbreparse.sys [x]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0105.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys;c:\windows\SYSNATIVE\Drivers\fsbts.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]
S2 MbaeSvc;Malwarebytes Anti-Exploit Service;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
S3 bcbtums;Bluetooth USB LD Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIh.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-01 18:33 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-20 07:31]
.
2014-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-20 07:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-01 20:31 262344 ----a-w- c:\users\ali\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-01 20:31 262344 ----a-w- c:\users\ali\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-01 20:31 262344 ----a-w- c:\users\ali\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 14:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-13 23:00 164016 ----a-w- c:\users\ali\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-13 23:00 164016 ----a-w- c:\users\ali\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-13 23:00 164016 ----a-w- c:\users\ali\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-13 23:00 164016 ----a-w- c:\users\ali\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2014-04-21 10:02 25112 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
TCP: DhcpNameServer = 41.128.225.225 41.128.225.226
TCP: Interfaces\{1DF79A7C-6F29-4AAF-B4FD-772F63ACE586}: NameServer = 208.67.222.123,208.67.220.123,192.168.1.1
TCP: Interfaces\{1DF79A7C-6F29-4AAF-B4FD-772F63ACE586}\353343E4: NameServer = 208.67.222.123,208.67.220.123,192.168.1.1
FF - ProfilePath - c:\users\ali\AppData\Roaming\Mozilla\Firefox\Profiles\y3qdajn6.default-1404230161963\
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{A8D448F4-0431-45AC-9F5E-E1B434AB2249} - c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-{DB3047ED-C2AD-4983-8F03-6AA188B2F4FA}_is1 - c:\program files (x86)\MGC Chat App (BETA)\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\645E.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_139_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_139_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_139_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_139_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_139.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_139.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_139.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_139.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\Internet Download Manager\IEMonitor.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2014-07-04 03:46:21 - machine was rebooted
ComboFix-quarantined-files.txt 2014-07-04 01:46
.
Pre-Run: 57,737,515,008 bytes free
Post-Run: 58,173,026,304 bytes free
.
- - End Of File - - 22EEAC5C19A117BA6AD520F3BB872F31

 

[malis2007]

btw, i face also a problem in "Microsoft Visual Basic 2010 Express - ENU" which is whenever i try to debug i get this error:



i used to play with services long time ago, and sometimes with "Microsoft Visual Basic 2010 Express - ENU's" settings.
tried to reinstall (Microsoft Visual Basic 2010 Express - ENU) and repair it.. but still.

is this related somehow? i would be greatly happy if you could find a solution for me. as i searched and tried a lot of stuff but still :/

 

[Corrine]

Hi, malis2007.

1. Before dealing with Crypto Obfuscator and also because of your concern that there is a trojan on your computer, I'd like you to do an online scan. Normally, I have people I'm helping use the ESET online scan but since you have ESET as your antivirus software, we'll go a different route. (Although, as a side note, I would expect a full system scan with ESET would detect a trojan on your computer.)

Please run a free on line scan with BitDefender Online Scanner

• Click the green Start Scanner button
• Click the green Scan Now button and wait a few seconds until a request appears from Bitdefender
• Accept the plugin installation
• Restart your browser in Administation mode if requested
• Click the green Scan Now button again
• Accept the eula agreement if asked
• The scan should start. It will be relatively quick.
• If anything is found, click View report (Note: this is not the green button - Free download - just click on the words View report under the black button "Get QuickScan for your website")
• Notepad will open with a log
• Save to your desktop
• Copy and paste the report back here

2. I'm not seeing anything that would be causing the mouse to be erratic and doubt there is a trojan on your computer. However, if you're still having problems with the mouse when we're finished here, it would be best to have the hardware experts take a look. You'll need to post in the Hardware forum and provide complete information about the mouse (brand, model, driver information).

3. Sorry, I have never used VB so that too would be best addressed in the Programming forum.