Author Topic: logs (Read 15826 times)

frantheman7 · « **on:** September 27, 2013, 07:27:05 AM »

Hello everyone,

I got this pop-up happening to me now from justcloud.com,
it pops up and I cant use the site or any site that it pops up on,
it's more like a virus then an ad or a pop-up,
I tried everything I could think of, I even took out my C drive
and put the clone in and I still get the pop-up, it's driving me nuts,
is it possible to get a virus in the bios

I attached a pix of it,

any help would be greatly appreciated,

Thank you all so very much, fran

=========

[recovering disk space, attachment deleted by admin]

frantheman7 · « **Reply #1 on:** September 27, 2013, 12:37:50 PM »

other logs, I couldn't put them in together

[recovering disk space, attachment deleted by admin]

SuperDave · « **Reply #2 on:** September 27, 2013, 01:20:27 PM »

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************

Quote

I even took out my C drive and put the clone in and I still get the pop-up

How did you do this? What do you mean by clone?

Please do not attach your logs unless absolutely necessary. Copy and paste them in your reply(ies)

The Security Check says that your AVG is turned off. Please make sure it's turned on.
Please run MBAM again, make sure all the infections are checked and select "Remove Selected".

Please download Junkware Removal Tool to your desktop.

•Warning! Once the scan is complete JRT will shut down your browser with NO warning.

•Shut down your protection software now to avoid potential conflicts.

•Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

•Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

•The tool will open and start scanning your system.

•Please be patient as this can take a while to complete depending on your system's specifications.

•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

•Copy and Paste the JRT.txt log into your next message.

frantheman7 · « **Reply #3 on:** September 27, 2013, 02:40:40 PM »

When I did the first scans the problem seem to go away but you guy said to go through the whole process
and I have no complaint on how everything is so far, I thank you guys so much.

Frantheman7

PS.
Darn it, I like this program (dll-files.com fixer)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 7 Ultimate x86
Ran by Frantheman7 on Fri 09/27/2013 at 16:19:22.24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BC4C7848-7BA7-4C59-B8D0-E851C0694D1D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C8501DD-5580-48AB-B25C-6D5DBE835A6A}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\diamondata"
Successfully deleted: [Folder] "C:\Program Files\dll-files.com fixer"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 09/27/2013 at 16:25:33.13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

frantheman7 · « **Reply #4 on:** September 27, 2013, 02:57:58 PM »

When I have my pc the way I want it,
then I clone the drive so that, if anything goes wrong,
I could just take out the c drive from my pc and put the cloned drive in,
but this time it didn't work, the virus/pop-ups were on the cloned drive as well.
what does that mean, was the virus in the bios or in one of my other drives
that I have in my pc?

Thank you,

Frantheman7

SuperDave · « **Reply #5 on:** September 28, 2013, 07:01:31 PM »

Yes, it's possible the infections was also on the clone drive.

Download Combofix from any of the links below, and save it to your DESKTOP.
If your version of Windows defaults to you download folder you will need to copy it to your desktop.

Link 1
Link 2
Link 3

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.

Close any open windows and double click ComboFix.exe to run it.

You will see the following image:

Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

frantheman7 · « **Reply #6 on:** September 28, 2013, 09:46:04 PM »

ComboFix 13-09-28.02 - Frantheman7 09/28/2013 22:48:22.1.4 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3063.1641 [GMT -4:00]
Running from: c:\users\Frantheman7\Desktop\ComboFix.exe
AV: AVG Anti-Virus 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Frantheman7\AppData\Local\assembly\tmp
c:\windows\system32\SET7E6.tmp
c:\windows\system32\SETD26.tmp
c:\windows\system32\SETE3C6.tmp
c:\windows\system32\SETEF31.tmp
.
.
((((((((((((((((((((((((( Files Created from 2013-08-28 to 2013-09-29 )))))))))))))))))))))))))))))))
.
.
2013-09-29 02:55 . 2013-09-29 02:55   --------   d-----w-   c:\users\UpdatusUser\AppData\Local\temp
2013-09-29 02:55 . 2013-09-29 02:55   --------   d-----w-   c:\users\Default\AppData\Local\temp
2013-09-28 23:32 . 2013-04-04 18:50   22856   ----a-w-   c:\windows\system32\drivers\mbam.sys
2013-09-28 22:03 . 2013-09-28 22:03   --------   d-----w-   c:\users\Frantheman7\AppData\Roaming\Malwarebytes
2013-09-28 22:03 . 2013-09-28 22:03   --------   d-----w-   c:\programdata\Malwarebytes
2013-09-27 22:55 . 2013-09-27 22:55   --------   d-----w-   c:\programdata\vsosdk
2013-09-27 20:19 . 2013-09-27 20:19   --------   d-----w-   c:\windows\ERUNT
2013-09-26 21:43 . 2013-09-26 21:43   --------   d-----w-   c:\programdata\Malwarebytes-BackupByMalwarebytesPortable
2013-09-26 21:27 . 2013-09-26 21:27   --------   d-----w-   c:\program files\CCleaner
2013-09-26 21:26 . 2013-09-27 12:45   --------   d-----w-   C:\AdwCleaner
2013-09-26 00:29 . 2013-06-09 02:40   15696   ----a-w-   c:\windows\system32\drivers\asdnet.sys
2013-09-25 21:37 . 2013-08-05 01:56   133056   ----a-w-   c:\windows\system32\drivers\ataport.sys
2013-09-25 21:37 . 2012-08-24 17:05   136560   ----a-w-   c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 21:37 . 2012-08-24 17:02   369856   ----a-w-   c:\windows\system32\drivers\cng.sys
2013-09-25 21:37 . 2012-08-24 16:57   247808   ----a-w-   c:\windows\system32\schannel.dll
2013-09-25 21:37 . 2012-08-24 16:56   1039360   ----a-w-   c:\windows\system32\lsasrv.dll
2013-09-25 20:40 . 2013-09-25 20:40   --------   d-----w-   c:\users\Frantheman7\AppData\Roaming\Anvisoft
2013-09-25 20:39 . 2013-09-25 20:39   --------   d-----w-   c:\programdata\Anvisoft
2013-09-25 20:39 . 2012-11-07 07:16   22864   ----a-w-   c:\windows\system32\drivers\asdrs.sys
2013-09-25 20:39 . 2012-11-07 07:16   14160   ----a-w-   c:\windows\system32\drivers\asdws.sys
2013-09-25 20:39 . 2012-11-07 07:16   16208   ----a-w-   c:\windows\system32\drivers\asdrm.sys
2013-09-25 20:39 . 2013-09-26 00:29   --------   d-----w-   c:\program files\Anvisoft
2013-09-05 22:53 . 2013-09-05 22:53   --------   d-----w-   c:\users\Frantheman7\AppData\Roaming\LucasArts
2013-09-05 22:22 . 2013-09-05 22:22   --------   d-----w-   c:\program files\LucasArts
2013-09-05 22:05 . 2013-09-05 22:05   --------   d-----w-   c:\users\Frantheman7\AppData\Local\EMU
2013-09-05 22:04 . 2013-09-05 22:05   --------   d-----w-   c:\users\Frantheman7\AppData\Local\PAYDAY 2
2013-09-05 21:53 . 2013-09-05 22:03   --------   d-----w-   c:\program files\PAYDAY 2
2013-09-05 01:51 . 2013-09-25 22:59   --------   d-----w-   C:\Mp3tag v2.45
2013-09-05 00:08 . 2013-09-05 00:08   --------   d-----w-   c:\program files\TagRename
2013-09-04 23:35 . 2013-09-04 23:35   --------   d-----w-   c:\users\Frantheman7\AppData\Roaming\ABF software
2013-09-04 03:31 . 2013-09-25 22:59   --------   d-----w-   c:\program files\A123 All to mp3 Converter
2013-09-03 20:52 . 2013-09-03 20:52   --------   d-----w-   c:\program files\Foxit Software
2013-09-03 04:40 . 2013-09-03 04:40   --------   d-----w-   c:\programdata\RealNetworks
2013-09-03 04:40 . 2013-09-03 04:40   --------   d-----w-   c:\program files\Common Files\xing shared
2013-09-02 10:08 . 2013-09-03 04:40   --------   d-----w-   c:\program files\Real
2013-09-02 08:37 . 2013-09-02 08:52   --------   d-----w-   c:\program files\Common Files\Real
2013-09-02 05:14 . 2013-09-02 05:14   --------   d-----w-   c:\program files\Tomato
2013-09-02 05:14 . 2008-07-03 18:26   6294528   ----a-w-   c:\windows\system32\MediaIO1.dll
2013-08-31 00:20 . 2013-09-01 02:19   --------   d-----w-   c:\programdata\WindSolutions
2013-08-31 00:19 . 2013-08-31 00:19   --------   d-----w-   c:\users\Frantheman7\AppData\Roaming\WindSolutions
2013-08-30 19:25 . 2013-08-30 19:25   --------   d-----w-   c:\program files\MP3TagEditor
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-25 23:29 . 2013-06-23 17:40   71048   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-25 23:29 . 2013-06-23 17:40   692616   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2013-09-18 02:23 . 2013-06-23 15:27   53024   ----a-w-   c:\windows\system32\OpenCL.dll
2013-09-18 02:23 . 2013-06-23 19:33   13628208   ----a-w-   c:\windows\system32\nvwgf2um.dll
2013-09-18 02:23 . 2013-06-23 15:26   1222824   ----a-w-   c:\windows\system32\nvumdshim.dll
2013-09-18 02:23 . 2013-06-23 15:26   12947360   ----a-w-   c:\windows\system32\nvd3dum.dll
2013-09-18 02:23 . 2013-06-23 15:26   2630304   ----a-w-   c:\windows\system32\nvapi.dll
2013-09-12 06:28 . 2013-06-23 15:27   4265760   ----a-w-   c:\windows\system32\nvcpl.dll
2013-09-12 06:28 . 2013-06-23 15:27   3006240   ----a-w-   c:\windows\system32\nvsvc.dll
2013-09-12 06:28 . 2013-06-23 15:27   662816   ----a-w-   c:\windows\system32\nvvsvc.exe
2013-09-12 06:28 . 2013-06-23 15:27   62752   ----a-w-   c:\windows\system32\nvshext.dll
2013-09-12 06:28 . 2013-06-23 15:27   2555168   ----a-w-   c:\windows\system32\nvsvcr.dll
2013-09-12 06:28 . 2013-06-23 15:27   209184   ----a-w-   c:\windows\system32\nvmctray.dll
2013-09-03 04:39 . 2013-06-23 15:33   348160   ----a-w-   c:\windows\system32\msvcr71.dll
2013-09-03 04:39 . 2013-06-23 15:33   499712   ----a-w-   c:\windows\system32\msvcp71.dll
2013-08-24 01:18 . 2013-08-24 01:18   15453832   ----a-w-   c:\windows\system32\xlive.dll
2013-08-20 11:36 . 2013-08-20 11:36   1873752   ----a-w-   c:\windows\system32\auto_reactivate.exe
2013-08-19 04:57 . 2007-04-27 14:43   120200   ----a-w-   c:\windows\system32\DLLDEV32i.dll
2013-07-28 04:37 . 2013-07-28 04:37   131072   ----a-r-   c:\users\Frantheman7\AppData\Roaming\Microsoft\Installer\{8180DC57-B9CC-4C0C-8334-B357B67BCF6B}\VideoConverter5_St_B7EA6CF0C721446799BC56B5F772EFE9.exe
2013-07-28 03:31 . 2013-07-05 21:45   81920   ----a-r-   c:\users\Frantheman7\AppData\Roaming\Microsoft\Installer\{95B7C0F4-7434-4DFB-B900-201BFC00C00B}\NewShortcut41_254AB2CD520A4C819BDF86ADC896D541.exe
2013-07-28 03:31 . 2013-07-05 21:45   81920   ----a-r-   c:\users\Frantheman7\AppData\Roaming\Microsoft\Installer\{95B7C0F4-7434-4DFB-B900-201BFC00C00B}\NewShortcut4_1A0B109781684C62B2EB05F675FBA899.exe
2013-07-28 03:31 . 2013-07-05 21:45   131072   ----a-r-   c:\users\Frantheman7\AppData\Roaming\Microsoft\Installer\{95B7C0F4-7434-4DFB-B900-201BFC00C00B}\NewShortcut5_53A455E88AFE48C5A618B7DA9F7EFF69.exe
2013-07-28 02:56 . 2013-07-28 02:56   53248   ----a-r-   c:\users\Frantheman7\AppData\Roaming\Microsoft\Installer\{3A9527CF-4E91-4683-A03F-F1AD022126E5}\ARPPRODUCTICON.exe
2013-07-27 04:06 . 2013-07-27 04:06   163232   ----a-w-   c:\windows\system32\drivers\afcdp.sys
2013-07-27 04:05 . 2013-07-27 04:05   752128   ----a-w-   c:\windows\system32\drivers\tdrpm273.sys
2013-07-27 04:05 . 2013-07-27 04:05   600928   ----a-w-   c:\windows\system32\drivers\timntr.sys
2013-07-27 04:05 . 2013-07-27 04:05   170464   ----a-w-   c:\windows\system32\drivers\snapman.sys
2013-07-25 08:57 . 2013-08-15 02:50   1620992   ----a-w-   c:\windows\system32\WMVDECOD.DLL
2013-07-24 21:53 . 2013-07-24 21:53   722416   ----a-w-   c:\windows\system32\drivers\sptd.sys
2013-07-19 01:41 . 2013-08-15 02:50   2048   ----a-w-   c:\windows\system32\tzres.dll
2013-07-19 00:17 . 2013-07-10 04:15   47360   ----a-w-   c:\users\Frantheman7\AppData\Roaming\pcouffin.sys
2013-07-12 01:25 . 2013-07-12 01:25   745472   ----a-w-   c:\windows\system32\MsSpellCheckingFacility.exe
2013-07-12 01:25 . 2013-07-12 01:25   523264   ----a-w-   c:\windows\system32\vbscript.dll
2013-07-12 01:25 . 2013-07-12 01:25   185344   ----a-w-   c:\windows\system32\elshyph.dll
2013-07-12 01:25 . 2013-07-12 01:25   158720   ----a-w-   c:\windows\system32\msls31.dll
2013-07-12 01:25 . 2013-07-12 01:25   150528   ----a-w-   c:\windows\system32\iexpress.exe
2013-07-12 01:25 . 2013-07-12 01:25   138752   ----a-w-   c:\windows\system32\wextract.exe
2013-07-12 01:25 . 2013-07-12 01:25   137216   ----a-w-   c:\windows\system32\ieUnatt.exe
2013-07-12 01:25 . 2013-07-12 01:25   73728   ----a-w-   c:\windows\system32\SetIEInstalledDate.exe
2013-07-12 01:25 . 2013-07-12 01:25   48640   ----a-w-   c:\windows\system32\mshtmler.dll
2013-07-12 01:25 . 2013-07-12 01:25   38400   ----a-w-   c:\windows\system32\imgutil.dll
2013-07-12 01:25 . 2013-07-12 01:25   12800   ----a-w-   c:\windows\system32\mshta.exe
2013-07-12 01:25 . 2013-07-12 01:25   110592   ----a-w-   c:\windows\system32\IEAdvpack.dll
2013-07-12 01:25 . 2013-07-12 01:25   719360   ----a-w-   c:\windows\system32\mshtmlmedia.dll
2013-07-12 01:25 . 2013-07-12 01:25   61952   ----a-w-   c:\windows\system32\tdc.ocx
2013-07-12 01:25 . 2013-07-12 01:25   361984   ----a-w-   c:\windows\system32\html.iec
2013-07-12 01:25 . 2013-07-12 01:25   23040   ----a-w-   c:\windows\system32\licmgr10.dll
2013-07-12 01:25 . 2013-07-12 01:25   1441280   ----a-w-   c:\windows\system32\inetcpl.cpl
2013-07-09 05:03 . 2013-08-15 02:50   3913664   ----a-w-   c:\windows\system32\ntoskrnl.exe
2013-07-09 05:03 . 2013-08-15 02:50   3968960   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2013-07-09 04:53 . 2013-08-15 02:50   1289096   ----a-w-   c:\windows\system32\ntdll.dll
2013-07-09 04:52 . 2013-08-15 02:50   175104   ----a-w-   c:\windows\system32\wintrust.dll
2013-07-09 04:50 . 2013-08-15 02:50   652800   ----a-w-   c:\windows\system32\rpcrt4.dll
2013-07-09 04:46 . 2013-08-15 02:50   140288   ----a-w-   c:\windows\system32\cryptsvc.dll
2013-07-09 04:46 . 2013-08-15 02:50   1166848   ----a-w-   c:\windows\system32\crypt32.dll
2013-07-09 04:46 . 2013-08-15 02:50   103936   ----a-w-   c:\windows\system32\cryptnet.dll
2013-07-06 05:05 . 2013-08-15 02:50   1293760   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2013-07-05 01:25 . 2013-07-05 01:25   9728   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25   5632   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25   4096   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25   3072   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25   5632   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25   3584   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25   3072   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25   2560   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25   10752   ---ha-w-   c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-05 01:25 . 2013-07-05 01:25   1158144   ----a-w-   c:\windows\system32\XpsPrint.dll
2013-07-05 01:25 . 2013-07-05 01:25   364544   ----a-w-   c:\windows\system32\XpsGdiConverter.dll
2013-07-05 01:25 . 2013-07-05 01:25   2284544   ----a-w-   c:\windows\system32\msmpeg2vdec.dll
2013-07-05 01:25 . 2013-07-05 01:25   417792   ----a-w-   c:\windows\system32\WMPhoto.dll
2013-07-05 01:25 . 2013-07-05 01:25   906240   ----a-w-   c:\windows\system32\FntCache.dll
2013-07-05 01:25 . 2013-07-05 01:25   220160   ----a-w-   c:\windows\system32\d3d10core.dll
2013-07-05 01:25 . 2013-07-05 01:25   1080832   ----a-w-   c:\windows\system32\d3d10.dll
2013-07-05 01:25 . 2013-07-05 01:25   207872   ----a-w-   c:\windows\system32\WindowsCodecsExt.dll
2013-07-05 01:25 . 2013-07-05 01:25   249856   ----a-w-   c:\windows\system32\d3d10_1core.dll
2013-07-05 01:25 . 2013-07-05 01:25   161792   ----a-w-   c:\windows\system32\d3d10_1.dll
2013-07-05 01:25 . 2013-07-05 01:25   604160   ----a-w-   c:\windows\system32\d3d10level9.dll
2013-07-05 01:25 . 2013-07-05 01:24   3419136   ----a-w-   c:\windows\system32\d2d1.dll
2013-07-05 01:24 . 2013-07-05 01:24   1988096   ----a-w-   c:\windows\system32\d3d10warp.dll
2013-07-05 01:24 . 2013-07-05 01:24   293376   ----a-w-   c:\windows\system32\dxgi.dll
2013-07-05 01:24 . 2013-07-05 01:24   187392   ----a-w-   c:\windows\system32\UIAnimation.dll
2008-02-06 04:44 . 2013-07-28 13:47   200704   ----a-w-   c:\program files\BorisFXUI.fex
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TextAloud3"="c:\program files\TextAloud\TextAloudMP3.exe" [2011-02-14 3732480]
"BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2013-06-23 4771184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDEAL Calendar"="c:\program files\IDEAL Calendar\Calendar.exe" [2005-06-17 593920]
"mylbx"="c:\program files\My Lockbox\mylbx.exe" [2012-07-25 2211688]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-08-16 152392]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2013-09-03 295512]
"Anvi Smart Defender"="c:\program files\Anvisoft\Anvi Smart Defender\ASDTray.exe" [2013-08-12 1635048]
"Anvi AD Blocker"="c:\program files\Anvisoft\Anvi AD Blocker\ADBlockerTray.exe" [2013-06-14 1256144]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-06-26 280576]
.
c:\users\Frantheman7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ShellFolderFix.lnk - c:\program files\ShellFolderFix\ShellFolderFixUI.exe /autostart [2013-6-23 1819648]
TimeLeft.lnk - c:\program files\TimeLeft3\TimeLeft.exe [2013-6-23 2374832]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Snagit 11.lnk - c:\program files\TechSmith\Snagit 11\Snagit32.exe [2013-5-29 9479536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ     autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart\0auto_reactivate c:\bootwiz\asrm.bin
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snagit 11.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 11.lnk
backup=c:\windows\pss\Snagit 11.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Frantheman7^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^create-restore.vbs]
path=c:\users\Frantheman7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\create-restore.vbs
backup=c:\windows\pss\create-restore.vbs.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2010-08-21 10:16   390712   ----a-w-   c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-04-24 03:21   203928   ----a-w-   c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-22 01:43   59720   ----a-w-   c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-03-18 15:19   207360   ----a-w-   c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-01-21 21:22   91520   ----a-w-   c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
2013-06-23 18:01   4771184   ----a-w-   c:\program files\BitTorrent\BitTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPMonitor]
2011-07-08 16:31   84464   ----a-w-   c:\program files\Roxio 2012\5.0\CPMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool]
2011-06-12 23:07   506352   ----a-w-   c:\program files\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUs Tray]
2012-03-15 13:34   744584   ----a-w-   c:\program files\EaseUS\Todo Backup\bin\TrayNotify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUs Watch]
2011-12-23 03:09   70792   ----a-w-   c:\program files\EaseUS\Todo Backup\bin\EuWatch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iFunBoxConnector]
2012-11-20 13:03   812544   ----a-w-   c:\ifunbox.win\ifb_conn.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2010-05-21 17:40   324976   ----a-w-   c:\programdata\FLEXnet\Connect\11\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-08-16 13:07   152392   ----a-w-   c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
2013-05-16 14:44   1012000   ----a-w-   c:\program files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2011-11-15 03:50   312376   ----a-w-   c:\program files\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2011-07-13 11:41   293360   ----a-w-   c:\program files\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAOB Monitor]
2010-08-20 13:18   2536752   ----a-w-   c:\program files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TAForOE Loader]
2010-05-17 12:51   499144   ----a-w-   c:\program files\TextAloud\TAForOELoader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TB]
2011-12-23 03:09   243336   ----a-w-   c:\program files\EaseUS\Todo Backup\bin\XSnapShotTip.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2013-09-03 04:39   295512   ----a-w-   c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2010-08-21 10:15   5459136   ----a-w-   c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 15:07   199752   ----a-w-   c:\progra~1\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2011-07-11 21:47   74752   ----a-w-   c:\program files\Winamp\winampa.exe
.
2;2 CareMon;CareMon;c:\program files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2012-11-02 5174392]
R2 MBAMScheduler;MBAMScheduler;k:\malwarebytes' anti-malware\mbamscheduler.exe

R2 MBAMService;MBAMService;k:\malwarebytes' anti-malware\mbamservice.exe

R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-07-13 340976]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2011-06-14 267568]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 RoxMediaDB13;RoxMediaDB13;c:\program files\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-07-13 1095664]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys

R4 BOTService;BOTService;c:\program files\Roxio\BackOnTrack\Instant Restore\BOTService.exe [2011-07-14 211440]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2011-12-23 50312]
S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [2012-02-08 42120]
S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys [2010-07-22 41912]
S0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\DRIVERS\pssnap.sys [2013-06-14 16504]
S0 SahdIa32;HDD Filter Driver;c:\windows\System32\Drivers\SahdIa32.sys [2011-02-09 21488]
S0 SaibIa32;Volume Filter Driver;c:\windows\System32\Drivers\SaibIa32.sys [2011-02-09 15856]
S0 SI3112r;Silicon Image SiI 3512 SATARaid Controller;c:\windows\system32\DRIVERS\SI3112r.sys [2007-08-29 116264]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2013-07-24 722416]
S0 SysCow;SysCow;c:\windows\system32\drivers\syscow32v.sys [2010-05-23 81904]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2013-07-27 752128]
S1 asdrm;asdrm;c:\windows\system32\DRIVERS\asdrm.sys [2012-11-07 16208]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2012-11-08 250080]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2013-04-11 302368]
S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2011-12-23 17032]
S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys [2011-12-23 187016]
S1 SaibVd32;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVd32.sys [2011-02-09 25584]
S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files\Roxio\BackOnTrack\App\SaibSVC.exe [2011-02-09 457200]
S2 AdblockerSrv;Adblocker Monitor Service;c:\program files\Anvisoft\Anvi AD Blocker\ADBlockerSrv.exe [2013-06-14 314064]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2013-07-27 3975088]
S2 asdnet;Adblocker Monitor Driver;c:\windows\system32\DRIVERS\asdnet.sys [2013-06-09 15696]
S2 asdrs;AntiMalware Host-based Intrusion Prevention System;c:\windows\system32\DRIVERS\asdrs.sys [2012-11-07 22864]
S2 asdsrv;Anvi Smart Defender Realtime Guard Service;c:\program files\Anvisoft\Anvi Smart Defender\ASDSrv.exe [2013-08-12 742120]
S2 asdws;AnviSmartDefender Web Guard;c:\windows\system32\DRIVERS\asdws.sys [2012-11-07 14160]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 BOT4Service;BOT4Service;c:\program files\Roxio\BackOnTrack\App\BService.exe [2011-07-15 21488]
S2 EaseUS Agent;EaseUS Agent;c:\program files\EaseUS\Todo Backup\bin\Agent.exe [2011-12-23 61064]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128]
S2 Guard Agent;Guard Agent;c:\program files\EaseUS\Todo Backup\bin\GuardAgent.exe [2011-12-23 23176]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
S2 ReflectService.exe;Reflect Service;c:\program files\Macrium\Reflect\ReflectService.exe [2011-07-25 224920]
S2 supersafer;supersafer;c:\windows\system32\drivers\supersafer.sys [2011-11-15 354176]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2013-07-27 163232]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2012-12-10 142176]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-23 23:29]
.
.
------- Supplementary Scan -------
.
uLocal Page = about:blank
uStart Page = https://www.google.com/
mStart Page = about:blank
mLocal Page = about:blank
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 10.0.0.1
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-iDevice Manager Launcher - c:\program files\Software4u\iDevice Manager\Software4u.IDMLauncher.exe
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe
MSConfigStartUp-SSDMonitor - c:\program files\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
MSConfigStartUp-Winsuite2012 - c:\program files\Spotmau\PowerSuite Golden Edition\Winsuite 2012\Spotmau_WinSuite_TrayIcon.exe
AddRemove-Alcohol 120% - c:\program files\Alcohol Soft\Alcohol 120\uninst.exe
AddRemove-Dll-Files Fixer_is1 - c:\program files\Dll-Files.com Fixer\unins000.exe
AddRemove-FE5AE7DC-7B01-4263-A94C-B4526C276549_is1 - c:\program files\Software4u\iPhone Explorer\unins000.exe
AddRemove-FE5AE7DC-7B01-4263-A94C-B4526C276550_is1 - c:\program files\Software4u\iDevice Manager\unins000.exe
AddRemove-InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354} - c:\program files (x86)\InstallShield Installation Information\{1170D24F-42B7-40CF-AA1B-6395CE562354}\setup.exe
AddRemove-Malwarebytes' Anti-Malware_is1 - k:\malwarebytes' anti-malware\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.032"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.abr"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ani"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.apd"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.arw"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bay"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bmp"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bw"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cr2"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.crw"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cs1"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cur"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcr"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcx"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dib"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.djv"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.djvu"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dng"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.emf"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.eps"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.erf"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.fff"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.fpx"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.gif"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.hdr"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.icl"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.icn"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (S-1-5-21-3602084776-2122628737-1096821462-1001)
@Denied: (2) (LocalSystem)
"Progid"="Winamp.File.iff"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ilbm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.int"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.inta"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.iw4"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.j2c"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.j2k"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jbr"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jfif"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jif"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jp2"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpc"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpe"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpeg"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpg"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpk"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpx"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.kdc"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.lbm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mef"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mos"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mrw"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.nef"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.nrw"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.orf"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pbm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pbr"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pcd"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pct"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pcx"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pef"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pgm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pic"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pict"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pix"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.png"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ppm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.psd"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.psp"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pspbrush"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pspimage"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.raf"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ras"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-3602084776-2122628737-1096821462-1001)
@Denied: (2) (LocalSystem)
"Progid"="Winamp.File.raw"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rgb"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rgba"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rle"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rsb"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rw2"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rwl"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.sgi"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.sr2"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.srf"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tga"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.thm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tif"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tiff"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ttc"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ttf"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30po"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30pp"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30ppf"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wbm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wbmp"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wmf"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xbm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xif"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xmp"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xpm"
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A618B794-1FC0-DF96-E488-F3F993F47E08}*]
"iacigalhndcohfgkle"=hex:69,61,6e,63,64,61,69,6e,68,70,62,65,6a,6a,6a,67,63,68,
00,00
.
[HKEY_USERS\S-1-5-21-3602084776-2122628737-1096821462-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F40CFDDB-794D-95B3-898F-951AD6FDA618}*]
@Allowed: (Read) (RestrictedCode)
"jaiheheihhgacdgjllmj"=hex:69,61,64,6f,6e,62,6d,63,6a,62,70,61,68,68,6f,64,65,
61,00,00
"iagkghpnkgeabcfkeg"=hex:69,61,64,6f,6e,62,6d,63,6a,62,70,61,68,68,6f,64,65,61,
00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-09-28 23:37:26
ComboFix-quarantined-files.txt 2013-09-29 03:37
.
Pre-Run: 1,592,036,151,296 bytes free
Post-Run: 1,591,918,075,904 bytes free
.
- - End Of File - - 79301F9E5BF16F9F8E1A789133A3F2AF
A6760C5F40127D4D36B48ECB8DF3C680

SuperDave · « **Reply #7 on:** September 29, 2013, 07:42:53 PM »

Malwarebytes' Anti-Rootkit

Please download Malwarebytes' Anti-Rootkit and save it to your desktop.

Be sure to print out and follow the instructions provided on that same page for performing a scan.
Caution: This is a beta version so also read the disclaimer and back up all your data before using.
When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
Copy and paste the contents of these two log files in your next reply.

frantheman7 · « **Reply #8 on:** September 29, 2013, 09:13:56 PM »

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1005

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 10.0.9200.16686

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED, G:\ DRIVE_FIXED, H:\ DRIVE_FIXED, I:\ DRIVE_FIXED
CPU speed: 3.209000 GHz
Memory total: 3211845632, free: 1949872128

=======================================
Initializing...
------------ Kernel report ------------
09/29/2013 22:28:35
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\spop.sys
\SystemRoot\System32\Drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\SCSIPORT.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\DRIVERS\SI3112r.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\syscow32v.sys
\SystemRoot\System32\Drivers\FSPFltd.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\DRIVERS\SiWinAcc.sys
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\timntr.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\tdrpm273.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\DRIVERS\snapman.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\SaibIa32.sys
\SystemRoot\System32\Drivers\SahdIa32.sys
\SystemRoot\system32\DRIVERS\pssnap.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\EUBKMON.sys
\SystemRoot\system32\drivers\eubakup.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx86.sys
\SystemRoot\system32\DRIVERS\avgidshx.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\avgmfx86.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\System32\Drivers\SCDEmu.SYS
\SystemRoot\System32\Drivers\SaibVd32.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\??\C:\Windows\system32\drivers\EuFdDisk.sys
\??\C:\Windows\system32\drivers\eudskacs.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\atinavrr.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\BdaSup.SYS
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\drivers\1394ohci.sys
\SystemRoot\system32\DRIVERS\ASACPI.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\System32\Drivers\aolbqerv.SYS
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\DRIVERS\MarvinBus.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda32v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\avgidsshimx.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\??\C:\Windows\system32\drivers\supersafer.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\avgidsfilterx.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\afcdp.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk7\DR7
Upper Device Object: 0xffffffff8a24aa08
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000007d\
Lower Device Object: 0xffffffff86fc1ca8
Lower Device Driver Name: \Driver\USBSTOR\
IRP handler 0 of \Driver\USBSTOR points to an unknown module
Unhooking enabled.
<<<1>>>
Upper Device Name: \Device\Harddisk7\DR7
Upper Device Object: 0xffffffff8a24aa08
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000007d\
Lower Device Object: 0xffffffff86fc1ca8
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
Initialization returned 0x0
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk6\DR6
Upper Device Object: 0xffffffff87fc39c0
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Scsi\SI3112r1Port6Path1Target0Lun0\
Lower Device Object: 0xffffffff8772a030
Lower Device Driver Name: \Driver\SI3112r\
Driver name found: SI3112r
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\scsiport.sys (0x0)
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk5\DR5
Upper Device Object: 0xffffffff87fbf388
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Scsi\SI3112r1Port6Path0Target0Lun0\
Lower Device Object: 0xffffffff8774b030
Lower Device Driver Name: \Driver\SI3112r\
Driver name found: SI3112r
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xffffffff87fbca48
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP5T0L0-6\
Lower Device Object: 0xffffffff87796908
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0)
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xffffffff87fb9030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xffffffff869da908
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xffffffff87fb5238
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T1L0-a\
Lower Device Object: 0xffffffff877aa908
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff87fb2ac8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP3T1L0-9\
Lower Device Object: 0xffffffff877a8908
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff87faf030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP4T0L0-5\
Lower Device Object: 0xffffffff87795030
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
<<<2>>>
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xffffffff87fb5238, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87fb5f00, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xffffffff87fb7bf0, DeviceName: Unknown, DriverName: \Driver\snapman\
DevicePointer: 0xffffffff87fb7020, DeviceName: Unknown, DriverName: \Driver\pssnap\
DevicePointer: 0xffffffff87fb6268, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff87fb6e60, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xffffffff87fb5238, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff87fb58b8, DeviceName: Unknown, DriverName: \Driver\SahdIa32\
DevicePointer: 0xffffffff8774adf0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff877aa908, DeviceName: \Device\Ide\IdeDeviceP2T1L0-a\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\snapman\
Upper DeviceData: 0xffffffffba599990, 0xffffffff87fb5238, 0xffffffff86fff958
Lower DeviceData: 0xffffffffb7591148, 0xffffffff877aa908, 0xffffffff8a207048
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
File user open failed: C:\WINDOWS\SYSTEM32\drivers\sptd.sys (0x00000020)
Done!
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff87faf030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87fb1d10, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xffffffff87fb0c30, DeviceName: Unknown, DriverName: \Driver\snapman\
DevicePointer: 0xffffffff87faf6b8, DeviceName: Unknown, DriverName: \Driver\pssnap\
DevicePointer: 0xffffffff87fb0020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff87fae2e0, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xffffffff87faf030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff87fae5e8, DeviceName: Unknown, DriverName: \Driver\SahdIa32\
DevicePointer: 0xffffffff8771c918, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff87795030, DeviceName: \Device\Ide\IdeDeviceP4T0L0-5\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\snapman\
Upper DeviceData: 0xffffffffb84667f8, 0xffffffff87faf030, 0xffffffff86fd27f0
Lower DeviceData: 0xffffffff8b8e04a8, 0xffffffff87795030, 0xffffffff880d77c0
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 7FF91F8E

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 1131179634
GPT Header CurrentLba = 1 BackupLba 7814037167
GPT Header FirstUsableLba 34 LastUsableLba 7814037134
GPT Header Guid c18e00f2-33cd-411b-9ae6-3de182ab7b2
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 1e94de1063dd4351
Backup GPT header Revision 4123502939 Size 2928656417 CRC 4137579717
Backup GPT header CurrentLba = 5660334723064773328 BackupLba 1362350271902910050
Backup GPT header FirstUsableLba 6973226834606034875 LastUsableLba 17573439183209346517
Backup GPT header Guid ed9b4a9d-b566-738d-695e-8d6b62f6be2d
Backup GPT header Contains 4174773598 partition entries starting at LBA 1730345072154276643
Backup GPT header Partition entry size = 4196269132

GPT header and Backup GPT header have conflicting data

Backup GPT partition header signature doesn't match "EFI PART" magic

Partition 0 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 3b9f36e5-51b5-4e20-a578-93010c8cfe3
FirstLBA 34 Last LBA 262177
Attributes 0
Partition Name Microsoft reserved partition

Partition 1 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID b3e2cd40-3bb2-4fd3-b3ce-71ab972b647
FirstLBA 264192 Last LBA 7814035455
Attributes 0
Partition Name Basic data partition

Disk Size: 4000787030016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff87fb2ac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87fb4be8, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xffffffff87fb3858, DeviceName: Unknown, DriverName: \Driver\snapman\
DevicePointer: 0xffffffff87fb2508, DeviceName: Unknown, DriverName: \Driver\pssnap\
DevicePointer: 0xffffffff87fb3d10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff87fb11d0, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xffffffff87fb2ac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff87fb2020, DeviceName: Unknown, DriverName: \Driver\SahdIa32\
DevicePointer: 0xffffffff87714930, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff877a8908, DeviceName: \Device\Ide\IdeDeviceP3T1L0-9\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\snapman\
Upper DeviceData: 0xffffffffa7c177e0, 0xffffffff87fb2ac8, 0xffffffff872076e8
Lower DeviceData: 0xffffffff8ae59ee0, 0xffffffff877a8908, 0xffffffff86fd3cb8
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: CA57B4CE

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 2656096835
GPT Header CurrentLba = 1 BackupLba 7814037167
GPT Header FirstUsableLba 34 LastUsableLba 7814037134
GPT Header Guid 44cd6106-d4ff-4adb-a872-f6b6cc72d7da
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature a8e4c1395f5bb8c
Backup GPT header Revision 2276060340 Size 1638444693 CRC 2869749324
Backup GPT header CurrentLba = 8322690755862217569 BackupLba 11190833256507427763
Backup GPT header FirstUsableLba 12927266865093055876 LastUsableLba 2507379933620959959
Backup GPT header Guid d09cda96-1125-620-415f-d13918e190
Backup GPT header Contains 3970177303 partition entries starting at LBA 11998870038662277322
Backup GPT header Partition entry size = 1974522596

GPT header and Backup GPT header have conflicting data

Backup GPT partition header signature doesn't match "EFI PART" magic

Partition 0 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID e5fb93-222e-49bd-8d91-f806fe4c654
FirstLBA 34 Last LBA 262177
Attributes 0
Partition Name Microsoft reserved partition

Partition 1 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 9fab9d54-3319-4ccf-9f60-2ba383b3edd9
FirstLBA 264192 Last LBA 7814035455
Attributes 0
Partition Name Basic data partition

Disk Size: 4000787030016 bytes
Sector size: 512 bytes

Done!
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: A95E8

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 3907022017
Partition file system is NTFS
Partition is bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 2000398934016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 3, DevicePointer: 0xffffffff87fb9030, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87fbbd10, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xffffffff87fba9b0, DeviceName: Unknown, DriverName: \Driver\snapman\
DevicePointer: 0xffffffff87fbaec8, DeviceName: Unknown, DriverName: \Driver\pssnap\
DevicePointer: 0xffffffff87fba020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff87fb9ea0, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xffffffff87fb9030, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff87fb87f0, DeviceName: Unknown, DriverName: \Driver\SahdIa32\
DevicePointer: 0xffffffff87732a60, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff869da908, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\snapman\
Upper DeviceData: 0xffffffffc2d23c00, 0xffffffff87fb9030, 0xffffffff8721f538
Lower DeviceData: 0xffffffffadda3f58, 0xffffffff869da908, 0xffffffff880ccf08
Drive 3
Scanning MBR on drive 3...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: D56A0ABD

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 830545676
GPT Header CurrentLba = 1 BackupLba 7814037167
GPT Header FirstUsableLba 34 LastUsableLba 7814037134
GPT Header Guid 6c29a018-a817-4993-95c9-dc1376295262
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 70d82cd86afc823
Backup GPT header Revision 2382923352 Size 3290566820 CRC 1695269861
Backup GPT header CurrentLba = 12327680810419122754 BackupLba 17393688557779241636
Backup GPT header FirstUsableLba 72058682438194453 LastUsableLba 14502316600427913142
Backup GPT header Guid bf5d614-5183-43a4-576c-443fa98d2ad3
Backup GPT header Contains 3941242945 partition entries starting at LBA 9033416481053252404
Backup GPT header Partition entry size = 1191669972

GPT header and Backup GPT header have conflicting data

Backup GPT partition header signature doesn't match "EFI PART" magic

Partition 0 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 40a5daa1-14c-11e3-90b5-e0cb4e64981f
FirstLBA 34 Last LBA 262177
Attributes 0
Partition Name Microsoft reserved partition

Partition 1 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 1c9437b7-1dad-4d09-a256-7f6f6fc03538
FirstLBA 264192 Last LBA 7814035455
Attributes 0
Partition Name Basic data partition

Disk Size: 4000787030016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 4, DevicePointer: 0xffffffff87fbca48, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87fbe9e0, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xffffffff87fbd650, DeviceName: Unknown, DriverName: \Driver\snapman\
DevicePointer: 0xffffffff87fbdb28, DeviceName: Unknown, DriverName: \Driver\pssnap\
DevicePointer: 0xffffffff87fbdc80, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff87fbc918, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xffffffff87fbca48, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff87fbc020, DeviceName: Unknown, DriverName: \Driver\SahdIa32\
DevicePointer: 0xffffffff87750338, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff87796908, DeviceName: \Device\Ide\IdeDeviceP5T0L0-6\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\snapman\
Upper DeviceData: 0xffffffffc2c176f0, 0xffffffff87fbca48, 0xffffffff8811d048
Lower DeviceData: 0xffffffffc2de47f8, 0xffffffff87796908, 0xffffffff8a27f620
Drive 4
Scanning MBR on drive 4...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: C65CA51

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 4075435894
GPT Header CurrentLba = 1 BackupLba 7814037167
GPT Header FirstUsableLba 34 LastUsableLba 7814037134
GPT Header Guid 825ea4f6-dc3a-4970-9cf4-d1d2dcf77cea
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 00000000
Backup GPT header Revision 0 Size 0 CRC 0
Backup GPT header CurrentLba = 0 BackupLba 0
Backup GPT header FirstUsableLba 0 LastUsableLba 0
Backup GPT header Guid 0-0-0-00-000000
Backup GPT header Contains 0 partition entries starting at LBA 0
Backup GPT header Partition entry size = 0

GPT header and Backup GPT header have conflicting data

Backup GPT partition header signature doesn't match "EFI PART" magic

Partition 0 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 2e77ccda-3043-4bbb-9429-675fa8d76ac
FirstLBA 34 Last LBA 262177
Attributes 0
Partition Name Microsoft reserved partition

Partition 1 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID c505b136-2169-446f-9755-de6dfe116a3e
FirstLBA 264192 Last LBA 7814035455
Attributes 0
Partition Name Basic data partition

Disk Size: 4000787030016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 5, DevicePointer: 0xffffffff87fbf388, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87fc1258, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xffffffff87fc1ec0, DeviceName: Unknown, DriverName: \Driver\snapman\
DevicePointer: 0xffffffff87fc04a8, DeviceName: Unknown, DriverName: \Driver\pssnap\
DevicePointer: 0xffffffff87fc0600, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff87fc0020, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xffffffff87fbf388, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff87fbf8e0, DeviceName: Unknown, DriverName: \Driver\SahdIa32\
DevicePointer: 0xffffffff8774b030, DeviceName: \Device\Scsi\SI3112r1Port6Path0Target0Lun0\, DriverName: \Driver\SI3112r\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\snapman\
Upper DeviceData: 0xffffffffa9eee138, 0xffffffff87fbf388, 0xffffffff8a174ac8
Lower DeviceData: 0xffffffff8b8e4100, 0xffffffff8774b030, 0xffffffff86f07f08
Drive 5
Scanning MBR on drive 5...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 4CD37BC3

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 3993837388
GPT Header CurrentLba = 1 BackupLba 7814037167
GPT Header FirstUsableLba 34 LastUsableLba 7814037134
GPT Header Guid eb1d885e-ce32-428b-84c1-edcf24fc1b24
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature bb5466567f2c2018
Backup GPT header Revision 453935873 Size 2912304164 CRC 1609228926
Backup GPT header CurrentLba = 7035058731877636490 BackupLba 3032709793171417436
Backup GPT header FirstUsableLba 1315812844752764187 LastUsableLba 13440163567150611475
Backup GPT header Guid 5ca6cde8-a13-4238-a01e-3e96fb6dfc5
Backup GPT header Contains 3267562096 partition entries starting at LBA 14241410710707491121
Backup GPT header Partition entry size = 2858871008

GPT header and Backup GPT header have conflicting data

Backup GPT partition header signature doesn't match "EFI PART" magic

Partition 0 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID edd56019-fc04-4b6a-84d-6139de2c5ea
FirstLBA 34 Last LBA 262177
Attributes 0
Partition Name Microsoft reserved partition

Partition 1 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 904fd85c-be23-463b-8444-d37054de19a1
FirstLBA 264192 Last LBA 7814035455
Attributes 0
Partition Name Basic data partition

Disk Size: 4000787030016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 6, DevicePointer: 0xffffffff87fc39c0, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87fc58b8, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xffffffff87fc42f8, DeviceName: Unknown, DriverName: \Driver\snapman\
DevicePointer: 0xffffffff87fc47f8, DeviceName: Unknown, DriverName: \Driver\pssnap\
DevicePointer: 0xffffffff87fc4978, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff87fc3598, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xffffffff87fc39c0, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff87fc23d8, DeviceName: Unknown, DriverName: \Driver\SahdIa32\
DevicePointer: 0xffffffff8772a030, DeviceName: \Device\Scsi\SI3112r1Port6Path1Target0Lun0\, DriverName: \Driver\SI3112r\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\snapman\
Upper DeviceData: 0xffffffffadd9f058, 0xffffffff87fc39c0, 0xffffffff8a170418
Lower DeviceData: 0xffffffff8ae6ac38, 0xffffffff8772a030, 0xffffffff86f1d630
Drive 6
Scanning MBR on drive 6...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 266BBF05

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 6397432
GPT Header CurrentLba = 1 BackupLba 7814037167
GPT Header FirstUsableLba 34 LastUsableLba 7814037134
GPT Header Guid 98a3138e-11c4-4e18-a29d-72c7de9f299f
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature c6cae1682dce445
Backup GPT header Revision 2630401500 Size 3904783216 CRC 1177580804
Backup GPT header CurrentLba = 1683402442549235793 BackupLba 17501486350076372557
Backup GPT header FirstUsableLba 6907700306868687958 LastUsableLba 15868202527755939157
Backup GPT header Guid 7bafd0e0-e282-be61-95b2-cf571ab93c47
Backup GPT header Contains 2953864081 partition entries starting at LBA 15171630345738561171
Backup GPT header Partition entry size = 958613009

GPT header and Backup GPT header have conflicting data

Backup GPT partition header signature doesn't match "EFI PART" magic

Partition 0 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 18fb98a-8d4e-4050-828c-8127bb143bb1
FirstLBA 34 Last LBA 262177
Attributes 0
Partition Name Microsoft reserved partition

Partition 1 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID f29ae2e4-860a-43f9-a29a-4dd29d62427e
FirstLBA 264192 Last LBA 7814035455
Attributes 0
Partition Name Basic data partition

Disk Size: 4000787030016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 7, DevicePointer: 0xffffffff8a24aa08, DeviceName: \Device\Harddisk7\DR7\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff89746b28, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xffffffff89753578, DeviceName: Unknown, DriverName: \Driver\snapman\
DevicePointer: 0xffffffff88477758, DeviceName: Unknown, DriverName: \Driver\pssnap\
DevicePointer: 0xffffffff87203d10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff89751b60, DeviceName: Unknown, DriverName: \Driver\tdrpman273\
DevicePointer: 0xffffffff8a24aa08, DeviceName: \Device\Harddisk7\DR7\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86fd3430, DeviceName: Unknown, DriverName: \Driver\SahdIa32\
DevicePointer: 0xffffffff86fc1ca8, DeviceName: \Device\0000007d\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\snapman\
Upper DeviceData: 0xffffffffb253b498, 0xffffffff8a24aa08, 0xffffffff86fdaac8
Lower DeviceData: 0xffffffff8aea6190, 0xffffffff86fc1ca8, 0xffffffff89dc0048
Drive 7
Scanning MBR on drive 7...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C3072E18

Partition information:

Partition 0 type is Other (0xc)
Partition is ACTIVE.
Partition starts at LBA: 32 Numsec = 31703008
Partition file system is FAT32
Partition is not bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 16231956480 bytes
Sector size: 512 bytes

Done!
Read File: File "c:\programdata\avg2012\chjw\1a980f47980f20bd.dat:48a3a634-181a-4731-b7bc-3d0f7bce4203" is sparse (flags = 32768)
Scan finished

frantheman7 · « **Reply #9 on:** September 29, 2013, 09:14:27 PM »

Malwarebytes Anti-Rootkit BETA 1.07.0.1005
www.malwarebytes.org

Database version: v2013.07.26.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16686
Frantheman7 :: FRANTHEMAN7-PC [administrator]

9/29/2013 10:28:38 PM
mbar-log-2013-09-29 (22-28-38).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 255005
Time elapsed: 8 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

SuperDave · « **Reply #10 on:** September 30, 2013, 04:14:45 PM »

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan

•Click the

button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

Click on to download the ESET Smart Installer. Save it to your desktop.
Double click on the icon on your desktop.

•Check

•Click the

button.
•Accept any security warnings from your browser.

Leave the check mark next to Remove found threats.

•Check

•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push

•Push

, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the

button.
•Push

A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

frantheman7 · « **Reply #11 on:** September 30, 2013, 05:58:41 PM »

the links not working,
I tried to run ESET OnlineScanner but it says that this website wants to install the following ad-on
onlineScanner.cab from ESET, spol, sr.o so I hit install and a pop-up saying the web browser needs to resend the info, so I hit retry
and wait but nothing happens.

I also clicked on esetsmartinstaller_enu.exe but again, nothing happens,
do you have a direct link to the scanner?

Thank you, Frantheman7

frantheman7 · « **Reply #12 on:** September 30, 2013, 06:09:52 PM »

sorry, it's working and scanning the pc now

frantheman7 · « **Reply #13 on:** October 01, 2013, 04:42:38 AM »

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK

frantheman7 · « **Reply #14 on:** October 01, 2013, 07:32:26 AM »

2nd log

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK

Computer Hope Forum

News:

Author Topic: logs (Read 15826 times)

frantheman7

logs

frantheman7

Re: logs

SuperDave

Re: logs

frantheman7

Re: logs

frantheman7

Re: logs

SuperDave

Re: logs

frantheman7

Re: logs

SuperDave

Re: logs

frantheman7

Re: logs

frantheman7

Re: logs

SuperDave

Re: logs

frantheman7

Re: logs

frantheman7

Re: logs

frantheman7

Re: logs

frantheman7

Re: logs