Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

[SYSTEM] constantly trying to create "Ksnapshot.etl"

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

[SYSTEM] constantly trying to create "Ksnapshot.etl"

Unread postby VII07x » January 5th, 2012, 1:01 am

Hello,

I'm new at the forums and while I don't really like to burden others with my computer problems, I'm clueless on what to do about this. :/ I use Comodo Internet Security and have it set up so it notifies about everything that hasn't been previously allowed. I worry a lot about pc security and usually can manage myself..but from some weeks now, comodo warns me that System is trying to create ksnapshot.etl in Windows/system32/WDI. What is this thing? I can't seem to get it off, even though I've tried following some steps of people with the same problem.. Can you guys help me? Hope so! Below is a copy paste of DDS.txt and Attach.txt.

DDS.txt:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by VII at 4:24:56 on 2012-01-05
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.351.2070.18.3326.1581 [GMT 0:00]
.
AV: COMODO Antivirus *Enabled/Updated* {7554F4C5-5EC0-2FC6-8192-8DF831DBED51}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe
C:\Program Files\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\system32\svchost.exe -k bthaudiosvc
c:\hp\HPEZBTN\HPBtnSrv.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\OO Software\Defrag\oodag.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\WINDOWS\System32\Ctxfihlp.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\PeerBlock\peerblock.exe
C:\Program Files\DisplayFusion\DisplayFusion.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Users\VII\Local Settings\Apps\F.lux\flux.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\VII.7\5 - Execute\02 - Exe\Programs\D3DOverrider\D3DOverrider.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\APC\PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\hp\kbd\kbd.exe
C:\Program Files\foobar2000\foobar2000.exe
C:\Users\VII\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\VII\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\VII\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\VII\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\VII\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\VII\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\VII\AppData\Local\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.pt/
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
uURLSearchHooks: H - No File
BHO: Facilitador de Leitor de Link Adobe PDF: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre8\bin\jp2ssv.dll
TB: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [PeerBlock] c:\program files\peerblock\peerblock.exe
uRun: [DisplayFusion] "c:\program files\displayfusion\DisplayFusion.exe"
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [Free Download Manager] c:\program files\free download manager\fdm.exe -autorun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [<NO NAME>]
uRun: [F.lux] "c:\users\vii\local settings\apps\f.lux\flux.exe" /noshow
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [Facebook Update] "c:\users\vii\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [DT HWP] c:\program files\common files\portrait displays\shared\DT_startup.exe -HWP
mRun: [D3DOverrider] "c:\vii.7\5 - execute\02 - exe\programs\d3doverrider\D3DOverriderWrapper.exe" /s
mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun
mRun: [OODefragTray] c:\program files\oo software\defrag\oodtray.exe
mRun: [YouCam Mirage] "c:\program files\cyberlink\youcam\YCMMirage.exe"
mRun: [YouCam Tray] "c:\program files\cyberlink\youcam\YouCamTray.exe" /s
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [NBAgent] "c:\program files\nero\nero 10\nero backitup\NBAgent.exe" /WinStart
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [Start WingMan Profiler] c:\program files\logitech\gaming software\LWEMon.exe /noui
mRun: [Windows Mobile Device Center] c:\windows\windowsmobile\wmdc.exe
mRun: [VolPanel] "c:\program files\creative\sound blaster x-fi\volume panel\VolPanlu.exe" /r
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [RemoteControl9] "c:\program files\cyberlink\powerdvd9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "c:\program files\cyberlink\powerdvd9\language\Language.exe"
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start
mRun: [<NO NAME>]
mRun: [Display] c:\program files\apc\powerchute personal edition\DataCollectionLauncher.exe
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
dRun: [CtxfiReg] CTXFIREG.exe /FAIL1
StartupFolder: c:\users\vii\appdata\roaming\micros~1\windows\startm~1\programs\startup\window~2.lnk - c:\program files\windows calendar\WinCal.exe
StartupFolder: c:\users\vii\appdata\roaming\micros~1\windows\startm~1\programs\startup\window~1.lnk - c:\program files\windows live\mail\wlmail.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\powerchute personal edition\Display.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\vii\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\vii\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: Transferir com FDM - file://c:\program files\free download manager\dllink.htm
IE: Transferir todos com FDM - file://c:\program files\free download manager\dlall.htm
IE: Transferir vídeo com FDM - file://c:\program files\free download manager\dlfvideo.htm
IE: Transferência seleccionada pelo FDM - file://c:\program files\free download manager\dlselected.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
Trusted Zone: comodo.com\secure
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0018-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwar ... /CTPID.cab
TCP: DhcpNameServer = 208.67.222.222 192.168.2.1
TCP: Interfaces\{B127408D-6E88-4FF6-BEED-F7DAF5CC12A4} : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{B127408D-6E88-4FF6-BEED-F7DAF5CC12A4} : DhcpNameServer = 208.67.222.222 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: c:\windows\system32\guard32.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
IFEO: acrord32.exe - "c:\program files\tuneup utilities 2012\TUAutoReactivator32.exe"
IFEO: backitup.exe - "c:\program files\tuneup utilities 2012\TUAutoReactivator32.exe"
IFEO: controller editor.exe - "c:\program files\tuneup utilities 2012\TUAutoReactivator32.exe"
IFEO: driver sweeper.exe - "c:\program files\tuneup utilities 2012\TUAutoReactivator32.exe"
IFEO: driversweeper_3.0.0.exe - "c:\program files\tuneup utilities 2012\TUAutoReactivator32.exe"
.
Note: multiple IFEO entries found. Please refer to Attach.txt
Hosts: 127.0.0.1 http://www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [2011-6-30 19600]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2011-6-30 491816]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2011-6-30 38616]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-12-3 239168]
R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};{22D78859-9CE9-4B77-BF18-AC83E81A9263};c:\program files\hp\dvdplay\000.fcl [2008-6-17 41456]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 176128]
R2 APC Data Service;APC Data Service;c:\program files\apc\powerchute personal edition\dataserv.exe [2011-8-24 21880]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-5-9 21992]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
R2 FontCache;Serviço de Cache de Tipos de Letra do Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2011-8-15 1361288]
R2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe -k bthaudiosvc [2008-1-21 21504]
R2 HPBtnSrv;HP Chasis Button Service;c:\hp\hpezbtn\HPBtnSrv.exe [2008-6-17 198240]
R2 OODefragAgent;O&O Defrag Agent;c:\program files\oo software\defrag\oodag.exe [2010-9-10 2320712]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2012\TuneUpUtilitiesService32.exe [2011-10-20 1479488]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-11-10 8913920]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-11-10 263680]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2010-7-7 198232]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2010-7-7 1353304]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2010-7-7 73816]
R3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys [2010-7-7 1227352]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\drivers\netr73.sys [2008-6-17 493568]
R3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2011-4-25 20080]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2011-10-20 10064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Serviço Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-31 136176]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2011-10-17 82960]
S3 BthAudioHF;Serviço BthAudioHF;c:\windows\system32\drivers\BthAudioHF.sys [2006-11-20 29184]
S3 bthav;Perfil AV do Bluetooth;c:\windows\system32\drivers\bthav.sys [2006-10-11 36352]
S3 BthAvrcp;Perfil AVRCP do Bluetooth;c:\windows\system32\drivers\BthAvrcp.sys [2006-10-11 12800]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\drivers\clwvd.sys [2010-7-28 27632]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\common files\creative labs shared\service\AL6Licensing.exe [2011-5-23 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2011-5-23 79360]
S3 Creative Dolby Digital Live Pack Licensing Service;Creative Dolby Digital Live Pack Licensing Service;c:\program files\common files\creative labs shared\service\DDLLicensing.exe [2011-5-23 79360]
S3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;c:\program files\common files\creative labs shared\service\MT6Licensing.exe [2011-5-23 79360]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2010-7-7 198232]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2010-7-7 1353304]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2010-7-7 73816]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-4-25 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Serviço Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-31 136176]
S3 KORGUMDS;KORG USB-MIDI Driver for Windows;c:\windows\system32\drivers\KORGUMDS.SYS [2011-3-30 24056]
S3 LtcyCfgWDM;PCI Latency Tool Driver Service;c:\windows\system32\drivers\LtcyCfgWDM.sys [2005-12-25 6656]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [2011-6-23 17792]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2010-5-4 503080]
S4 NIHardwareService;NIHardwareService;c:\program files\common files\native instruments\hardware\NIHardwareService.exe [2009-7-17 3576320]
S4 PdiService;Portrait Displays SDK Service;c:\program files\common files\portrait displays\drivers\pdisrvc.exe [2011-4-25 113264]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2012-01-05 02:49:01 -------- d-----w- c:\users\vii\appdata\local\{4BDCF7D0-C86F-4D37-900F-12091A6B93B3}
2012-01-05 02:48:32 -------- d-----w- c:\users\vii\appdata\local\{0BA35038-AD4A-4210-B38E-BEF641E8BF13}
2012-01-04 14:48:27 -------- d-----w- c:\users\vii\appdata\local\{9274022F-2B85-4678-AAF9-26F973E4DD7C}
2012-01-04 14:48:26 -------- d-----w- c:\users\vii\appdata\local\{6712ADA9-A4D7-4BC7-B7A7-BE7FA8E1B823}
2012-01-04 14:48:22 -------- d-----w- c:\users\vii\appdata\local\{31602099-E3FC-4913-91F1-CE39F655489D}
2012-01-04 14:48:20 -------- d-----w- c:\users\vii\appdata\local\{0BFB4D14-FA41-4C28-B68A-54225BF50B5E}
2012-01-04 05:28:18 -------- d-----w- c:\users\vii\appdata\local\Unity
2012-01-03 22:21:49 -------- d-----w- c:\users\vii\appdata\local\{C36AAAB8-BB79-4AD4-A1E3-D4FDEA657A6C}
2012-01-03 22:21:39 -------- d-----w- c:\users\vii\appdata\local\{31A21F04-B84C-4815-802F-14735B14E8D0}
2012-01-03 22:21:34 -------- d-----w- c:\users\vii\appdata\local\{B6E2EBA5-8054-41D3-AEE2-4A3DCC182A0C}
2012-01-03 09:46:57 -------- d-----w- c:\users\vii\appdata\local\{D8219F7A-814B-45BA-B80F-39C1C6534B45}
2012-01-03 09:46:57 -------- d-----w- c:\users\vii\appdata\local\{41B8C3A6-5C09-4756-BCB4-DBB5863285D3}
2012-01-03 09:46:52 -------- d-----w- c:\users\vii\appdata\local\{D4FE9C70-8A7F-4045-9707-B5741D2AC4FC}
2012-01-03 09:46:30 -------- d-----w- c:\users\vii\appdata\local\{6364912E-8F4B-49AC-ABFE-5147CFD6808B}
2012-01-02 20:09:01 -------- d-----w- c:\users\vii\appdata\local\{2B9096DC-417C-452A-977F-E730245A8F72}
2012-01-02 20:07:51 -------- d-----w- c:\users\vii\appdata\local\{FB748359-DFE9-489A-B922-EE79B7996656}
2012-01-02 06:40:53 -------- d-----w- c:\users\vii\appdata\local\{9D321531-ADF3-4A99-8541-DA0C2E0DB95D}
2012-01-02 06:40:25 -------- d-----w- c:\users\vii\appdata\local\{23AEC02C-D641-4820-8DCA-3EFC5F45BCFF}
2012-01-01 17:52:10 -------- d-----w- c:\users\vii\appdata\local\{F8096563-72A2-4BD4-8148-95830155ADDC}
2012-01-01 17:52:09 -------- d-----w- c:\users\vii\appdata\local\{C00B1CB9-B17B-4C77-95BA-D6687175F853}
2012-01-01 17:52:06 -------- d-----w- c:\users\vii\appdata\local\{549AF293-61C8-416A-8460-3D87589651BB}
2012-01-01 17:51:42 -------- d-----w- c:\users\vii\appdata\local\{C230B1AA-F670-49A9-9880-93F97068C956}
2012-01-01 05:09:44 -------- d-----w- c:\users\vii\appdata\local\{D8F04C1A-9F74-487D-81A4-86DFFDB34192}
2012-01-01 05:09:43 -------- d-----w- c:\users\vii\appdata\local\{F98CAE18-0D7B-4994-9490-5E4EAB8663C9}
2012-01-01 05:09:39 -------- d-----w- c:\users\vii\appdata\local\{1190E703-10CA-44BE-A3B5-EA6898E469F3}
2012-01-01 05:09:15 -------- d-----w- c:\users\vii\appdata\local\{2393D083-1986-40AD-A483-9C7F948A0579}
2011-12-31 16:22:39 -------- d-----w- c:\users\vii\appdata\local\{E63F8F69-CDEE-49AE-89D0-269AED94DFE6}
2011-12-31 16:22:38 -------- d-----w- c:\users\vii\appdata\local\{68076020-0349-4AEA-A7CF-7FF14490FCA6}
2011-12-31 16:22:35 -------- d-----w- c:\users\vii\appdata\local\{B801075C-A989-4C6E-8949-90A457657823}
2011-12-31 16:22:19 -------- d-----w- c:\users\vii\appdata\local\{EB32D535-6363-4C33-B883-1BECA352D2AC}
2011-12-31 04:21:53 -------- d-----w- c:\users\vii\appdata\local\{26B30CC5-0CCB-4CD6-9186-DFD422A91A11}
2011-12-31 04:21:24 -------- d-----w- c:\users\vii\appdata\local\{E61DB0F6-D5A7-4903-8D1C-B763215FE941}
2011-12-30 16:21:01 -------- d-----w- c:\users\vii\appdata\local\{19423B1D-5E44-4FCD-8DEB-EF7527901AC1}
2011-12-30 16:21:00 -------- d-----w- c:\users\vii\appdata\local\{6EE60CA9-8A8F-48D7-939B-F2CE10FF868B}
2011-12-30 16:20:57 -------- d-----w- c:\users\vii\appdata\local\{B287A4CE-7055-4E26-A425-F1E750219030}
2011-12-30 16:20:40 -------- d-----w- c:\users\vii\appdata\local\{07968E29-B021-464A-ADB8-F5052D2CDDC6}
2011-12-29 21:57:41 -------- d-----w- c:\users\vii\appdata\local\{B5BA05D2-05E8-4A47-9D3D-6823C4C7C2D3}
2011-12-29 21:57:34 -------- d-----w- c:\users\vii\appdata\local\{8041E527-C3F2-41EB-8531-A7F04C0BD425}
2011-12-29 21:57:26 -------- d-----w- c:\users\vii\appdata\local\{909F3C67-5955-4125-8A82-6249FDD99E88}
2011-12-29 21:56:59 -------- d-----w- c:\users\vii\appdata\local\{1A60A282-825A-4F7D-99BB-33660058B81A}
2011-12-29 01:26:02 -------- d-----w- c:\users\vii\appdata\roaming\Comodo
2011-12-29 01:15:27 691880 ----a-w- c:\windows\system32\CEmLSP.dll.ren_919781
2011-12-28 19:14:21 -------- d-----w- c:\users\vii\appdata\local\Facebook
2011-12-28 17:55:25 -------- d-----w- c:\users\vii\appdata\local\{8D289A58-AB50-489A-8C01-C8DAAF6FD99B}
2011-12-28 17:55:23 -------- d-----w- c:\users\vii\appdata\local\{FC713A63-C9BE-4141-A9D8-E03EE11C6B87}
2011-12-28 17:55:22 -------- d-----w- c:\users\vii\appdata\local\{1E1A668E-E66A-485C-B247-CEA802C0D11F}
2011-12-28 17:55:19 -------- d-----w- c:\users\vii\appdata\local\{AA6BF5F8-0F98-4339-A5EC-2240DD390E52}
2011-12-27 23:11:30 -------- d-----w- c:\users\vii\appdata\local\{2B59C8B0-53EB-48CD-9D1D-A0B9D8A66A80}
2011-12-27 23:11:29 -------- d-----w- c:\users\vii\appdata\local\{5ADDB4E4-3EEB-411D-99FE-3A2C1970AD9E}
2011-12-27 23:11:27 -------- d-----w- c:\users\vii\appdata\local\{BAC53032-B206-43D3-AC13-0121F6B992DF}
2011-12-27 23:11:03 -------- d-----w- c:\users\vii\appdata\local\{01BFAD84-4863-49A6-97A8-663927C20DDD}
2011-12-27 05:34:30 -------- d-----w- c:\users\vii\appdata\local\{6D912D82-5099-412B-9CF5-FA8C02DD9B76}
2011-12-27 05:34:30 -------- d-----w- c:\users\vii\appdata\local\{2BFEA0E9-5953-4229-8E54-F3BEF5615DD2}
2011-12-27 05:34:27 -------- d-----w- c:\users\vii\appdata\local\{E035EBA2-534F-460A-8F9C-9A92ED71BC64}
2011-12-26 17:33:54 -------- d-----w- c:\users\vii\appdata\local\{AB7504F8-93D2-4022-B533-24F0C18D33BA}
2011-12-26 17:33:53 -------- d-----w- c:\users\vii\appdata\local\{CEA66ABF-C56B-4137-9753-332555E0D4B4}
2011-12-26 17:33:50 -------- d-----w- c:\users\vii\appdata\local\{6369C2F9-3B73-4D3C-9E9A-0661C79EFE66}
2011-12-26 17:33:25 -------- d-----w- c:\users\vii\appdata\local\{9217C6B4-C28D-4905-9195-667DD3C1C482}
2011-12-25 21:10:31 -------- d-----w- c:\users\vii\appdata\local\{91960A22-52E8-4CA1-AC57-2861D08486AA}
2011-12-25 21:10:30 -------- d-----w- c:\users\vii\appdata\local\{FF01F5EC-A920-4A5F-9F4C-0AFB1135DD26}
2011-12-25 21:10:27 -------- d-----w- c:\users\vii\appdata\local\{F2F43D0B-17EA-47F4-9288-C538176EEFEE}
2011-12-25 03:22:38 -------- d-----w- c:\users\vii\appdata\local\{108E1293-D5A6-4780-AEBB-49558498FA9B}
2011-12-25 03:22:36 -------- d-----w- c:\users\vii\appdata\local\{4B8CEA38-FC93-432A-9676-14B5341E72E5}
2011-12-25 03:22:34 -------- d-----w- c:\users\vii\appdata\local\{8547F45B-9952-4C30-8B95-C6905E27A02D}
2011-12-24 15:22:03 -------- d-----w- c:\users\vii\appdata\local\{D9186C69-10E2-4B27-AFA0-CEA296C8BA3E}
2011-12-24 15:22:02 -------- d-----w- c:\users\vii\appdata\local\{1533A343-3C79-4D76-A607-718AE84231B1}
2011-12-24 15:21:59 -------- d-----w- c:\users\vii\appdata\local\{2CBF6D05-40A4-4DF1-9912-BBAF91EF450A}
2011-12-24 15:21:32 -------- d-----w- c:\users\vii\appdata\local\{0CB5B8D4-E76F-4AD9-A827-AC1F37B4EE40}
2011-12-24 03:20:56 -------- d-----w- c:\users\vii\appdata\local\{C92007AD-C5B2-427C-896E-0B1267761CA6}
2011-12-23 23:20:53 -------- d-----w- C:\Games
2011-12-23 23:20:27 -------- d-----w- c:\users\vii\appdata\local\Black_Tree_Gaming
2011-12-23 23:20:15 -------- d-----w- c:\program files\Nexus Mod Manager
2011-12-23 15:20:13 -------- d-----w- c:\users\vii\appdata\local\{50FE5623-A318-4907-B28F-491E3B82B4F6}
2011-12-23 15:20:12 -------- d-----w- c:\users\vii\appdata\local\{97585869-C489-4647-BD82-C007BC318986}
2011-12-23 15:20:10 -------- d-----w- c:\users\vii\appdata\local\{6855F580-23F3-4CE3-A63C-820B439F3F26}
2011-12-23 15:19:59 -------- d-----w- c:\users\vii\appdata\local\{2811A642-A372-4010-80AB-EC32F9535D7A}
2011-12-22 23:47:21 -------- d-----w- c:\users\vii\appdata\local\{FC6937CB-9051-4DD1-920F-85132835DB53}
2011-12-22 23:47:19 -------- d-----w- c:\users\vii\appdata\local\{B2C8B88E-7190-4B31-A5D2-3961690A1115}
2011-12-22 23:47:18 -------- d-----w- c:\users\vii\appdata\local\{0849B583-1570-4671-AC14-9310AA98D738}
2011-12-22 11:46:43 -------- d-----w- c:\users\vii\appdata\local\{2796B326-4AB3-4349-BC69-6C8C37C60387}
2011-12-22 11:46:42 -------- d-----w- c:\users\vii\appdata\local\{DEE0A1D2-011A-4BE9-A7C7-EE3548101CC1}
2011-12-22 11:46:39 -------- d-----w- c:\users\vii\appdata\local\{3A44EBE8-369F-4437-8398-FC738E174F9E}
2011-12-22 11:46:34 -------- d-----w- c:\users\vii\appdata\local\{CD70AEF0-8BAC-44B9-A9F4-94EC83FDBDB4}
2011-12-21 23:29:27 -------- d-----w- c:\users\vii\appdata\local\{50FA6EA0-F0FF-42A1-A994-F9395470DE61}
2011-12-21 23:29:26 -------- d-----w- c:\users\vii\appdata\local\{B082EE70-FC16-4391-8AB4-BD2C23FA21B1}
2011-12-21 23:29:24 -------- d-----w- c:\users\vii\appdata\local\{74676AB4-2615-4E4B-BAB4-954C4745A343}
2011-12-21 23:29:00 -------- d-----w- c:\users\vii\appdata\local\{6691B2D2-399A-4A99-9BB3-826130470CA3}
2011-12-21 11:28:36 -------- d-----w- c:\users\vii\appdata\local\{4D57B7E7-CCAE-4EA0-A2E9-FCA157ABD8EE}
2011-12-21 11:28:35 -------- d-----w- c:\users\vii\appdata\local\{2363E753-A875-4D4D-B42B-6BC996CCEDDF}
2011-12-21 11:28:32 -------- d-----w- c:\users\vii\appdata\local\{70AD0CFC-BCB1-4641-947F-1629C18F7737}
2011-12-21 11:28:32 -------- d-----w- c:\users\vii\appdata\local\{138ACB7E-4850-44D0-8E38-A62DA6369AA7}
2011-12-20 21:11:20 -------- d-----w- c:\users\vii\appdata\local\{8F6CDCBF-3D7C-4C94-B550-C95395F84104}
2011-12-20 21:10:54 -------- d-----w- c:\users\vii\appdata\local\{A7CAFC8D-E5C3-4348-856D-00DD863AFD01}
2011-12-20 09:10:36 -------- d-----w- c:\users\vii\appdata\local\{490CCEA0-31D4-4DA8-AA83-47946FA92A74}
2011-12-20 09:10:35 -------- d-----w- c:\users\vii\appdata\local\{95E012DB-689D-43D1-B4A3-17BA2CFBD366}
2011-12-20 09:10:33 -------- d-----w- c:\users\vii\appdata\local\{ECA4C32E-DFA8-4F8D-8C8F-FFFD50D58972}
2011-12-20 09:10:15 -------- d-----w- c:\users\vii\appdata\local\{55DD939D-2EFB-40E9-B068-64276269A683}
2011-12-19 11:13:25 -------- d-----w- c:\users\vii\appdata\local\{67A18CAA-B673-495D-B924-1C745A86EFBA}
2011-12-19 11:13:24 -------- d-----w- c:\users\vii\appdata\local\{1264C363-6ECA-45C4-837C-DE65ECCF2983}
2011-12-19 11:13:22 -------- d-----w- c:\users\vii\appdata\local\{94EEDA58-F21D-4455-AA01-824DADB91DB4}
2011-12-19 11:12:57 -------- d-----w- c:\users\vii\appdata\local\{A025BB65-DCC4-4301-941A-FE64D48D3C68}
2011-12-18 23:12:33 -------- d-----w- c:\users\vii\appdata\local\{F55385C5-A954-4C1F-85D8-9B5F1345D8F1}
2011-12-18 23:11:57 -------- d-----w- c:\users\vii\appdata\local\{6D71B6BA-EB14-40DD-B692-0AFC05621858}
2011-12-18 11:48:45 -------- d-----w- c:\program files\AMD APP
2011-12-18 11:11:34 -------- d-----w- c:\users\vii\appdata\local\{30B38B16-100E-4577-8AF5-028B18AB6CAD}
2011-12-18 11:11:33 -------- d-----w- c:\users\vii\appdata\local\{31123BC3-0276-4B18-B479-8762CFB5915C}
2011-12-18 11:11:09 -------- d-----w- c:\users\vii\appdata\local\{2C8EFA29-DD6E-4A89-88F7-81104CA8D48A}
2011-12-18 11:10:58 -------- d-----w- c:\users\vii\appdata\local\{33D6419C-9110-4C3A-B1DC-2CB5B998F080}
2011-12-17 15:10:10 -------- d-----w- c:\users\vii\appdata\local\{F2891814-F4CA-441A-9455-4DF1D94BC3E9}
2011-12-17 15:10:10 -------- d-----w- c:\users\vii\appdata\local\{4F1CC919-F145-41DB-8B35-B26ED4DA861B}
2011-12-17 15:10:08 -------- d-----w- c:\users\vii\appdata\local\{9653B975-8E3D-422F-865E-02D6176A4CA2}
2011-12-17 15:09:44 -------- d-----w- c:\users\vii\appdata\local\{148E6EC6-CA16-4900-B8FE-4304034A4DE0}
2011-12-16 14:11:53 -------- d-----w- c:\users\vii\appdata\local\{BD19AB19-6D05-4495-BB51-39AAA37BA3C2}
2011-12-16 14:11:27 -------- d-----w- c:\users\vii\appdata\local\{6D3F6DA9-F2D5-41B2-82FB-27C2D342F3E9}
2011-12-16 03:31:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-12-16 03:31:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-12-16 03:31:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-12-16 03:31:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-12-16 03:31:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-12-16 03:31:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-12-16 03:31:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2011-12-16 02:10:58 -------- d-----w- c:\users\vii\appdata\local\{3C3DE980-42E2-453D-A03E-22D67B624576}
2011-12-16 02:10:29 -------- d-----w- c:\users\vii\appdata\local\{F91209A7-4129-4D30-AF49-BF42158A8D71}
2011-12-15 14:10:22 -------- d-----w- c:\users\vii\appdata\local\{8028AFB2-FE15-45D2-BEF7-869C00AD78E0}
2011-12-15 14:10:22 -------- d-----w- c:\users\vii\appdata\local\{3BCD980D-CDAB-474F-ACD7-6E0BE05D55A6}
2011-12-15 14:10:21 -------- d-----w- c:\users\vii\appdata\local\{2173E13A-B818-4A1B-A248-77CDF37937D6}
2011-12-15 14:09:54 -------- d-----w- c:\users\vii\appdata\local\{EE8E3F0C-0994-4654-B6D9-5E862F01DA58}
2011-12-15 02:09:27 -------- d-----w- c:\users\vii\appdata\local\{A6C442A3-569F-4BC0-AC02-C322A6E8F8C1}
2011-12-15 02:09:18 -------- d-----w- c:\users\vii\appdata\local\{E3ABF1E1-21E9-44E6-9BF2-04E69DDDBCFD}
2011-12-15 02:09:08 -------- d-----w- c:\users\vii\appdata\local\{6BCADA7B-D080-419B-8AC1-BFAF07B611A3}
2011-12-15 02:08:34 -------- d-----w- c:\users\vii\appdata\local\{39C7E1DF-28E1-4A01-8ECB-0FBCB89523ED}
2011-12-14 22:28:28 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 22:27:51 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-14 22:27:51 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-14 22:27:48 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 22:27:46 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 22:27:44 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-12-14 22:27:40 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 14:20:23 -------- d-----w- c:\users\vii\appdata\roaming\Malwarebytes
2011-12-14 14:20:18 -------- d-----w- c:\programdata\Malwarebytes
2011-12-14 14:08:06 -------- d-----w- c:\users\vii\appdata\local\{E653AEE9-8406-4ACD-BFD5-1606B9459C39}
2011-12-14 14:08:05 -------- d-----w- c:\users\vii\appdata\local\{C0FB0FC9-5A7F-4D09-A3C6-8F329FA65C52}
2011-12-14 14:08:04 -------- d-----w- c:\users\vii\appdata\local\{E4361680-820C-4400-8B9A-E5C8658B8165}
2011-12-14 14:07:40 -------- d-----w- c:\users\vii\appdata\local\{E62FDD8D-B842-4476-8CDC-98FAC5689EA7}
2011-12-13 20:33:25 -------- d-----w- c:\users\vii\appdata\local\{26224262-D8D7-4E05-A3FD-E3E94B70DC2D}
2011-12-13 20:33:23 -------- d-----w- c:\users\vii\appdata\local\{2DC96A9B-462B-46BC-80DF-6E6736A5ECA2}
2011-12-13 07:28:00 -------- d-----w- c:\users\vii\appdata\local\{A6D22462-84EF-4B55-8738-B639B1FDD0B6}
2011-12-12 19:27:22 -------- d-----w- c:\users\vii\appdata\local\{513A2B58-F378-435E-B68B-E9A078D1641D}
2011-12-12 19:26:56 -------- d-----w- c:\users\vii\appdata\local\{17483A10-E6BD-46E4-AB1A-5EBD091CB7EE}
2011-12-12 19:26:48 -------- d-----w- c:\users\vii\appdata\local\{0B0FB782-4B71-40BA-A847-8699F63FBB6A}
2011-12-12 19:25:43 -------- d-----w- c:\users\vii\appdata\local\{DECEDFB4-0CB4-4847-AD5F-7AF26D7327F4}
2011-12-12 07:25:13 -------- d-----w- c:\users\vii\appdata\local\{FBD635F4-B069-45A0-9AEE-285BE33CA08B}
2011-12-12 07:25:13 -------- d-----w- c:\users\vii\appdata\local\{279EFE88-47D0-4A1C-ADC7-458CF0E8F91F}
2011-12-12 07:25:04 -------- d-----w- c:\users\vii\appdata\local\{BA8ED050-FBC0-4A8C-85CD-354D7AFA74EA}
2011-12-11 20:15:42 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-12-11 20:15:42 21312 ----a-w- c:\windows\system32\authuitu.dll
2011-12-11 20:15:11 -------- d-----w- c:\program files\TuneUp Utilities 2012
2011-12-11 20:14:51 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-11 19:24:34 -------- d-----w- c:\users\vii\appdata\local\{7796B9B2-EBD1-41D7-8596-DA766B6AC423}
2011-12-11 19:24:33 -------- d-----w- c:\users\vii\appdata\local\{7B4B36A9-8FD0-4E5F-82DA-5DF39357AA44}
2011-12-11 19:24:25 -------- d-----w- c:\users\vii\appdata\local\{A2CD50BA-4518-4195-B8DE-AF475D907507}
2011-12-11 19:24:00 -------- d-----w- c:\users\vii\appdata\local\{B1F7422A-A49E-41B9-AAB4-60BBDB80D99F}
2011-12-11 16:58:06 637848 ----a-w- c:\windows\system32\npdeployJava1.dll
2011-12-11 07:23:33 -------- d-----w- c:\users\vii\appdata\local\{F535BB97-96DA-41FA-AD90-6B7549FBA59D}
2011-12-11 07:23:32 -------- d-----w- c:\users\vii\appdata\local\{D83788AC-A6A6-42F8-A0E1-2737C0EBE895}
2011-12-11 07:23:22 -------- d-----w- c:\users\vii\appdata\local\{F53B033F-171F-40A1-BC32-7EA89ABE890B}
2011-12-11 07:23:21 -------- d-----w- c:\users\vii\appdata\local\{85328C5A-FE85-4A05-B11A-90B4B5901B7F}
2011-12-10 15:55:57 -------- d-----w- c:\users\vii\appdata\local\{A60CAA4D-E282-4DC9-9291-4874878E982F}
2011-12-10 15:55:56 -------- d-----w- c:\users\vii\appdata\local\{3EC208C0-A533-4775-ADA8-2649F922506D}
2011-12-10 15:55:46 -------- d-----w- c:\users\vii\appdata\local\{BA23A320-0C07-4305-9B66-D2BA1A6E29E8}
2011-12-10 15:55:19 -------- d-----w- c:\users\vii\appdata\local\{4EC9EBB2-058B-4FAC-BB0E-86CE13BF6DEC}
2011-12-10 03:54:46 -------- d-----w- c:\users\vii\appdata\local\{A68BC4CD-9532-4367-9637-2EC37DD5C29E}
2011-12-10 03:54:45 -------- d-----w- c:\users\vii\appdata\local\{B7795DA1-95E7-445E-B868-0D00F529D36E}
2011-12-10 03:54:35 -------- d-----w- c:\users\vii\appdata\local\{DE08B5CF-9F15-4015-A2DC-850F5479C285}
2011-12-10 03:54:10 -------- d-----w- c:\users\vii\appdata\local\{45AEA7FF-AAB6-4AB6-BB7D-81D58E6687C6}
2011-12-09 15:53:38 -------- d-----w- c:\users\vii\appdata\local\{8926F937-F90F-4928-8505-A94936178E14}
2011-12-09 15:53:35 -------- d-----w- c:\users\vii\appdata\local\{0B41BDA1-E888-4AA7-AEC5-6372EA74BCD4}
2011-12-09 15:53:24 -------- d-----w- c:\users\vii\appdata\local\{7F4F5894-2921-4762-A701-ABE03832A0B0}
2011-12-09 15:53:00 -------- d-----w- c:\users\vii\appdata\local\{D3C82CEC-789D-40D5-A4BA-A5D15D9287B2}
2011-12-09 04:19:54 -------- d-----w- c:\users\vii\appdata\local\Skyrim
2011-12-09 04:09:44 -------- d-----w- c:\program files\The Elder Scrolls V Skyrim
2011-12-09 04:00:59 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll
2011-12-09 03:51:40 -------- d-----w- c:\users\vii\appdata\local\{0063A015-2159-491E-8A50-C35EB0216413}
2011-12-09 03:51:39 -------- d-----w- c:\users\vii\appdata\local\{DAFE8EFC-AC95-4B16-9CFB-2DFCE154151D}
2011-12-09 03:51:30 -------- d-----w- c:\users\vii\appdata\local\{78243561-6150-4CC9-B09B-09FBE517F924}
2011-12-09 03:51:06 -------- d-----w- c:\users\vii\appdata\local\{6F6F509F-975D-4A8C-9244-DFF8CBD52850}
2011-12-08 15:50:40 -------- d-----w- c:\users\vii\appdata\local\{7ABD1C38-EAEC-45D0-9E5A-C9FD3A412025}
2011-12-08 15:50:40 -------- d-----w- c:\users\vii\appdata\local\{36924470-643D-476A-B7E1-049AC4D80E13}
2011-12-08 15:50:33 -------- d-----w- c:\users\vii\appdata\local\{8F0F9307-9983-40B4-811B-C9B40FF1539E}
2011-12-08 15:50:18 -------- d-----w- c:\users\vii\appdata\local\{1D03BFAD-8E51-4AEA-A972-DE3D6D9C9F68}
2011-12-08 03:49:50 -------- d-----w- c:\users\vii\appdata\local\{A833211E-0DBA-4419-91DE-03AF3679C154}
2011-12-08 03:49:48 -------- d-----w- c:\users\vii\appdata\local\{DE8A5473-8B98-47B5-8802-9F4FED4FD8DF}
2011-12-08 03:49:37 -------- d-----w- c:\users\vii\appdata\local\{33ACC73C-F281-4101-914C-71C64D174207}
2011-12-08 03:49:12 -------- d-----w- c:\users\vii\appdata\local\{413FE795-CDAC-498F-874C-87059514E43E}
2011-12-07 15:48:43 -------- d-----w- c:\users\vii\appdata\local\{87C34137-95D9-450A-92C9-44479BAF28F1}
2011-12-07 15:48:42 -------- d-----w- c:\users\vii\appdata\local\{418F710A-295F-4F15-B758-F5CA506D7F95}
2011-12-07 15:48:35 -------- d-----w- c:\users\vii\appdata\local\{295437F2-1D01-47BC-8EB4-F2A952E1B01E}
2011-12-07 15:48:09 -------- d-----w- c:\users\vii\appdata\local\{263D0B94-0431-458A-82F7-797FA7679535}
2011-12-07 03:47:38 -------- d-----w- c:\users\vii\appdata\local\{9A4E0919-C9C8-4B6A-AA7D-853400E8782B}
2011-12-07 03:47:09 -------- d-----w- c:\users\vii\appdata\local\{46EF0EAD-808B-4C1E-A110-BA3A4E78F0FA}
2011-12-06 15:47:03 -------- d-----w- c:\users\vii\appdata\local\{AF1619CD-0643-4E61-BA52-CBA25FAD48AF}
2011-12-06 15:47:02 -------- d-----w- c:\users\vii\appdata\local\{2AAB8DB9-BA3C-4045-B07B-4230FBBBF230}
2011-12-06 15:46:54 -------- d-----w- c:\users\vii\appdata\local\{44AF05E7-06A9-4BFC-BABD-BDD35189F5B9}
2011-12-06 15:46:30 -------- d-----w- c:\users\vii\appdata\local\{A7574952-4A19-404D-85B8-C6F561CEF8B1}
.
==================== Find3M ====================
.
2011-12-19 18:59:04 38616 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-12-19 18:59:03 491816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-12-19 18:59:02 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-12-19 18:58:56 33984 ----a-w- c:\windows\system32\cmdcsr.dll
2011-12-19 18:58:55 301224 ----a-w- c:\windows\system32\guard32.dll
2011-12-11 16:58:00 567184 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-03 17:56:02 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-12-03 13:33:44 428088 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-12-02 12:31:42 19657728 ----a-w- c:\windows\system32\imageres.dll
2011-11-24 21:21:45 118784 ----a-w- c:\windows\dsdxirmv.exe
2011-11-23 22:50:38 338432 ----a-w- c:\windows\system32\REX Shared Library.dll
2011-11-23 22:50:37 406528 ----a-w- c:\windows\system32\ReWire.dll
2011-11-23 20:11:53 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-11-17 07:17:52 24855552 ----a-w- c:\windows\system32\imageres_DELETE1.dll
2011-11-13 16:06:01 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-10 03:44:12 8913920 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-11-10 03:17:10 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-11-10 03:16:56 774656 ----a-w- c:\windows\system32\aticfx32.dll
2011-11-10 03:12:24 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-11-10 03:11:50 417792 ----a-w- c:\windows\system32\atieclxx.exe
2011-11-10 03:11:20 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-11-10 03:10:08 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2011-11-10 03:09:52 360448 ----a-w- c:\windows\system32\atipdlxx.dll
2011-11-10 03:09:40 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-11-10 03:09:32 20992 ----a-w- c:\windows\system32\atimuixx.dll
2011-11-10 03:09:24 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-11-10 03:06:20 6077952 ----a-w- c:\windows\system32\atidxx32.dll
2011-11-10 02:58:20 18996224 ----a-w- c:\windows\system32\atioglxx.dll
2011-11-10 02:40:18 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-11-10 02:34:52 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-11-10 02:34:42 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-11-10 02:33:52 5852672 ----a-w- c:\windows\system32\atiumdag.dll
2011-11-10 02:29:58 11300864 ----a-w- c:\windows\system32\aticaldd.dll
2011-11-10 02:29:46 4200960 ----a-w- c:\windows\system32\atiumdva.dll
2011-11-10 02:18:40 51200 ----a-w- c:\windows\system32\coinst.dll
2011-11-10 02:13:20 348160 ----a-w- c:\windows\system32\atiadlxx.dll
2011-11-10 02:13:04 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-11-10 02:12:52 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-11-10 02:12:20 263680 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-11-10 02:11:46 32256 ----a-w- c:\windows\system32\atiuxpag.dll
2011-11-10 02:11:32 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-11-10 02:11:26 53760 ----a-w- c:\windows\system32\atimpc32.dll
2011-11-10 02:11:26 53760 ----a-w- c:\windows\system32\amdpcom32.dll
2011-11-10 02:11:06 37376 ----a-w- c:\windows\system32\atitmpxx.dll
2011-11-10 02:10:54 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-11-09 22:39:44 59904 ----a-w- c:\windows\system32\OpenVideo.dll
2011-11-09 22:39:32 54784 ----a-w- c:\windows\system32\OVDecode.dll
2011-11-09 22:38:40 14375936 ----a-w- c:\windows\system32\amdocl.dll
2011-11-09 22:37:46 44032 ----a-w- c:\windows\system32\OpenCL.dll
2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-25 21:21:34 56832 ----a-w- c:\windows\system32\OVDecoder.dll
2011-10-24 14:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 14:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-21 20:16:12 1843200 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-10-21 20:15:46 104448 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
2011-10-17 17:40:34 82960 ----a-w- c:\windows\system32\drivers\AtihdLH3.sys
.
============= FINISH: 4:27:26,49 ===============

Attach.txt:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 24-04-2011 15:37:24
System Uptime: 04-01-2012 14:43:49 (14 hours ago)
.
Motherboard: PEGATRON CORPORATION | | Benicia
Processor: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz | CPU 1 | 2500/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 589 GiB total, 187,23 GiB free.
D: is FIXED (NTFS) - 7 GiB total, 0,938 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is Removable
L: is Removable
M: is CDROM ()
N: is CDROM ()
O: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}
Description: AMD High Definition Audio Device
Device ID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1001\5&35AD7564&0&0001
Manufacturer: Advanced Micro Devices
Name: AMD High Definition Audio Device
PNP Device ID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1001\5&35AD7564&0&0001
Service: AtiHDAudioService
.
Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}
Description: Dispositivo de áudio USB
Device ID: USB\VID_03F0&PID_B116&MI_02\7&18C7BE5B&0&0002
Manufacturer: (Áudio USB genérico)
Name: HP Webcam
PNP Device ID: USB\VID_03F0&PID_B116&MI_02\7&18C7BE5B&0&0002
Service: usbaudio
.
Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}
Description: CyberLink WebCam Virtual Driver
Device ID: ROOT\MEDIA\0000
Manufacturer: CyberLink
Name: CyberLink WebCam Virtual Driver
PNP Device ID: ROOT\MEDIA\0000
Service: clwvd
.
Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}
Description: ManyCam Virtual Webcam, WDM Video Capture Driver
Device ID: ROOT\MEDIA\0001
Manufacturer: ManyCam LLC
Name: ManyCam Virtual Webcam, WDM Video Capture Driver
PNP Device ID: ROOT\MEDIA\0001
Service: ManyCam
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Image File Execution Options =============
.
IFEO: acrord32.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: backitup.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: controller editor.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: driver sweeper.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: driversweeper_3.0.0.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: dthtml.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: effectextractor.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: excel.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: googleearth.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: hpeasybackup.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: infopath.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: lcd fix.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: lightscribecontrolpanel.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: lslauncher.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: msaccess.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: msoxmled.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: mspub.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: mspview.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: mstore.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: onenote.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: outlook.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: pdvdlaunchpolicy.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: powerpnt.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: sp50154.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: steam.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: unins000.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: vscontentinstaller.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: vslauncher.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: winword.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: wmdc.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO: youcam.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
7-Zip 9.20
Actualização do Microsoft Office Excel 2007 Help (KB963678)
Actualização do Microsoft Office Powerpoint 2007 Help (KB963669)
Actualização do Microsoft Office Word 2007 Help (KB963665)
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader 8.3.1 - Português
Age of Empires II - The Conquerors - 1.0e Patch
Age of Empires II - The Conquerors - 1.0e Patch FINAL
Age of Mythology
Age of Mythology - The Titans Expansion
AIO_Scan
AMD APP SDK Runtime
AMD Catalyst Install Manager
Apple Application Support
Apple Software Update
Atualização do produto Microsoft Office Excel 2007 Help (KB963678)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)
Atualização do produto Microsoft Office Word 2007 Help (KB963665)
Audiggle
Audiggle version 3.0.0.1
BufferChm
C5200
C5200_Help
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
ccc-utility
CCC Help English
CCleaner
Combined Community Codec Pack 2011-06-26
COMODO Internet Security
Complemento Messenger
Controlo ActiveX do Windows Live Mesh para Ligações Remotas
Copy
CPUID CPU-Z 1.57.1
Creative 3DMIDI Player
Creative ALchemy
Creative Audio Control Panel
Creative Console Launcher
Creative Diagnostics
Creative Media Toolbox 6
Creative Media Toolbox 6 (Shared Components)
Creative MediaSource 5
Creative Software AutoUpdate
Creative Sound Blaster Properties
Creative System Information
Creative WaveStudio 7
CyberLink PowerDVD 9
CyberLink YouCam
D3DX10
DAEMON Tools Lite
daHornet Version 1.34
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DiRT 3
DisplayFusion 3.1.10
Dolby Digital Live Pack
DreamStation DXi2
Driver Sweeper versão 3.0.0
DTS Connect Pack
DVD Play BD
DVD Shrink 3.2
E.Y.E Divine Cybermancy
eReg
eSupportQFolder
F.lux
Fable III
Facebook Video Calling 1.0.0.8953
Fax
Ferramentas de Diagnóstico de Hardware
FL Studio 10
foobar2000 v1.1.10
Fraps (remove only)
Free Download Manager 3.0
Free Studio version 5.3.2
Galeria de Fotografias do Windows Live
GameRanger
Google Chrome
Google Earth
Google Talk Plugin
Google Update Helper
GPBaseService
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
High-Definition Video Playback
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Feedback
HP Display Assistant
HP Easy Setup - Frontend
HP Imaging Device Functions 10.0
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart All-In-One Driver Software 10.0 Rel .2
HP Picasso Media Center Add-In
HP Solution Center 10.0
HP Update
HPProductAssistant
IL Download Manager
Intel(R) Matrix Storage Manager
Java Auto Updater
Java(TM) 8
Junk Mail filter update
L&H TTS3000 British English
LightScribe System Software
Live 8.2
Logitech Gaming Software 5.10
Logitech SetPoint 6.32
LogMeIn Hamachi
ManyCam 2.6.55 (remove only)
Media Player Classic - Home Cinema v1.5.2.3456
Mesh Runtime
Microsoft .NET Framework 3.5 Language Pack SP1 - PTG
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile PTG Language Pack
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended PTG Language Pack
Microsoft Age of Empires II
Microsoft Age of Empires II: The Conquerors Expansion
Microsoft Application Error Reporting
Microsoft AppLocale
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Portuguese (Brazil)) 2007
Microsoft Office Access MUI (Portuguese (Portugal)) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
Microsoft Office Excel MUI (Portuguese (Portugal)) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (Portuguese (Brazil)) 2007
Microsoft Office Groove MUI (Portuguese (Portugal)) 2007
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007
Microsoft Office InfoPath MUI (Portuguese (Portugal)) 2007
Microsoft Office Language Pack 2007 - Portuguese/Português
Microsoft Office O MUI (Portuguese (Portugal)) 2007
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007
Microsoft Office OneNote MUI (Portuguese (Portugal)) 2007
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007
Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Portuguese (Brazil)) 2007
Microsoft Office Proof (Portuguese (Portugal)) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (Portuguese (Brazil)) 2007
Microsoft Office Proofing (Portuguese (Portugal)) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007
Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
Microsoft Office Shared MUI (Portuguese (Portugal)) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office SharePoint Designer MUI (Portuguese (Portugal)) 2007
Microsoft Office Word MUI (Portuguese (Brazil)) 2007
Microsoft Office Word MUI (Portuguese (Portugal)) 2007
Microsoft Office X MUI (Portuguese (Portugal)) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Windows Application Compatibility Database
Microsoft Works
Microsoft WSE 3.0 Runtime
Microsoft Xbox 360 Accessories 1.2
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Microsoft_VC100_CRT_SP1_x86
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
mIRC
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSVCRT Redists
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
Native Instruments Controller Editor
Native Instruments Guitar Rig 4
Native Instruments Service Center
Native Instruments Traktor 2
Nero 10 ClipartPack
Nero 10 Menu TemplatePack 1
Nero 10 Menu TemplatePack 2
Nero 10 Menu TemplatePack 3
Nero 10 Menu TemplatePack Basic
Nero 10 Movie ThemePack 1
Nero 10 Movie ThemePack 2
Nero 10 Movie ThemePack 3
Nero 10 Movie ThemePack 4
Nero 10 Movie ThemePack Basic
Nero 10 PiP EffectPack 1
Nero 10 Sample ImagePack
Nero 10 Sample Videos
Nero 10 Video TransitionPack 1
Nero BackItUp 10
Nero BackItUp 10 Help (CHM)
Nero Burning ROM 10
Nero BurningROM 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero CoverDesigner 10
Nero CoverDesigner 10 Help (CHM)
Nero DiscCopy Gadget 10
Nero DiscCopyGadget 10 Help (CHM)
Nero DiscSpeed 10
Nero DiscSpeed 10 Help (CHM)
Nero Dolby Files 10
Nero Express 10
Nero Express 10 Help (CHM)
Nero InfoTool 10
Nero InfoTool 10 Help (CHM)
Nero MediaHub 10
Nero MediaHub 10 Help (CHM)
Nero Multimedia Suite 10 Platinum HD
Nero Recode 10
Nero Recode 10 Help (CHM)
Nero RescueAgent 10
Nero RescueAgent 10 Help (CHM)
Nero SoundTrax 10
Nero SoundTrax 10 Help (CHM)
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
Nero Vision 10
Nero Vision 10 Help (CHM)
Nero WaveEditor 10
Nero WaveEditor 10 Help (CHM)
neroxml
Nexus Mod Manager
Nokia Connectivity Cable Driver
Nokia Suite
NVIDIA PhysX v8.10.17
O&O Defrag Professional
OpenAL
OpenOffice.org 3.2
Opera 11.10
Pacote de controladores do Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
PanoStandAlone
PC Connectivity Solution
PCSX2 - Playstation 2 Emulator
PDF Settings CS5
PeerBlock 1.1 (r518)
Picasa 3
Pivot Pro Plugin
PowerChute Personal Edition 3.0.0.1
Project64 1.6
PS_AIO_02_ProductContext
PS_AIO_02_Software
PS_AIO_02_Software_Min
Python 2.5
QuickTime
Rapture3D 2.4.9 Game
Reason 5.0.1
Scan
SDK
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile PTG Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile PTG Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Windows Media Encoder (KB2447961)
Segoe UI
Solução avançada de teclado multimédia
SolutionCenter
Sound Blaster X-Fi
SoundFont Bank Manager
Status
Steam
StormGate1 1.0c
The Witcher Enhanced Edition
Toolbox
TrayApp
TuneUp Utilities 2012
TuneUp Utilities Language Pack (en-US)
TweetDeck
Ubisoft Game Launcher
Uninstall 1.0.0.1
Unity Web Player
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Outlook 2007 Junk Email Filter (KB2596560)
Vegas Pro 10.0
Vuze
Vyzex MPK25
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
Windows Mobile Device Center
WinZip 15.0
.
==== End Of File ===========================

Thank you in advance..

Simão
VII07x
Active Member
 
Posts: 3
Joined: December 18th, 2011, 8:10 am
Advertisement
Register to Remove

Re: [SYSTEM] constantly trying to create "Ksnapshot.etl"

Unread postby maxi » January 6th, 2012, 1:29 pm

Hello VII07x,

Welcome to the forum!

My name is maxi and I'll be helping you with any malware problems.

Currently I am working under the guidance of the MRU teachers and everything I post to you, must first be approved by them.
This additional review process can add some extra time to my responses, but I will post back with instructions for you as soon as possible.


Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!"
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your log and will return, as soon as possible, with additional instructions. In the meantime...
Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf, you have any questions or problems, executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Regards maxi
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: [SYSTEM] constantly trying to create "Ksnapshot.etl"

Unread postby VII07x » January 6th, 2012, 8:12 pm

Got it, I've read the rules. Whenever you're ready, I'll follow your instructions!

Thank you!
VII07x
Active Member
 
Posts: 3
Joined: December 18th, 2011, 8:10 am

Re: [SYSTEM] constantly trying to create "Ksnapshot.etl"

Unread postby deltalima » January 8th, 2012, 4:49 pm

The version of Microsoft Office installed on this computer is only available via Volume Licensing and therefore it cannot be installed on a home computer.

Business Use / Business Networked Computer
It appears you are using your computer for business purposes or connecting to a business network.

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why we do not offer help for such computers. Thank you for your understanding.


This topic is now closed.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 279 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware