Can't open anything!?!

I'm now thinking I may have a virus on my computer although Malwarebytes didn't say so.
When I boot up my computer in normal mode I get an error saying 'Can not update Privitize client.' I googled Privitize Client and it turns out it is a virus of some sort!

Also, I'm no longer getting those error messages when I try to open things. I can't click anything, my computer looks like it's loading somethings (because of the spinning wheel thing) then my whole screen goes a shaded white like when a program stops responding. Then I get a pop-up box from Microsoft Windows saying 'The application is not responding. This program may respond if you wait. Do you want to end this process?'. Uggghggh.
 
Last edited:
Do the following in safe mode.

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.
  • Download this file here :

    Combofix

  • When the page loads click on the blue combofix download link next to the BleepingComputer Mirror.
  • Save the file to your windows desktop. The combofix icon will look like this when it has downloaded to your desktop.

    cf-icon.jpg
  • We are almost ready to start ComboFix, but before we do so, we need to take some preventative measures so that there are no conflicts with other programs when running ComboFix. At this point you should do the following:

  • Close all open Windows including this one.
  • Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix. Instructions on disabling these type of programs can be found here.
    Once these two steps have been completed, double-click on the ComboFix icon found on your desktop. Please note, that once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall. In fact, when ComboFix is running, do not touch your computer at all. The scan could take a while, so please be patient.
  • Please click on I agree on the disclaimer window.
  • ComboFix will now install itself on to your computer. When it is done, a blue screen will appear as shown below.

    cf-preparing.jpg

  • ComboFix is now preparing to run. When it has finished ComboFix will automatically attempt to create a System Restore point so that if any problems occur while using the program you can restore back to your previous configuration. When ComboFix has finished creating the restore point, it will then backup your Windows Registry as shown in the image below.

    erunt.jpg

  • Once the Windows Registry has finished being backed up, ComboFix will attempt to detect if you have the Windows Recovery Console installed. If you already have it installed, you can skip to this section and continue reading. Otherwise you will see the following message as shown below:

    recovery-console-prompt.jpg

  • At the above message box, please click on the Yes button in order for ComboFix to continue. Please follow the steps and instructions given by ComboFix in order to finish the installation of the Recovery Console.
  • Please click on yes in the next window to continue scanning for malware.
  • ComboFix will now disconnect your computer from the Internet, so do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet. When ComboFix has finished it will automatically restore your Internet connection.
  • ComboFix will now start scanning your computer for known infections. This procedure can take some time, so please be patient.
  • While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to their previous settings. You will also see the text in the ComboFix window being updated as it goes through the various stages of its scan. An example of this can be seen below.

    still-scanning-clockchanges.jpg

  • When ComboFix has finished running, you will see a screen stating that it is preparing the log report.
  • This can take a while, so please be patient. If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.
  • When ComboFix has finished, it will automatically close the program and change your clock back to its original format. It will then display the log file automatically for you.
  • Now you just click on the edit menu and click on select all, then click on the edit menu again and click on copy. Then come to the forum in your reply and right click on your mouse and click on paste.


In your next reply please post:
  • The ComboFix log
  • A fresh HiJackThis log
  • An update on how your computer is running
 
ComboFix 13-03-30.01 - Sean 30/03/2013 23:37:55.1.4 - x64 NETWORK
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.61.1033.18.8152.7335 [GMT 11:00]
Running from: d:\sean\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\prefs.js
.
.
((((((((((((((((((((((((( Files Created from 2013-02-28 to 2013-03-30 )))))))))))))))))))))))))))))))
.
.
2013-03-30 12:39 . 2013-03-30 12:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-30 06:58 . 2013-03-31 03:02 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-30 06:58 . 2013-03-30 06:58 -------- d-----w- c:\programdata\Malwarebytes
2013-03-29 04:46 . 2013-03-29 04:46 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-03-29 04:46 . 2013-03-29 04:46 -------- d-----w- c:\program files (x86)\Java
2013-03-28 12:17 . 2013-03-28 12:53 -------- d-----w- c:\program files\Java
2013-03-28 02:37 . 2013-03-28 02:37 -------- d-----w- c:\windows\system32\appmgmt
2013-03-27 04:37 . 2013-03-27 04:37 -------- d-----w- c:\windows\Sun
2013-03-27 04:28 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2A01AE17-98DC-4000-8AA0-0248DC81180F}\mpengine.dll
2013-03-26 02:32 . 2013-03-26 02:32 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2013-03-26 02:32 . 2013-03-26 02:32 -------- d-----w- c:\program files (x86)\Adobe Download Assistant
2013-03-25 22:19 . 2013-03-25 22:19 -------- d-----w- c:\program files (x86)\TabletPlugins
2013-03-25 22:19 . 2012-11-14 22:41 15776 ----a-w- c:\windows\system32\drivers\wacomrouterfilter.sys
2013-03-25 22:19 . 2012-12-03 05:36 81824 ----a-w- c:\windows\system32\drivers\wachidrouter.sys
2013-03-25 22:19 . 2012-12-03 05:36 13728 ----a-w- c:\windows\system32\drivers\hidkmdf.sys
2013-03-25 22:19 . 2012-12-11 02:07 1843584 ----a-w- c:\windows\system32\Wintab32.dll
2013-03-25 22:19 . 2012-12-11 02:07 1981312 ----a-w- c:\windows\system32\Pen_Tablet.dll
2013-03-25 22:19 . 2012-12-11 02:07 1974144 ----a-w- c:\windows\system32\Pen_Touch_Tablet.dll
2013-03-25 22:19 . 2012-12-11 02:07 1840000 ----a-w- c:\windows\system32\WacomMT.dll
2013-03-25 22:19 . 2012-12-11 02:07 1621888 ----a-w- c:\windows\SysWow64\Pen_Touch_Tablet.dll
2013-03-25 22:19 . 2012-12-11 02:07 1509760 ----a-w- c:\windows\SysWow64\Wintab32.dll
2013-03-25 22:19 . 2012-12-11 02:07 1505664 ----a-w- c:\windows\SysWow64\WacomMT.dll
2013-03-25 22:19 . 2012-12-11 02:07 1628544 ----a-w- c:\windows\SysWow64\Pen_Tablet.dll
2013-03-25 22:19 . 2013-03-25 22:19 -------- d-----w- c:\program files\Tablet
2013-03-24 04:48 . 2013-03-24 04:48 -------- d-----w- c:\program files (x86)\Microsoft Expression
2013-03-24 01:51 . 2013-03-24 01:52 -------- d-----w- c:\program files (x86)\Adobe Photoshop CS5
2013-03-23 13:02 . 2013-03-23 13:02 -------- d-----w- C:\IExp1.tmp
2013-03-23 13:02 . 2013-03-24 04:44 -------- d--h--w- c:\windows\msdownld.tmp
2013-03-23 13:02 . 2013-03-23 13:02 -------- d-----w- C:\IExp0.tmp
2013-03-23 13:02 . 2013-03-23 13:02 -------- d-----w- c:\program files (x86)\Windows Media Components
2013-03-23 02:40 . 2013-03-23 02:40 -------- d-----w- c:\programdata\Sony
2013-03-23 02:40 . 2013-03-23 02:40 -------- d-----w- c:\program files\Sony
2013-03-23 02:40 . 2013-03-23 02:40 -------- d-----w- c:\program files (x86)\Sony
2013-03-23 01:59 . 2013-03-23 01:59 -------- d-----w- c:\programdata\SplitMediaLabs
2013-03-23 01:59 . 2013-03-23 01:59 -------- d-----w- c:\program files (x86)\SplitMediaLabs
2013-03-22 23:26 . 2013-03-22 23:26 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-03-22 10:02 . 2013-03-22 10:02 715038 ----a-w- c:\windows\unins000.exe
2013-03-22 10:02 . 2011-12-07 08:37 148992 ----a-w- c:\windows\system32\lagarith.dll
2013-03-22 10:02 . 2011-12-07 08:32 216064 ----a-w- c:\windows\SysWow64\lagarith.dll
2013-03-22 09:01 . 2013-03-22 09:01 -------- d-----w- c:\programdata\Premium
2013-03-22 07:00 . 2013-03-22 07:00 -------- d-----w- c:\windows\system32\SPReview
2013-03-22 07:00 . 2013-03-22 07:00 -------- d-----w- c:\windows\system32\EventProviders
2013-03-22 06:30 . 2013-03-22 06:30 -------- d-----w- c:\program files (x86)\Dxtory Software
2013-03-22 06:30 . 2011-05-23 12:29 3673600 ----a-w- c:\windows\system32\DxtoryCodec64.dll
2013-03-22 06:30 . 2011-05-23 12:23 3166720 ----a-w- c:\windows\SysWow64\DxtoryCodec.dll
2013-03-22 06:21 . 2013-03-30 11:40 -------- d-----w- c:\program files (x86)\PrivitizeVPN
2013-03-22 06:21 . 2013-03-22 06:21 -------- d-----w- c:\programdata\CLSoft LTD
2013-03-22 06:21 . 2013-03-22 09:01 -------- d-----w- c:\program files (x86)\MagniPic
2013-03-22 06:21 . 2013-03-22 09:01 -------- d-----w- c:\programdata\MaiginiPiCC
2013-03-22 06:21 . 2013-03-22 09:01 -------- d-----w- c:\programdata\InstallMate
2013-03-22 06:13 . 2013-03-28 02:47 627600 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-22 06:13 . 2013-03-26 01:08 1085344 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-22 05:53 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-03-22 05:53 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-03-22 05:49 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2013-03-22 05:49 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2013-03-22 05:49 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2013-03-22 05:37 . 2013-03-22 05:37 -------- d-----w- c:\program files\WinRAR
2013-03-22 05:23 . 2013-03-22 05:23 -------- d-----w- c:\program files\CPUID
2013-03-22 05:17 . 2013-03-22 05:17 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-03-22 05:16 . 2013-02-10 03:25 1807136 ----a-w- c:\windows\system32\nvdispco6420294.dll
2013-03-22 05:16 . 2013-02-10 03:25 1510176 ----a-w- c:\windows\system32\nvdispgenco6420162.dll
2013-03-22 05:16 . 2012-12-19 05:42 31672 ----a-w- c:\windows\system32\nvhdap64.dll
2013-03-22 05:16 . 2012-12-19 05:41 194488 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2013-03-22 05:16 . 2013-03-22 05:16 -------- d-----w- C:\NVIDIA
2013-03-22 05:00 . 2013-03-22 05:03 -------- d-----w- c:\program files (x86)\Google
2013-03-20 21:35 . 2013-03-20 02:54 -------- d-----w- c:\windows\Panther
2013-03-20 20:04 . 2013-03-20 20:04 -------- d-----w- c:\program files\Windows Live
2013-03-20 20:04 . 2013-03-20 20:04 -------- d-----w- c:\windows\PCHEALTH
2013-03-20 20:04 . 2013-03-20 20:04 -------- d-----w- c:\program files (x86)\Windows Live
2013-03-20 20:02 . 2013-03-20 20:02 -------- d-----w- c:\program files (x86)\Microsoft.NET
2013-03-20 20:02 . 2013-03-20 20:02 -------- d-----w- c:\program files (x86)\Microsoft SkyDrive
2013-03-20 20:02 . 2013-03-20 20:02 -------- d-----w- c:\programdata\Microsoft SkyDrive
2013-03-20 20:01 . 2013-03-20 20:01 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2013-03-20 20:01 . 2013-03-20 20:01 -------- d-----w- c:\program files (x86)\VideoLAN
2013-03-20 20:00 . 2013-03-20 20:00 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-03-20 20:00 . 2013-03-20 20:00 -------- d-----r- c:\program files (x86)\Skype
2013-03-20 20:00 . 2013-03-20 20:00 -------- d-----w- c:\programdata\Skype
2013-03-20 20:00 . 2013-03-28 02:53 544656 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-03-20 20:00 . 2013-03-22 05:12 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-20 19:59 . 2013-03-20 19:59 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-20 19:59 . 2013-03-20 19:59 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-20 19:59 . 2013-03-20 19:59 -------- d-----w- c:\windows\SysWow64\Macromed
2013-03-20 19:59 . 2013-03-20 19:59 -------- d-----w- c:\windows\system32\Macromed
2013-03-20 19:58 . 2013-03-20 19:58 -------- d-----w- c:\program files (x86)\GPLGS
2013-03-20 19:58 . 2013-03-20 19:58 -------- d-----w- c:\program files (x86)\Acro Software
2013-03-20 19:58 . 2012-03-11 03:56 86608 ----a-w- c:\windows\system32\cpwmon64.dll
2013-03-20 19:57 . 2013-03-20 19:57 -------- d-----w- c:\programdata\Canneverbe Limited
2013-03-20 19:57 . 2013-03-20 19:57 -------- d-----w- c:\program files (x86)\CDBurnerXP
2013-03-20 19:56 . 2013-03-24 01:53 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-03-20 19:52 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-20 07:16 . 2013-03-20 07:16 -------- d-----w- c:\windows\SysWow64\Wat
2013-03-20 07:16 . 2013-03-20 07:16 -------- d-----w- c:\windows\system32\Wat
2013-03-20 04:31 . 2013-03-04 03:53 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-20 04:16 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-03-20 04:16 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-03-20 04:16 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-03-20 04:16 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-03-20 04:06 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-03-20 04:06 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-03-20 04:06 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-03-20 04:06 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-03-20 04:06 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-03-20 04:06 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-03-20 04:05 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-03-20 04:05 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-03-20 04:05 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-03-20 04:05 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-03-20 04:05 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-03-20 04:05 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-03-20 04:05 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-03-20 04:05 . 2013-03-20 04:13 -------- d-----w- c:\program files\NVIDIA Corporation
2013-03-20 04:04 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-03-20 04:04 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-03-20 04:04 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-03-20 04:04 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-03-20 04:04 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-03-20 04:01 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-03-20 04:00 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2013-03-20 03:56 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-03-20 03:56 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-03-20 03:56 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-03-20 03:52 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-03-20 03:52 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-03-20 03:52 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-22 07:02 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-03-22 07:02 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-03-15 05:53 . 2013-02-25 13:32 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2013-02-25 13:32 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 05:53 . 2013-02-25 13:32 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2013-02-25 13:32 1118776 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-03-15 05:53 . 2013-02-25 13:32 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-02-25 13:32 . 2013-02-25 13:32 1814304 ----a-w- c:\windows\system32\nvdispco64.dll
2013-02-25 13:32 . 2013-02-25 13:32 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2013-02-12 05:45 . 2013-03-22 23:13 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-22 23:13 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-22 23:13 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-22 23:13 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-22 23:13 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-22 23:13 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-04 04:43 . 2013-03-20 04:01 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1E6F201A-FF2C-6136-99BA-A1CEB1B20E5E}]
2013-03-22 06:54 118272 ----a-w- c:\programdata\MaiginiPiCC\514c003d545ef.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{2F99383E-81D7-D446-3993-0A9BF7F3BC15}]
2013-03-22 09:01 118272 ----a-w- c:\programdata\MaiginiPiCC\514c1dd69cd6b.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C19B0440-352E-2218-3DBD-7A71AEE52EC1}]
2013-03-22 08:57 118272 ----a-w- c:\programdata\MaiginiPiCC\514c1cfd06e64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{E7FC50A7-F089-6BF0-8D53-5F91B4BA18BD}]
2013-03-22 09:34 118272 ----a-w- c:\programdata\MaiginiPiCC\514c25a5a0960.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-20 20:02 220632 ----a-w- c:\users\Sean\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-20 20:02 220632 ----a-w- c:\users\Sean\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-20 20:02 220632 ----a-w- c:\users\Sean\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dxtory Update Checker 2.0"="c:\program files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe" [2010-10-17 93696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-01-12 5028464]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-27 291608]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"PrivitizeVPN"="c:\program files (x86)\PrivitizeVPN\PrivitizeVPN.exe" [2013-03-22 196784]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-14 2255360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-07 161384]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2012-01-10 27760]
R2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe [2012-12-11 619904]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys [2012-12-03 13728]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2012-01-10 2184816]
R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys [2012-12-03 81824]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys [2012-11-14 15776]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-03-20 1255736]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-27 16152]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-14 2466304]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-27 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-27 787736]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-08-11 104560]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys [2012-01-20 205312]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys [2012-01-20 254464]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-22 05:03 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-20 19:59]
.
2013-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-22 05:00]
.
2013-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-22 05:00]
.
2013-03-30 c:\windows\Tasks\MagniPicUpdaterTask{47155719-DD9D-454C-9CD9-69B12F24CD8F}.job
- c:\programdata\Premium\MagniPic\MagniPic.exe [2013-03-22 09:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-20 20:02 244696 ----a-w- c:\users\Sean\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-20 20:02 244696 ----a-w- c:\users\Sean\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-20 20:02 244696 ----a-w- c:\users\Sean\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VIAxHCUtl"="c:\via_xhci\usb3Monitor.exe" [2011-07-12 331776]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://searchou.com/?affil=7&uid=80789470-92b8-11e2-a8e8-902b34351311
mStart Page = hxxp://searchou.com/?affil=7&uid=80789470-92b8-11e2-a8e8-902b34351311
mLocal Page = c:\windows\SysWOW64\blank.htm
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1977048671-2338944874-542565610-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1977048671-2338944874-542565610-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-03-30 23:40:23
ComboFix-quarantined-files.txt 2013-03-30 12:40
.
Pre-Run: 74,590,769,152 bytes free
Post-Run: 74,745,131,008 bytes free
.
- - End Of File - - F7627B350CC95BE2A3986F0EBE9EB5A6



Where do I find the fresh HiJackThis log?
 
Holy s**t. It worked! My computer is now working normally :D Thank-you so much John! Hopefully it stays like this, if not I'll be sure to contact you again. Any idea what the problem was?
 
You must log in or register to reply here.
Back
Top