Victor222

Members
  • Content count

    65
  • Joined

  • Last visited

About Victor222

  • Rank
    Regular Member

Contact Methods

  • ICQ
    0
  1. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.17420 BrowserJavaVersion: 10.71.2 Run by Administrator at 21:06:36 on 2014-11-24 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8174.6484 [GMT -5:00] . AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Program Files\Sandboxie\SbieSvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files\Prevx\prevx.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files (x86)\Skype\Updater\Updater.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\loggingserver.exe C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files\Prevx\prevx.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\AVG Web TuneUp\vprot.exe C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe mRun: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY mRun: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001045-0002-0045-ABCDEFFEDCBC} - <orphaned> IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: NameServer = 192.168.1.254 TCP: Interfaces\{50D33B4D-0B7E-4FF5-843E-DD459AF92158} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{9E4F7AC1-E126-4BF4-95B5-84E1EF954F9D} : DHCPNameServer = 192.168.42.129 TCP: Interfaces\{B8A96589-B3BF-4C37-A430-9B6F017F7228} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{C1F1B1BC-FCDF-466D-9A9D-6403E3AC379D} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{C1F1B1BC-FCDF-466D-9A9D-6403E3AC379D}\4646D2772747 : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.1.0\ViProtocol.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {84A11D82-2732-40ed-BF71-80F1FAF3807F} - {6BFA42E6-23F8-4ca7-A4E2-680EFB1F6DAE} - C:\Program Files\BrowserTweaks\IEScreenshot\iescreenshot.dll x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2014-6-17 190744] R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-6-17 328984] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-8-6 123672] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-6-17 31512] R0 pxscan;pxscan;C:\Windows\System32\drivers\pxscan.sys [2012-8-31 36384] R0 vidsflt53;Acronis Disk Storage Filter (53);C:\Windows\System32\drivers\vsflt53.sys [2012-10-27 141920] R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-6-30 152344] R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2014-7-21 244504] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-6-17 269080] R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2014-4-18 50464] R1 GUBootStartup;GUBootStartup;C:\Windows\System32\drivers\GUBootStartup.sys [2014-5-15 20160] R1 pxrts;pxrts;C:\Windows\System32\drivers\pxrts.sys [2012-8-31 65736] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-5-23 172344] R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176] R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520] R2 CSIScanner;CSIScanner;C:\Program Files\Prevx\prevx.exe [2012-8-31 6724632] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-3-28 1871160] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-3-28 968504] R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-7-7 1738168] R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-7-7 2088408] R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-7-7 171928] R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-10-15 411936] R2 vToolbarUpdater3.1.0;vToolbarUpdater3.1.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe [2014-7-6 1814040] R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-9-19 1157056] R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-9-19 248248] R2 WDRulesService;WD Rules;C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-9-19 1177536] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-8-28 25816] R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-3-28 129752] R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-3-28 63704] R3 pxkbf;pxkbf;C:\Windows\System32\drivers\pxkbf.sys [2012-8-31 24024] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-4-12 539240] R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2014-10-14 185352] R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-6-17 235800] S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-8-25 3242000] S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-8-25 289328] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-12 114688] S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2012-9-9 97040] S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 PSKMAD;PSKMAD;C:\Windows\System32\drivers\PSKMAD.sys [2013-7-31 47632] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-25 19456] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2010-11-25 694888] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-10-15 56832] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-12 1255736] . =============== Created Last 30 ================ . 2014-11-25 02:06:08 -------- d-----w- C:\Users\Administrator\AppData\Local\NVIDIA 2014-11-25 01:36:28 -------- d-----w- C:\Users\Administrator\AppData\Roaming\GlarySoft 2014-11-24 23:37:11 -------- d-sh--w- C:\Users\Administrator\AppData\Local\EmieUserList 2014-11-24 23:37:11 -------- d-sh--w- C:\Users\Administrator\AppData\Local\EmieSiteList 2014-11-24 23:37:11 -------- d-sh--w- C:\Users\Administrator\AppData\Local\EmieBrowserModeList 2014-11-24 23:14:48 -------- d-----w- C:\Users\Administrator\AppData\Local\Avg2014 2014-11-19 17:04:11 -------- d-----w- C:\Users\Administrator\AppData\Local\Avg 2014-11-19 17:04:01 -------- d-----w- C:\ProgramData\AVG2015 2014-11-19 09:17:03 728064 ----a-w- C:\Windows\System32\kerberos.dll 2014-11-19 09:17:03 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll 2014-11-19 09:17:03 241152 ----a-w- C:\Windows\System32\pku2u.dll 2014-11-19 09:17:03 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll 2014-11-12 05:36:42 304640 ----a-w- C:\Windows\System32\generaltel.dll 2014-11-12 05:35:52 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll 2014-11-12 05:34:53 861696 ----a-w- C:\Windows\System32\oleaut32.dll 2014-11-12 05:34:53 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll . ==================== Find3M ==================== . 2014-11-25 02:05:54 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-11-17 13:51:44 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-11-17 13:51:44 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll 2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll 2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll 2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll 2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll 2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll 2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll 2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll 2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll 2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll 2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll 2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll 2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll 2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll 2014-11-05 17:56:36 228864 ----a-w- C:\Windows\System32\aepdu.dll 2014-11-05 17:52:22 424448 ----a-w- C:\Windows\System32\aeinv.dll 2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll 2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll 2014-10-15 13:57:29 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2014-10-15 13:46:27 20160 ----a-w- C:\Windows\System32\drivers\GUBootStartup.sys 2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll 2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll 2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll 2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll 2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll 2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll 2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll 2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll 2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys 2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll 2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll 2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll 2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll 2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll 2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll 2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll 2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll 2014-10-01 15:11:26 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-10-01 15:11:16 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-10-01 15:11:12 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll 2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll 2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll 2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll 2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll 2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll 2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll 2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll 2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll 2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll 2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll 2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll 2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll 2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll 2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2014-09-05 02:11:09 6584320 ----a-w- C:\Windows\System32\mstscax.dll 2014-09-05 01:52:41 5703168 ----a-w- C:\Windows\SysWow64\mstscax.dll 2014-09-04 05:23:20 424448 ----a-w- C:\Windows\System32\rastls.dll 2014-09-04 05:04:15 372736 ----a-w- C:\Windows\SysWow64\rastls.dll 2014-08-29 02:07:13 3179520 ----a-w- C:\Windows\System32\rdpcorets.dll 2013-02-03 21:47:20 3695104 ----a-w- C:\Program Files\MyMorph.msi . ============= FINISH: 21:08:06.37 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 4/12/2012 1:07:01 AM System Uptime: 11/24/2014 9:05:04 PM (0 hours ago) . Motherboard: ASUSTeK Computer INC. | | M5A78L-M LX PLUS Processor: AMD FX™-4100 Quad-Core Processor | AM3R2 | 3600/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 931 GiB total, 820.495 GiB free. D: is CDROM () E: is Removable F: is FIXED (NTFS) - 1863 GiB total, 216.252 GiB free. G: is FIXED (NTFS) - 2794 GiB total, 200.497 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP255: 11/9/2014 12:00:03 AM - Scheduled Checkpoint RP256: 11/12/2014 5:00:42 AM - Windows Update RP257: 11/19/2014 5:00:18 AM - Windows Update RP258: 11/19/2014 12:03:04 PM - Installed AVG 2015 RP259: 11/19/2014 12:04:22 PM - Installed AVG 2015 . ==== Installed Programs ====================== . 4500_Help 4Videosoft MKV Video Converter 64 Bit HP CIO Components Installer 7-Zip 9.20 (x64 edition) Adobe AIR Adobe Flash Player 15 ActiveX Adobe Flash Player 15 Plugin Adobe Reader XI (11.0.08) MUI Adobe Reader XI (11.0.09) Adobe Setup Adobe Shockwave Player 12.0 Adobe Update Manager CS4 Asus 802.11n Network Adapter ATI Catalyst Install Manager AVG 2014 AVG 2015 AVG Web TuneUp AVIcodec (remove only) Awesome Duplicate Photo Finder v. 1.1 bpd_scan BPDSoftware BPDSoftware_Ini BrowserTweaks.com - IE Screenshot (64-bit) for IE BufferChm CCleaner ConvertHelper 2.2 CPUID CPU-Z 1.71 Definition Update for Microsoft Office 2010 (KB2899521) 64-Bit Edition Destinations DeviceDiscovery DivX Setup DocMgr DocProc Fax ffdshow x64 v1.3.4500 [2013-01-06] File Renamer - Basic Glary Utilities 5.12 Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 HP Document Manager 2.0 HP Imaging Device Functions 13.0 HP Photosmart Essential 3.5 HP Smart Web Printing 4.51 HP Solution Center 13.0 HP Update HPDiagnosticAlert HPPhotoSmartDiscLabelContent1 HPPhotosmartEssential HPProductAssistant HPSSupply HTC BMP USB Driver HTC Home Apis J4500 Java 7 Update 71 Java Auto Updater Malwarebytes Anti-Malware version 2.0.3.1025 Microsoft .NET Framework 4.5.1 Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 mkv2vob Mozilla Firefox 34.0 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) MyMorph NVIDIA 3D Vision Controller Driver 306.97 NVIDIA 3D Vision Driver 340.52 NVIDIA Control Panel 340.52 NVIDIA Graphics Driver 340.52 NVIDIA HD Audio Driver 1.3.30.1 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.12.0604 NVIDIA Stereoscopic 3D Driver NVIDIA Update 10.4.0 NVIDIA Update Components NVIDIA Update Core OCR Software by I.R.I.S. 13.0 Officejet J4500 Series Panda Cloud Cleaner Prevx ProductContext PS3 Media Server PS3 Video Converter Box Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Revo Uninstaller 1.95 Sandboxie 4.14 (64-bit) Scan Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2883013) 64-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition Shop for HP Supplies Skype Click to Call Skype™ 6.11 SlimCleaner SmartWebPrinting SolutionCenter Spybot - Search & Destroy SpywareBlaster 5.0 Status SUPERAntiSpyware Toolbox TrayApp TVersity Codec Pack 1.7 TweakUAC Unlocker 1.9.1 Unlocker 1.9.2 Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition Update for Microsoft Excel 2010 (KB2889935) 64-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition Update for Microsoft Office 2010 (KB2837602) 64-Bit Edition Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition Update for Microsoft Office 2010 (KB2889828) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB2878251) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition VC80CRTRedist - 8.0.50727.6195 Visual Studio 2008 x64 Redistributables Visual Studio 2010 x64 Redistributables Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables VLC media player VLC media player 2.1.2 WD SmartWare WebReg Windows Media Player Firefox Plugin WinPatrol WinRAR 5.11 (64-bit) Xiph.Org Open Codecs 0.85.17777 . ==== Event Viewer Messages From Past Week ======== . 11/24/2014 9:07:46 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 11/24/2014 9:07:46 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure. 11/24/2014 9:05:46 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64 wmcceupg 11/24/2014 9:05:25 PM, Error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error %%-536753637. 11/24/2014 9:01:26 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service. 11/24/2014 9:01:26 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EapHost service. 11/24/2014 9:00:56 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service. 11/24/2014 9:00:35 PM, Error: Service Control Manager [7000] - The CSIScanner service failed to start due to the following error: The pipe has been ended. 11/24/2014 9:00:25 PM, Error: Service Control Manager [7031] - The CSIScanner service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 11/24/2014 8:34:48 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 11/24/2014 8:34:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 11/24/2014 8:34:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 11/24/2014 8:34:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 11/24/2014 8:34:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 11/24/2014 8:34:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 11/24/2014 8:34:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 11/24/2014 8:34:21 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000124 (0x0000000000000000, 0xfffffa800856b3f8, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\Minidump\112414-21762-01.dmp. Report Id: 112414-21762-01. 11/24/2014 8:34:20 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO Avgdiska AVGIDSDriver Avgldx64 Avgtdia CSC DfsC discache GUBootStartup NetBIOS NetBT nsiproxy Psched pxrts rdbss SASDIFSV SASKUTIL spldr tdx vwififlt Wanarpv6 WfpLwf wmcceupg ws2ifsl 11/24/2014 8:34:20 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 11/24/2014 8:34:20 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 11/24/2014 8:34:20 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 11/24/2014 8:34:20 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 11/24/2014 8:34:20 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 11/24/2014 8:34:20 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 11/24/2014 8:34:20 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 11/24/2014 8:34:20 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 11/24/2014 8:34:20 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 11/24/2014 8:34:20 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 11/24/2014 8:34:20 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 11/24/2014 8:34:20 PM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning. 11/24/2014 8:23:32 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000124 (0x0000000000000000, 0xfffffa800854d8f8, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\Minidump\112414-22167-01.dmp. Report Id: 112414-22167-01. 11/24/2014 8:13:17 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000124 (0x0000000000000000, 0xfffffa800852b468, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\Minidump\112414-22058-01.dmp. Report Id: 112414-22058-01. 11/24/2014 6:14:44 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 11/24/2014 6:14:42 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 11/24/2014 6:14:23 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AsIO Avgdiska AVGIDSDriver Avgldx64 discache GUBootStartup pxrts SASDIFSV SASKUTIL spldr Wanarpv6 wmcceupg 11/24/2014 6:14:22 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000124 (0x0000000000000000, 0xfffffa80085f7728, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\Minidump\112414-25724-01.dmp. Report Id: 112414-25724-01. 11/24/2014 6:03:33 PM, Error: Microsoft-Windows-WHEA-Logger [20] - A fatal hardware error has occurred. Component: AMD Northbridge Error Source: Machine Check Exception Error Type: HyperTransport Watchdog Timeout Error Processor ID: 0 The details view of this entry contains further information. 11/24/2014 6:03:03 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000124 (0x0000000000000000, 0xfffffa8008442038, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\Minidump\112414-61713-01.dmp. Report Id: 112414-61713-01. 11/24/2014 5:11:08 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: wmcceupg 11/23/2014 2:06:02 PM, Error: Schannel [36887] - The following fatal alert was received: 20. 11/19/2014 12:11:56 PM, Error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error %%-536753635. 11/19/2014 10:37:28 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR13. . ==== End Of File ===========================
  2. I ran Malwarebytes and it found 2,247 items, ran avg found 11, ran Kapersky scan found 349, Ran Pand Cloud Cleaner found 59 you get the point. I need help tp try to get laptop running smooth. FRST: Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-04-2014 03 Ran by owner at 2014-04-25 16:29:54 Running from C:\Users\owner\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: AVG Anti-Virus Free Edition 2011 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AS: AVG Anti-Virus Free Edition 2011 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} ==================== Installed Programs ====================== Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation) Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated) Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated) Adobe Shockwave Player (HKLM\...\{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}) (Version: 10.2.0.023 - Adobe Systems, Inc.) Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.) ANIWZCS2 Service (HKLM\...\{4C590030-7469-453E-8589-D15DA9D03F52}) (Version: - ) AVG 2011 (HKLM\...\AVG) (Version: 10.0.1432 - AVG Technologies) AVG 2011 (Version: 10.0.1432 - AVG Technologies) Hidden AVG 2011 (Version: 10.0.3722 - AVG Technologies) Hidden AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.0.5.292 - AVG Technologies) AWC V4.11 (HKLM\...\Steve Murphy's Automatic Wallpaper Changer_is1) (Version: - Steve Murphy) Bing Rewards Client Installer (Version: 16.0.345.0 - Microsoft Corporation) Hidden Canon MP Navigator EX 2.0 (HKLM\...\MP Navigator EX 2.0) (Version: - ) Canon MP240 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP240_series) (Version: - ) Canon MP240 series User Registration (HKLM\...\Canon MP240 series User Registration) (Version: - ) Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - ) Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version: - ) Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - ) Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform) Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.58.1.0 - Conexant) CyberLink DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.1519 - CyberLink Corp.) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version: - Microsoft) D-Link RangeBooster N DWA-140 (HKLM\...\{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}) (Version: 1.00.0000 - D-Link) Driver Restore (HKLM\...\{273130E8-117C-4237-A0FA-83EBBF11E051}) (Version: 8.1 - Driver Restore) Driver Support (HKLM\...\{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 8.1 - Driver Support) ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard) EuroTalk Talk Now Plus! (HKLM\...\EuroTalk Talk Now Plus!) (Version: 1.6.8.1 - EuroTalk Ltd.) Finale Allegro 2005 (HKLM\...\Finale Allegro 2005) (Version: - ) Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.) Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version: - ) Hewlett-Packard Active Check for Health Check (Version: 1.1.15.2 - Hewlett-Packard) Hidden Hewlett-Packard Asset Agent for Health Check (Version: 2.0.63.2 - HP) Hidden HP Active Support Library (Version: 3.1.4.1 - Hewlett-Packard) Hidden HP Customer Experience Enhancements (HKLM\...\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}) (Version: 5.6.0.2510 - Hewlett-Packard) HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.01.0005 - Hewlett-Packard) HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: - Hewlett-Packard) HP Help and Support (HKLM\...\{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}) (Version: 2.0.9.0 - Hewlett-Packard) HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP) HP Photosmart Essential 2.5 (Version: 1.02.0000 - Hewlett-Packard) Hidden HP Quick Launch Buttons 6.40 F1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 F1 - Hewlett-Packard) HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 109.9.19158 - Hewlett-Packard) HP Smart Web Printing (Version: 109.9.19158 - Hewlett-Packard) Hidden HP Total Care Advisor (HKLM\...\{f32502b5-5b64-4882-bf61-77f23edcac4f}) (Version: 2.1.4047.2685 - Hewlett-Packard) HP Update (HKLM\...\{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}) (Version: 4.000.010.008 - Hewlett-Packard) HP User Guides 0121 (HKLM\...\{4D7DF9B2-BCA3-4AF7-9C5F-4ADEB7495F7E}) (Version: 1.00.0000 - Hewlett-Packard ) HP Wireless Assistant (HKLM\...\{340F521E-3576-4E1A-B75C-EB0ACF751379}) (Version: 3.00 J1 - Hewlett-Packard) HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabel_Tattoo (Version: 2.02.0000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000 - Hewlett-Packard) Hidden hpphotosmartdisclabelplugin (Version: 2.02.0000 - Hewlett-Packard) Hidden HPPhotoSmartPhotobookHolidayPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden HPPhotoSmartPhotobookModernPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden HPPhotoSmartPhotobookPlayfulPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden HPPhotoSmartPhotobookScrapbookPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden HPTCSSetup (HKLM\...\{FA3B34BE-4246-4062-90A3-34CBBEA12B72}) (Version: 1.0.964.2626 - Hewlett-Packard Company) Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) ipla 2.7 (HKLM\...\ipla) (Version: 2.7 - Redefine Sp z o.o.) Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) Kaspersky Security Scan (HKLM\...\InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}) (Version: 12.0.1.340 - Kaspersky Lab) Kaspersky Security Scan (Version: 12.0.1.340 - Kaspersky Lab) Hidden LightScribe System Software 1.12.33.2 (HKLM\...\{582287DA-0806-4AC0-BF19-C15E3A466034}) (Version: 1.12.33.2 - LightScribe) LPT System Updater Service (Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft UI Engine (Version: 6.3.2348.0 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) muvee autoProducer 6.1 (HKLM\...\{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}) (Version: 6.10.050 - muvee Technologies) NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.52 - BVRP Software, Inc) OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden Panda Cloud Cleaner (HKLM\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.98 - Panda Security) PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2719 - CyberLink Corp.) PowerDirector (Version: 6.5.2719 - CyberLink Corp.) Hidden PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek) Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - Realtek Semiconductor Corp.) Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.) Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.) Snap.Do (HKLM\...\{AB65D81D-303A-4DDB-AC7C-12C9CD9F67FB}) (Version: 11.71.1.16545 - ReSoft Ltd.) <==== ATTENTION Software Updater version 1.8.4 (HKLM\...\Software Updater_is1) (Version: 1.8.4 - Air Software) <==== ATTENTION Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.3.0 - Synaptics) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation) Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft) VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version: - ) Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 5.7.9 - Shark007) VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN) Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation) ==================== Restore Points ========================= 24-04-2014 01:22:27 Removed Snap.Do 24-04-2014 01:27:38 Removed Ask Toolbar. 24-04-2014 01:33:05 Removed Bing Bar 24-04-2014 01:34:54 Removed Snap.Do 24-04-2014 21:46:59 Scheduled Checkpoint 24-04-2014 23:12:21 Installed Java 7 Update 51 25-04-2014 14:31:42 Installed SpyHunter 25-04-2014 15:21:22 Removed SpyHunter ==================== Hosts content: ========================== 2006-11-02 06:23 - 2014-04-24 22:19 - 00000741 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {0B484F9E-215B-47B5-A307-442F72E56DB8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-24] (Adobe Systems Incorporated) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {2119D350-2BBC-4395-9EFC-8D6CF3C7E060} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15] (Hewlett-Packard) Task: {2B331432-10B7-4A5D-8CAC-FEDFF2484C51} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-23] (Google Inc.) Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {33666CE0-CFE2-488A-9146-F8475F6A7A62} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) Task: {3546724E-3479-4B3D-BD99-D795423EBF2D} - System32\Tasks\HPCeeScheduleForowner => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-12-17] (Hewlett-Packard) Task: {3A833A90-02E5-4AEC-B684-5D407C0C0FFE} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44616565-B6DD-4DD3-81C0-EB74930ED4B0} - System32\Tasks\Driver Support-RTMScan => C:\Program Files\Driver Support\Driver Support\DriverSupport.exe [2014-04-01] (PC Drivers Headquarters) Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation) Task: {488F18AD-0DA8-4F25-846A-1E0B24C70457} - System32\Tasks\Driver Restore-RTMScanRunOnce => C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe [2013-09-19] (PC Drivers Headquarters) Task: {59AAA59E-2BF3-4EB0-854A-D6006609F5E4} - System32\Tasks\Driver Support-RTMRules => C:\Program Files\Driver Support\Driver Support\DriverSupport.exe [2014-04-01] (PC Drivers Headquarters) Task: {680EC81F-20B1-4BF1-ACCF-9226552A9484} - System32\Tasks\Driver Support-RTMUpdater => C:\Program Files\Driver Support\Driver Support\DriverSupport.exe [2014-04-01] (PC Drivers Headquarters) Task: {6A4EB591-74A9-46DA-99AB-AB5BD52C488D} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe Task: {6D16832F-90A9-428B-AE37-0D4CB292F714} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe Task: {716228D8-9DD4-4F84-805B-D0FEBA23AE1B} - System32\Tasks\pcreg => C:\Program Files\pcreg\service.exe [2014-04-17] () Task: {9C8AF463-5915-4B63-91DE-744D40FDBCD7} - System32\Tasks\Driver Restore-RTMRules => C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe [2013-09-19] (PC Drivers Headquarters) Task: {A365081B-8087-4636-A24C-7C59CB890F45} - System32\Tasks\Driver Support-RTMScanRunOnce => C:\Program Files\Driver Support\Driver Support\DriverSupport.exe [2014-04-01] (PC Drivers Headquarters) Task: {A8496044-3112-4208-A5D9-B6359E42B78A} - System32\Tasks\Driver Restore-RTMUpdater => C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe [2013-09-19] (PC Drivers Headquarters) Task: {ADBF14AA-C8E1-4AFE-9572-19007D718896} - System32\Tasks\Driver Restore-RTMScan => C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe [2013-09-19] (PC Drivers Headquarters) Task: {CC56FF3D-BF7A-49E9-9100-C30B66B88CD6} - System32\Tasks\At1 => c:\Program Files\pcreg\service.exe [2014-04-17] () Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] () Task: {E67793CA-DD14-4891-B424-C7ED942B6DC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-23] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\At1.job => c:\Program Files\pcreg\service.exe Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForowner.job => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe Task: C:\Windows\Tasks\pcreg.job => C:\Program Files\pcreg\service.exe Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe ==================== Loaded Modules (whitelisted) ============= 2010-01-09 21:18 - 2010-01-09 21:18 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-01-21 02:34 - 2010-01-21 02:34 - 08793952 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-04-25 12:21 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2014-04-25 12:21 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl 2014-03-08 19:57 - 2009-07-07 21:10 - 00151552 _____ () C:\Windows\system32\ANIWConnService.exe 2014-04-18 08:47 - 2014-04-18 08:47 - 00249024 _____ () C:\Program Files\pcreg\pcreg.exe 2008-06-27 14:46 - 2008-04-26 04:15 - 00361808 _____ () C:\Windows\SMINST\BLService.exe 2008-06-27 14:46 - 2007-11-15 04:46 - 00126976 _____ () C:\Windows\SMINST\STWmiM.dll 2008-06-27 14:39 - 2007-01-09 05:25 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe 2014-04-25 12:21 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll 2014-04-25 12:21 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2014-04-25 12:21 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2011-12-12 12:39 - 2014-03-20 22:33 - 02544664 _____ () C:\Program Files\AVG Secure Search\vprot.exe 2014-03-08 19:57 - 2009-06-01 15:23 - 00315392 _____ () C:\Program Files\ANI\ANIWZCS2 Service\ANIOApi.dll 2014-03-08 19:57 - 2009-07-07 19:50 - 00258048 _____ () C:\Windows\system32\WlanApp.dll 2014-03-08 19:56 - 2009-06-01 15:23 - 00315392 _____ () C:\Program Files\D-Link\DWA-140 revB\ANIOApi.dll 2014-04-18 21:53 - 2014-04-18 21:53 - 00119296 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\XPBurnComponent\27d8ac63d8140387cb8690e4ff0a2b51\XPBurnComponent.ni.dll 2013-09-19 10:10 - 2013-09-19 10:10 - 00653704 _____ () C:\Program Files\Driver Restore\Driver Restore\ThemePack.DriverRestore.dll 2013-09-19 09:31 - 2013-09-19 09:31 - 00412064 _____ () C:\Program Files\Driver Restore\Driver Restore\Agent.Communication.XmlSerializers.dll 2014-04-01 09:42 - 2014-04-01 09:42 - 00428416 _____ () C:\Program Files\Driver Support\Driver Support\Agent.Communication.XmlSerializers.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 02126264 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 07422392 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 02453944 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 01270200 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 00192952 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 00795064 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll 2008-06-27 13:40 - 2008-06-12 01:17 - 00066856 _____ () C:\Program Files\HP\QuickPlay\Kernel\Common\MCEMediaStatus.dll 2011-02-10 07:55 - 2011-02-10 07:55 - 01148256 _____ () C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe 2012-11-09 08:56 - 2012-11-09 08:56 - 03598968 _____ () C:\Program Files\AVG\AVG10\avgui.exe ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupfolder: C:^Users^owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: BingDesktop => C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe /fromkey MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: hpqSRMon => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe MSCONFIG\startupreg: hpWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe MSCONFIG\startupreg: IPLA! => C:\Program Files\ipla\ipla.exe /autorun MSCONFIG\startupreg: QlbCtrl.exe => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start MSCONFIG\startupreg: QPService => "C:\Program Files\HP\QuickPlay\QPService.exe" MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun ==================== Faulty Device Manager Devices ============= Name: Microsoft Tun Miniport Adapter #2 Description: Microsoft Tun Miniport Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunmp Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/25/2014 04:31:27 PM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Details: AddCoreCsiFiles : BeginFileEnumeration() failed. System Error: Access is denied. Error: (04/25/2014 04:31:21 PM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Details: AddCoreCsiFiles : BeginFileEnumeration() failed. System Error: Access is denied. Error: (04/25/2014 04:03:16 PM) (Source: Application Error) (User: ) Description: Faulting application SoftwareUpdater.exe, version 1.8.4.0, time stamp 0x53209c6f, faulting module SoftwareUpdater.exe, version 1.8.4.0, time stamp 0x53209c6f, exception code 0xc0000005, fault offset 0x0002e96d, process id 0xb24, application start time 0xSoftwareUpdater.exe0. Error: (04/25/2014 03:59:26 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/25/2014 01:11:19 PM) (Source: Application Hang) (User: ) Description: The program Au_.exe version 1.9.0.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 11fc Start Time: 01cf60a943c4d3bf Termination Time: 12 Error: (04/25/2014 01:09:52 PM) (Source: Application Error) (User: ) Description: Faulting application Au_.exe, version 1.9.0.2, time stamp 0x4b1ae416, faulting module nsExec.dll, version 0.0.0.0, time stamp 0x4b1ae3a8, exception code 0xc0000005, fault offset 0x00001144, process id 0x1840, application start time 0xAu_.exe0. Error: (04/25/2014 01:09:36 PM) (Source: Application Error) (User: ) Description: Faulting application Au_.exe, version 1.9.0.2, time stamp 0x4b1ae416, faulting module Au_.exe, version 1.9.0.2, time stamp 0x4b1ae416, exception code 0xc0000005, fault offset 0x00001ba0, process id 0x1420, application start time 0xAu_.exe0. Error: (04/25/2014 01:07:08 PM) (Source: Application Error) (User: ) Description: Faulting application Au_.exe, version 1.9.0.2, time stamp 0x4b1ae416, faulting module nsExec.dll, version 0.0.0.0, time stamp 0x4b1ae3a8, exception code 0xc0000005, fault offset 0x00001144, process id 0x274, application start time 0xAu_.exe0. Error: (04/25/2014 01:06:39 PM) (Source: Application Hang) (User: ) Description: The program Au_.exe version 1.9.0.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 1d40 Start Time: 01cf60a5ca8964ff Termination Time: 10 Error: (04/25/2014 11:27:30 AM) (Source: Application Error) (User: ) Description: Faulting application highlightly_1404-c9d836f8.exe, version 1.9.0.2, time stamp 0x4b1ae416, faulting module System.dll, version 0.0.0.0, time stamp 0x4b1ae3ad, exception code 0xc0000005, fault offset 0x00001d8d, process id 0x1b30, application start time 0xhighlightly_1404-c9d836f8.exe0. System errors: ============= Error: (04/25/2014 04:05:48 PM) (Source: Service Control Manager) (User: ) Description: Windows Update Error: (04/25/2014 03:59:29 PM) (Source: Service Control Manager) (User: ) Description: Parallel port driver%%1058 Error: (04/25/2014 11:50:39 AM) (Source: Service Control Manager) (User: ) Description: ANIWConn Service1 Error: (04/25/2014 11:39:06 AM) (Source: Service Control Manager) (User: ) Description: Skype C2C Service1 Error: (04/25/2014 10:40:43 AM) (Source: netbt) (User: ) Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.71. The computer with the IP address 192.168.1.72 did not allow the name to be claimed by this computer. Error: (04/25/2014 10:15:03 AM) (Source: Dhcp) (User: ) Description: The IP address lease 192.168.1.2 for the Network Card with network address 00226955B3E4 has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message). Error: (04/24/2014 09:36:56 PM) (Source: Service Control Manager) (User: ) Description: Windows Update Error: (04/24/2014 09:31:14 PM) (Source: Service Control Manager) (User: ) Description: Parallel port driver%%1058 Error: (04/24/2014 09:25:33 PM) (Source: Service Control Manager) (User: ) Description: 30000avgwd Error: (04/24/2014 09:25:01 PM) (Source: Service Control Manager) (User: ) Description: 30000WSearch Microsoft Office Sessions: ========================= Error: (04/25/2014 04:31:27 PM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddCoreCsiFiles : BeginFileEnumeration() failed. System Error: Access is denied. Error: (04/25/2014 04:31:21 PM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddCoreCsiFiles : BeginFileEnumeration() failed. System Error: Access is denied. Error: (04/25/2014 04:03:16 PM) (Source: Application Error)(User: ) Description: SoftwareUpdater.exe1.8.4.053209c6fSoftwareUpdater.exe1.8.4.053209c6fc00000050002e96db2401cf60c1021448e9 Error: (04/25/2014 03:59:26 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/25/2014 01:11:19 PM) (Source: Application Hang)(User: ) Description: Au_.exe1.9.0.211fc01cf60a943c4d3bf12 Error: (04/25/2014 01:09:52 PM) (Source: Application Error)(User: ) Description: Au_.exe1.9.0.24b1ae416nsExec.dll0.0.0.04b1ae3a8c000000500001144184001cf60a92a7f40cf Error: (04/25/2014 01:09:36 PM) (Source: Application Error)(User: ) Description: Au_.exe1.9.0.24b1ae416Au_.exe1.9.0.24b1ae416c000000500001ba0142001cf60a91683494f Error: (04/25/2014 01:07:08 PM) (Source: Application Error)(User: ) Description: Au_.exe1.9.0.24b1ae416nsExec.dll0.0.0.04b1ae3a8c00000050000114427401cf60a8c5bc934f Error: (04/25/2014 01:06:39 PM) (Source: Application Hang)(User: ) Description: Au_.exe1.9.0.21d4001cf60a5ca8964ff10 Error: (04/25/2014 11:27:30 AM) (Source: Application Error)(User: ) Description: highlightly_1404-c9d836f8.exe1.9.0.24b1ae416System.dll0.0.0.04b1ae3adc000000500001d8d1b3001cf609ab689308f CodeIntegrity Errors: =================================== Date: 2014-04-25 16:28:46.739 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-25 16:28:46.069 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-25 16:28:45.435 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-25 16:28:44.814 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-25 16:28:43.979 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-25 16:28:43.395 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-25 16:28:42.693 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-25 16:28:41.778 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-25 16:06:09.454 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-25 16:06:08.605 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 79% Total physical RAM: 1978.45 MB Available physical RAM: 399.23 MB Total Pagefile: 4204.16 MB Available Pagefile: 2290.17 MB Total Virtual: 2047.88 MB Available Virtual: 1914.26 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:101.93 GB) (Free:42.34 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (HP_RECOVERY) (Fixed) (Total:9.86 GB) (Free:1.73 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 112 GB) (Disk ID: 2F41570E) Partition 1: (Active) - (Size=102 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  3. I mostly use Firefox and the issue stopped when I rebooted the browser. What about the file missing in HijackThis?
  4. One problem I did notice is when I open a web page with many pictures only half of them seem to load. Would you know how I can correct this issue?
  5. The only thing I did wrong was delete the programs you wanted by control panel uninstall instead of Revo Uninstaller. I did not read below jumped the gun, so I hope this will not skew the results. I have not had any issues. I looked over the HijackThis log report and noticed A LOT of (file missing) what does that mean and do I need to delete those or do anything with them? Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Database version: v2014.02.11.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 Computer :: VICTOR-PC [administrator] Protection: Enabled 2/11/2014 1:40:36 PM mbam-log-2014-02-11 (13-40-36).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 265236 Time elapsed: 3 minute(s), 38 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 1:45:16 PM, on 2/11/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Users\Computer\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe C:\Users\Computer\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Java\jre7\bin\javaw.exe C:\Program Files (x86)\Glary Utilities 4\SoftwareUpdate.exe C:\Program Files (x86)\Glary Utilities 4\Integrator.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Users\Computer\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" O4 - HKCU\..\Run: [Clock Widget (HTC Home)] "C:\Program Files (x86)\HTC Home\Clock.exe" O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Computer\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Startup: AVG 2014.lnk = C:\Program Files (x86)\AVG\AVG2014\avgui.exe O4 - Startup: PMS.exe - Shortcut.lnk = C:\Program Files (x86)\PS3 Media Server\PMS.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: CSIScanner - Prevx - C:\Program Files\Prevx\prevx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WD Backup (WDBackup) - Western Digital - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe O23 - Service: WD Rules (WDRulesService) - Western Digital - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11960 bytes
  6. McAfee Security Scan Plus is not on my computer it is not in the Uninstall area of the Control Panel is it showing up that it is still installed on my PC some where else? Also if I uninstall the coupon program how will I print out coupons for my mother since she does not know how to use a PC? I used Spybot search and destroy and it removed many spyware from the coupon program so I thought that issue has been resolved.
  7. ComboFix 14-02-05.02 - Computer 02/08/2014 14:25:18.2.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8174.3695 [GMT -5:00] Running from: c:\users\Computer\Downloads\ComboFix.exe Command switches used :: c:\users\Computer\Desktop\CFScript.txt AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Computer\AppData\Local\Temp\jna7471439840613490992.dll . . ((((((((((((((((((((((((( Files Created from 2014-01-08 to 2014-02-08 ))))))))))))))))))))))))))))))) . . 2014-02-08 19:32 . 2014-02-08 19:32 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2014-02-08 19:32 . 2014-02-08 19:32 -------- d-----w- c:\users\Guest\AppData\Local\temp 2014-02-08 19:32 . 2014-02-08 19:32 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-01-29 17:36 . 2014-01-29 18:17 -------- d-----w- C:\AdwCleaner 2014-01-27 18:58 . 2014-01-27 18:58 -------- d-----w- c:\users\Computer\AppData\Roaming\NVIDIA 2014-01-25 01:46 . 2014-01-22 01:16 117024 ----a-w- c:\windows\system32\BootDefrag.exe 2014-01-25 01:46 . 2014-01-22 01:09 17088 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys 2014-01-25 01:08 . 2014-01-25 01:08 -------- d-----w- c:\program files (x86)\Reg Organizer 2014-01-23 21:58 . 2013-06-12 18:10 33512 ----a-w- c:\windows\system32\drivers\DasPtct.SYS 2014-01-15 14:05 . 2013-12-19 02:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-02-08 17:33 . 2012-04-16 06:10 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-02-08 17:33 . 2012-04-16 06:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-11-14 10:02 . 2012-04-12 07:23 82896128 ----a-w- c:\windows\system32\MRT.exe 2013-11-12 10:02 . 2013-11-12 10:02 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-11-12 10:02 . 2013-11-12 10:02 194048 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-11-12 10:02 . 2013-11-12 10:02 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2013-11-12 10:02 . 2013-11-12 10:02 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll 2013-11-12 10:02 . 2013-11-12 10:02 62464 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-11-12 10:02 . 2013-11-12 10:02 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll 2013-11-12 10:02 . 2013-11-12 10:02 337408 ----a-w- c:\windows\SysWow64\html.iec 2013-11-12 10:02 . 2013-11-12 10:02 235008 ----a-w- c:\windows\system32\elshyph.dll 2013-11-12 10:02 . 2013-11-12 10:02 182272 ----a-w- c:\windows\SysWow64\msls31.dll 2013-11-12 10:02 . 2013-11-12 10:02 1818112 ----a-w- c:\windows\SysWow64\wininet.dll 2013-11-12 10:02 . 2013-11-12 10:02 61952 ----a-w- c:\windows\SysWow64\iesetup.dll 2013-11-12 10:02 . 2013-11-12 10:02 454656 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-11-12 10:02 . 2013-11-12 10:02 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb 2013-11-12 10:02 . 2013-11-12 10:02 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-11-12 10:02 . 2013-11-12 10:02 1926656 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-11-12 10:02 . 2013-11-12 10:02 151552 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-11-12 10:02 . 2013-11-12 10:02 139264 ----a-w- c:\windows\SysWow64\wextract.exe 2013-11-12 10:02 . 2013-11-12 10:02 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-11-12 10:02 . 2013-11-12 10:02 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-11-12 10:02 . 2013-11-12 10:02 942592 ----a-w- c:\windows\system32\jsIntl.dll 2013-11-12 10:02 . 2013-11-12 10:02 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll 2013-11-12 10:02 . 2013-11-12 10:02 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2013-11-12 10:02 . 2013-11-12 10:02 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-11-12 10:02 . 2013-11-12 10:02 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll 2013-11-12 10:02 . 2013-11-12 10:02 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll 2013-11-12 10:02 . 2013-11-12 10:02 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll 2013-11-12 10:02 . 2013-11-12 10:02 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-11-12 10:02 . 2013-11-12 10:02 4240384 ----a-w- c:\windows\SysWow64\jscript9.dll 2013-11-12 10:02 . 2013-11-12 10:02 36352 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-11-12 10:02 . 2013-11-12 10:02 247808 ----a-w- c:\windows\system32\msls31.dll 2013-11-12 10:02 . 2013-11-12 10:02 2332160 ----a-w- c:\windows\system32\wininet.dll 2013-11-12 10:02 . 2013-11-12 10:02 1394176 ----a-w- c:\windows\system32\urlmon.dll 2013-11-12 10:02 . 2013-11-12 10:02 13312 ----a-w- c:\windows\SysWow64\mshta.exe 2013-11-12 10:02 . 2013-11-12 10:02 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-11-12 10:02 . 2013-11-12 10:02 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-11-12 10:02 . 2013-11-12 10:02 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-11-12 10:02 . 2013-11-12 10:02 708608 ----a-w- c:\windows\system32\jscript9diag.dll 2013-11-12 10:02 . 2013-11-12 10:02 5765120 ----a-w- c:\windows\system32\jscript9.dll 2013-11-12 10:02 . 2013-11-12 10:02 574976 ----a-w- c:\windows\system32\ieui.dll 2013-11-12 10:02 . 2013-11-12 10:02 53760 ----a-w- c:\windows\system32\jsproxy.dll 2013-11-12 10:02 . 2013-11-12 10:02 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-11-12 10:02 . 2013-11-12 10:02 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-11-12 10:02 . 2013-11-12 10:02 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll 2013-11-12 10:02 . 2013-11-12 10:02 2764288 ----a-w- c:\windows\system32\iertutil.dll 2013-11-12 10:02 . 2013-11-12 10:02 195584 ----a-w- c:\windows\system32\msrating.dll 2013-11-12 10:02 . 2013-11-12 10:02 13312 ----a-w- c:\windows\system32\msfeedssync.exe 2013-11-12 10:02 . 2013-11-12 10:02 131072 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-11-12 10:02 . 2013-11-12 10:02 12995584 ----a-w- c:\windows\system32\ieframe.dll 2013-11-12 10:02 . 2013-11-12 10:02 105984 ----a-w- c:\windows\system32\iesysprep.dll 2013-11-12 10:02 . 2013-11-12 10:02 84992 ----a-w- c:\windows\system32\mshtmled.dll 2013-11-12 10:02 . 2013-11-12 10:02 83968 ----a-w- c:\windows\system32\MshtmlDac.dll 2013-11-12 10:02 . 2013-11-12 10:02 817664 ----a-w- c:\windows\system32\ieapfltr.dll 2013-11-12 10:02 . 2013-11-12 10:02 81408 ----a-w- c:\windows\system32\icardie.dll 2013-11-12 10:02 . 2013-11-12 10:02 774144 ----a-w- c:\windows\system32\jscript.dll 2013-11-12 10:02 . 2013-11-12 10:02 66048 ----a-w- c:\windows\system32\iesetup.dll 2013-11-12 10:02 . 2013-11-12 10:02 626176 ----a-w- c:\windows\system32\msfeeds.dll 2013-11-12 10:02 . 2013-11-12 10:02 62464 ----a-w- c:\windows\system32\pngfilt.dll 2013-11-12 10:02 . 2013-11-12 10:02 616104 ----a-w- c:\windows\system32\ieapfltr.dat 2013-11-12 10:02 . 2013-11-12 10:02 548352 ----a-w- c:\windows\system32\vbscript.dll 2013-11-12 10:02 . 2013-11-12 10:02 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll 2013-11-12 10:02 . 2013-11-12 10:02 453120 ----a-w- c:\windows\system32\dxtmsft.dll 2013-11-12 10:02 . 2013-11-12 10:02 413696 ----a-w- c:\windows\system32\html.iec 2013-11-12 10:02 . 2013-11-12 10:02 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll 2013-11-12 10:02 . 2013-11-12 10:02 33792 ----a-w- c:\windows\system32\iernonce.dll 2013-11-12 10:02 . 2013-11-12 10:02 30208 ----a-w- c:\windows\system32\licmgr10.dll 2013-11-12 10:02 . 2013-11-12 10:02 296960 ----a-w- c:\windows\system32\dxtrans.dll 2013-11-12 10:02 . 2013-11-12 10:02 2724864 ----a-w- c:\windows\system32\mshtml.tlb 2013-11-12 10:02 . 2013-11-12 10:02 263376 ----a-w- c:\windows\system32\iedkcs32.dll 2013-11-12 10:02 . 2013-11-12 10:02 243200 ----a-w- c:\windows\system32\webcheck.dll 2013-11-12 10:02 . 2013-11-12 10:02 235520 ----a-w- c:\windows\system32\url.dll 2013-11-12 10:02 . 2013-11-12 10:02 23212032 ----a-w- c:\windows\system32\mshtml.dll 2013-11-12 10:02 . 2013-11-12 10:02 218624 ----a-w- c:\windows\system32\ie4uinit.exe 2013-11-12 10:02 . 2013-11-12 10:02 1993728 ----a-w- c:\windows\system32\inetcpl.cpl 2013-11-12 10:02 . 2013-11-12 10:02 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-11-12 10:02 . 2013-11-12 10:02 147968 ----a-w- c:\windows\system32\occache.dll 2013-11-12 10:02 . 2013-11-12 10:02 143872 ----a-w- c:\windows\system32\wextract.exe 2013-11-12 10:02 . 2013-11-12 10:02 139264 ----a-w- c:\windows\system32\ieUnatt.exe 2013-11-12 10:02 . 2013-11-12 10:02 13824 ----a-w- c:\windows\system32\mshta.exe 2013-11-12 10:02 . 2013-11-12 10:02 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-11-12 10:02 . 2013-11-12 10:02 111616 ----a-w- c:\windows\system32\ieetwcollector.exe 2013-11-12 10:02 . 2013-11-12 10:02 101376 ----a-w- c:\windows\system32\inseng.dll 2013-11-12 10:02 . 2013-11-12 10:02 48128 ----a-w- c:\windows\system32\imgutil.dll 2013-11-12 10:02 . 2013-11-12 10:02 135680 ----a-w- c:\windows\system32\iepeers.dll 2013-02-03 21:47 . 2013-02-03 21:47 3695104 ----a-w- c:\program files\MyMorph.msi . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2014-01-17 759496] "Clock Widget (HTC Home)"="c:\program files (x86)\HTC Home\Clock.exe" [2011-11-28 2036736] "Akamai NetSession Interface"="c:\users\Computer\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\winpatrol.exe" [2013-07-15 436800] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-01-15 6563608] "uTorrent"="c:\users\Computer\AppData\Roaming\uTorrent\uTorrent.exe" [2013-11-18 900440] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "WD Quick View"="c:\program files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" [2012-09-20 5236664] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904] . c:\users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ AVG 2014.lnk - c:\program files (x86)\AVG\AVG2014\avgui.exe [2013-11-7 4956176] PMS.exe - Shortcut.lnk - c:\program files (x86)\PS3 Media Server\PMS.exe [2013-6-2 432754] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk * . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x] R3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys;c:\windows\SYSNATIVE\DRIVERS\PSKMAD.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x] S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x] S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x] S0 BootDefragDriver;BootDefragDriver;c:\windows\System32\drivers\BootDefragDriver.sys;c:\windows\SYSNATIVE\drivers\BootDefragDriver.sys [x] S0 pxscan;pxscan;c:\windows\System32\drivers\pxscan.sys;c:\windows\SYSNATIVE\drivers\pxscan.sys [x] S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys;c:\windows\SYSNATIVE\DRIVERS\vsflt53.sys [x] S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x] S1 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys;c:\windows\SYSNATIVE\drivers\pxrts.sys [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x] S2 CSIScanner;CSIScanner;c:\program files\Prevx\prevx.exe;c:\program files\Prevx\prevx.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x] S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x] S2 WDRulesService;WD Rules;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 pxkbf;pxkbf;c:\windows\system32\drivers\pxkbf.sys;c:\windows\SYSNATIVE\drivers\pxkbf.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2014-02-08 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 04:06] . 2014-02-08 c:\windows\Tasks\GlaryInitialize 4.job - c:\program files (x86)\Glary Utilities 4\Initialize.exe [2014-01-22 01:15] . 2014-02-08 c:\windows\Tasks\SoftwareUpdateGU4.job - c:\program files (x86)\Glary Utilities 4\SoftwareUpdate.exe [2014-01-22 01:16] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-25 12681320] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uInternet Settings,ProxyOverride = <local> IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - c:\users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\seqt1rfb.default-1375319201542\ FF - ExtSQL: !HIDDEN! 2013-02-14 14:32; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2076531169-1431096708-2343149639-1004_Classes\{057C7771-F320-4C2A-A2EA-747945FA82F2}*] @Allowed: (Read) (RestrictedCode) @=hex:5b,56,a8,86,b8,5f,ce,01 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{057C7771-F320-4C2A-A2EA-747945FA82F2}*] @=hex:52,9a,62,41,b6,5f,ce,01 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{47BF077C-44C6-42B1-8F88-ADE2585DD2ED}*] @=hex:b8,b4,9a,10,b6,5f,ce,01 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{97A98033-9FA1-4E80-A339-59787B43CC89}*] @=hex:48,46,c1,12,b6,5f,ce,01 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{A82EB336-567D-4F41-A63E-8113AD8B6903}*] @=hex:5c,23,14,ee,b5,5f,ce,01 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe c:\program files (x86)\Glary Utilities 4\Integrator.exe . ************************************************************************** . Completion time: 2014-02-08 14:57:33 - machine was rebooted ComboFix-quarantined-files.txt 2014-02-08 19:57 ComboFix2.txt 2014-02-01 22:15 . Pre-Run: 907,907,170,304 bytes free Post-Run: 907,526,664,192 bytes free . - - End Of File - - 1A18C5AB224254B584AC7F44121D1BF9 A36C5E4F47E84449FF07ED3517B43A31
  8. What is Post 7?
  9. OK Thank You for all the Help and peace of mind.
  10. Did the Combofix log I attached find anything if not all seems to be OK but this is the second time the sort of thing happened and not sure what is causing it.
  11. ComboFix 14-02-01.01 - Computer 02/01/2014 16:57:12.1.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8174.4339 [GMT -5:00] Running from: c:\users\Computer\Desktop\ComboFix.exe AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Computer\AppData\Local\Temp\jna4802803320984137772.dll c:\windows\SysWow64\conhost.exe c:\windows\SysWow64\dwm.exe c:\windows\SysWow64\lsm.exe c:\windows\SysWow64\nvvsvc.exe c:\windows\SysWow64\spoolsv.exe c:\windows\SysWow64\taskhost.exe . . ((((((((((((((((((((((((( Files Created from 2014-01-01 to 2014-02-01 ))))))))))))))))))))))))))))))) . . 2014-02-01 22:04 . 2014-02-01 22:04 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2014-01-29 17:36 . 2014-01-29 18:17 -------- d-----w- C:\AdwCleaner 2014-01-27 18:58 . 2014-01-27 18:58 -------- d-----w- c:\users\Computer\AppData\Roaming\NVIDIA 2014-01-25 01:46 . 2014-01-22 01:16 117024 ----a-w- c:\windows\system32\BootDefrag.exe 2014-01-25 01:46 . 2014-01-22 01:09 17088 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys 2014-01-25 01:08 . 2014-01-25 01:08 -------- d-----w- c:\program files (x86)\Reg Organizer 2014-01-23 21:58 . 2013-06-12 18:10 33512 ----a-w- c:\windows\system32\drivers\DasPtct.SYS 2014-01-15 14:05 . 2013-12-19 02:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-01-25 03:22 . 2012-04-16 06:10 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-01-25 03:22 . 2012-04-16 06:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-11-14 10:02 . 2012-04-12 07:23 82896128 ----a-w- c:\windows\system32\MRT.exe 2013-11-12 10:02 . 2013-11-12 10:02 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-11-12 10:02 . 2013-11-12 10:02 194048 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-11-12 10:02 . 2013-11-12 10:02 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2013-11-12 10:02 . 2013-11-12 10:02 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll 2013-11-12 10:02 . 2013-11-12 10:02 62464 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-11-12 10:02 . 2013-11-12 10:02 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll 2013-11-12 10:02 . 2013-11-12 10:02 337408 ----a-w- c:\windows\SysWow64\html.iec 2013-11-12 10:02 . 2013-11-12 10:02 235008 ----a-w- c:\windows\system32\elshyph.dll 2013-11-12 10:02 . 2013-11-12 10:02 182272 ----a-w- c:\windows\SysWow64\msls31.dll 2013-11-12 10:02 . 2013-11-12 10:02 1818112 ----a-w- c:\windows\SysWow64\wininet.dll 2013-11-12 10:02 . 2013-11-12 10:02 61952 ----a-w- c:\windows\SysWow64\iesetup.dll 2013-11-12 10:02 . 2013-11-12 10:02 454656 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-11-12 10:02 . 2013-11-12 10:02 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb 2013-11-12 10:02 . 2013-11-12 10:02 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-11-12 10:02 . 2013-11-12 10:02 1926656 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-11-12 10:02 . 2013-11-12 10:02 151552 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-11-12 10:02 . 2013-11-12 10:02 139264 ----a-w- c:\windows\SysWow64\wextract.exe 2013-11-12 10:02 . 2013-11-12 10:02 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-11-12 10:02 . 2013-11-12 10:02 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-11-12 10:02 . 2013-11-12 10:02 942592 ----a-w- c:\windows\system32\jsIntl.dll 2013-11-12 10:02 . 2013-11-12 10:02 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll 2013-11-12 10:02 . 2013-11-12 10:02 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2013-11-12 10:02 . 2013-11-12 10:02 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-11-12 10:02 . 2013-11-12 10:02 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll 2013-11-12 10:02 . 2013-11-12 10:02 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll 2013-11-12 10:02 . 2013-11-12 10:02 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll 2013-11-12 10:02 . 2013-11-12 10:02 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-11-12 10:02 . 2013-11-12 10:02 4240384 ----a-w- c:\windows\SysWow64\jscript9.dll 2013-11-12 10:02 . 2013-11-12 10:02 36352 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-11-12 10:02 . 2013-11-12 10:02 247808 ----a-w- c:\windows\system32\msls31.dll 2013-11-12 10:02 . 2013-11-12 10:02 2332160 ----a-w- c:\windows\system32\wininet.dll 2013-11-12 10:02 . 2013-11-12 10:02 1394176 ----a-w- c:\windows\system32\urlmon.dll 2013-11-12 10:02 . 2013-11-12 10:02 13312 ----a-w- c:\windows\SysWow64\mshta.exe 2013-11-12 10:02 . 2013-11-12 10:02 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-11-12 10:02 . 2013-11-12 10:02 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-11-12 10:02 . 2013-11-12 10:02 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-11-12 10:02 . 2013-11-12 10:02 708608 ----a-w- c:\windows\system32\jscript9diag.dll 2013-11-12 10:02 . 2013-11-12 10:02 5765120 ----a-w- c:\windows\system32\jscript9.dll 2013-11-12 10:02 . 2013-11-12 10:02 574976 ----a-w- c:\windows\system32\ieui.dll 2013-11-12 10:02 . 2013-11-12 10:02 53760 ----a-w- c:\windows\system32\jsproxy.dll 2013-11-12 10:02 . 2013-11-12 10:02 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-11-12 10:02 . 2013-11-12 10:02 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-11-12 10:02 . 2013-11-12 10:02 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll 2013-11-12 10:02 . 2013-11-12 10:02 2764288 ----a-w- c:\windows\system32\iertutil.dll 2013-11-12 10:02 . 2013-11-12 10:02 195584 ----a-w- c:\windows\system32\msrating.dll 2013-11-12 10:02 . 2013-11-12 10:02 13312 ----a-w- c:\windows\system32\msfeedssync.exe 2013-11-12 10:02 . 2013-11-12 10:02 131072 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-11-12 10:02 . 2013-11-12 10:02 12995584 ----a-w- c:\windows\system32\ieframe.dll 2013-11-12 10:02 . 2013-11-12 10:02 105984 ----a-w- c:\windows\system32\iesysprep.dll 2013-11-12 10:02 . 2013-11-12 10:02 84992 ----a-w- c:\windows\system32\mshtmled.dll 2013-11-12 10:02 . 2013-11-12 10:02 83968 ----a-w- c:\windows\system32\MshtmlDac.dll 2013-11-12 10:02 . 2013-11-12 10:02 817664 ----a-w- c:\windows\system32\ieapfltr.dll 2013-11-12 10:02 . 2013-11-12 10:02 81408 ----a-w- c:\windows\system32\icardie.dll 2013-11-12 10:02 . 2013-11-12 10:02 774144 ----a-w- c:\windows\system32\jscript.dll 2013-11-12 10:02 . 2013-11-12 10:02 66048 ----a-w- c:\windows\system32\iesetup.dll 2013-11-12 10:02 . 2013-11-12 10:02 626176 ----a-w- c:\windows\system32\msfeeds.dll 2013-11-12 10:02 . 2013-11-12 10:02 62464 ----a-w- c:\windows\system32\pngfilt.dll 2013-11-12 10:02 . 2013-11-12 10:02 616104 ----a-w- c:\windows\system32\ieapfltr.dat 2013-11-12 10:02 . 2013-11-12 10:02 548352 ----a-w- c:\windows\system32\vbscript.dll 2013-11-12 10:02 . 2013-11-12 10:02 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll 2013-11-12 10:02 . 2013-11-12 10:02 453120 ----a-w- c:\windows\system32\dxtmsft.dll 2013-11-12 10:02 . 2013-11-12 10:02 413696 ----a-w- c:\windows\system32\html.iec 2013-11-12 10:02 . 2013-11-12 10:02 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll 2013-11-12 10:02 . 2013-11-12 10:02 33792 ----a-w- c:\windows\system32\iernonce.dll 2013-11-12 10:02 . 2013-11-12 10:02 30208 ----a-w- c:\windows\system32\licmgr10.dll 2013-11-12 10:02 . 2013-11-12 10:02 296960 ----a-w- c:\windows\system32\dxtrans.dll 2013-11-12 10:02 . 2013-11-12 10:02 2724864 ----a-w- c:\windows\system32\mshtml.tlb 2013-11-12 10:02 . 2013-11-12 10:02 263376 ----a-w- c:\windows\system32\iedkcs32.dll 2013-11-12 10:02 . 2013-11-12 10:02 243200 ----a-w- c:\windows\system32\webcheck.dll 2013-11-12 10:02 . 2013-11-12 10:02 235520 ----a-w- c:\windows\system32\url.dll 2013-11-12 10:02 . 2013-11-12 10:02 23212032 ----a-w- c:\windows\system32\mshtml.dll 2013-11-12 10:02 . 2013-11-12 10:02 218624 ----a-w- c:\windows\system32\ie4uinit.exe 2013-11-12 10:02 . 2013-11-12 10:02 1993728 ----a-w- c:\windows\system32\inetcpl.cpl 2013-11-12 10:02 . 2013-11-12 10:02 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-11-12 10:02 . 2013-11-12 10:02 147968 ----a-w- c:\windows\system32\occache.dll 2013-11-12 10:02 . 2013-11-12 10:02 143872 ----a-w- c:\windows\system32\wextract.exe 2013-11-12 10:02 . 2013-11-12 10:02 139264 ----a-w- c:\windows\system32\ieUnatt.exe 2013-11-12 10:02 . 2013-11-12 10:02 13824 ----a-w- c:\windows\system32\mshta.exe 2013-11-12 10:02 . 2013-11-12 10:02 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-11-12 10:02 . 2013-11-12 10:02 111616 ----a-w- c:\windows\system32\ieetwcollector.exe 2013-11-12 10:02 . 2013-11-12 10:02 101376 ----a-w- c:\windows\system32\inseng.dll 2013-11-12 10:02 . 2013-11-12 10:02 48128 ----a-w- c:\windows\system32\imgutil.dll 2013-11-12 10:02 . 2013-11-12 10:02 135680 ----a-w- c:\windows\system32\iepeers.dll 2013-11-06 02:55 . 2013-11-06 02:55 150808 ----a-w- c:\windows\system32\drivers\avgdiska.sys 2013-11-05 02:52 . 2013-11-05 02:52 240920 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys 2013-02-03 21:47 . 2013-02-03 21:47 3695104 ----a-w- c:\program files\MyMorph.msi . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2014-01-17 759496] "Clock Widget (HTC Home)"="c:\program files (x86)\HTC Home\Clock.exe" [2011-11-28 2036736] "Akamai NetSession Interface"="c:\users\Computer\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\winpatrol.exe" [2013-07-15 436800] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-01-15 6563608] "uTorrent"="c:\users\Computer\AppData\Roaming\uTorrent\uTorrent.exe" [2013-11-18 900440] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "WD Quick View"="c:\program files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" [2012-09-20 5236664] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904] . c:\users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ PMS.exe - Shortcut.lnk - c:\program files (x86)\PS3 Media Server\PMS.exe [2013-6-2 432754] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk * . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x] R3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys;c:\windows\SYSNATIVE\DRIVERS\PSKMAD.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x] S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x] S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x] S0 BootDefragDriver;BootDefragDriver;c:\windows\System32\drivers\BootDefragDriver.sys;c:\windows\SYSNATIVE\drivers\BootDefragDriver.sys [x] S0 pxscan;pxscan;c:\windows\System32\drivers\pxscan.sys;c:\windows\SYSNATIVE\drivers\pxscan.sys [x] S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys;c:\windows\SYSNATIVE\DRIVERS\vsflt53.sys [x] S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x] S1 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys;c:\windows\SYSNATIVE\drivers\pxrts.sys [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x] S2 CSIScanner;CSIScanner;c:\program files\Prevx\prevx.exe;c:\program files\Prevx\prevx.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x] S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x] S2 WDRulesService;WD Rules;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 pxkbf;pxkbf;c:\windows\system32\drivers\pxkbf.sys;c:\windows\SYSNATIVE\drivers\pxkbf.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2014-01-28 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 03:22] . 2014-02-01 c:\windows\Tasks\GlaryInitialize 4.job - c:\program files (x86)\Glary Utilities 4\Initialize.exe [2014-01-22 01:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-25 12681320] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uInternet Settings,ProxyOverride = <local> IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - c:\users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\seqt1rfb.default-1375319201542\ FF - ExtSQL: !HIDDEN! 2013-02-14 14:32; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKCU-Run-AVG-Secure-Search-Update_0214c - c:\users\Computer\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start AddRemove-Coupon Printer for Windows5.0.0.4 - c:\program files (x86)\Coupons\uninstall.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2076531169-1431096708-2343149639-1004_Classes\{057C7771-F320-4C2A-A2EA-747945FA82F2}*] @Allowed: (Read) (RestrictedCode) @=hex:5b,56,a8,86,b8,5f,ce,01 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{057C7771-F320-4C2A-A2EA-747945FA82F2}*] @=hex:52,9a,62,41,b6,5f,ce,01 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{47BF077C-44C6-42B1-8F88-ADE2585DD2ED}*] @=hex:b8,b4,9a,10,b6,5f,ce,01 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{97A98033-9FA1-4E80-A339-59787B43CC89}*] @=hex:48,46,c1,12,b6,5f,ce,01 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{A82EB336-567D-4F41-A63E-8113AD8B6903}*] @=hex:5c,23,14,ee,b5,5f,ce,01 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe . ************************************************************************** . Completion time: 2014-02-01 17:15:30 - machine was rebooted ComboFix-quarantined-files.txt 2014-02-01 22:15 . Pre-Run: 907,358,298,112 bytes free Post-Run: 907,021,512,704 bytes free . - - End Of File - - 543CCD34F32143891C15B27A3362F2C3 A36C5E4F47E84449FF07ED3517B43A31
  12. Here are the files. AdwCleaner{RO}.txt # AdwCleaner v3.018 - Report created 29/01/2014 at 13:11:28 # Updated 28/01/2014 by Xplode # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) # Username : Computer - VICTOR-PC # Running from : C:\Users\Computer\Desktop\adwcleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\adfcv2w1.default\searchplugins\avg-secure-search.xml Folder Found : C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh Folder Found : C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\phogapapkjenakenccmiinkeonkiidle Folder Found C:\Program Files (x86)\sweetpacks bundle uninstaller ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\IM Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : [x64] HKCU\Software\Conduit Key Found : [x64] HKCU\Software\IM Key Found : HKLM\Software\AVG Security Toolbar Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKLM\Software\Conduit Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_voice-desktop-clock_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_voice-desktop-clock_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v26.0 (en-US) [ File : C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\adfcv2w1.default\prefs.js ] [ File : C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\gu4vk7c7.default\prefs.js ] [ File : C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\seqt1rfb.default-1375319201542\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [3289 octets] - [29/01/2014 13:11:28] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3349 octets] ########## AdwCleaner{SO}.txt # AdwCleaner v3.018 - Report created 29/01/2014 at 13:17:08 # Updated 28/01/2014 by Xplode # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) # Username : Computer - VICTOR-PC # Running from : C:\Users\Computer\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files (x86)\sweetpacks bundle uninstaller Folder Deleted : C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh Folder Deleted : C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\phogapapkjenakenccmiinkeonkiidle File Deleted : C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\adfcv2w1.default\searchplugins\avg-secure-search.xml ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_voice-desktop-clock_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_voice-desktop-clock_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\IM Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\Conduit ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v26.0 (en-US) [ File : C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\adfcv2w1.default\prefs.js ] [ File : C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\gu4vk7c7.default\prefs.js ] [ File : C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\seqt1rfb.default-1375319201542\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [3453 octets] - [29/01/2014 13:11:28] AdwCleaner[s0].txt - [3335 octets] - [29/01/2014 13:17:08] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3395 octets] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.0 (01.07.2014:1) OS: Windows 7 Ultimate x64 Ran by Computer on Wed 01/29/2014 at 13:24:37.84 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441193} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441193} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\Computer\AppData\Roaming\getrighttogo" Successfully deleted: [Folder] "C:\Program Files (x86)\coupons" ~~~ FireFox Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\gystqfr@ylgga.com" Emptied folder: C:\Users\Computer\AppData\Roaming\mozilla\firefox\profiles\seqt1rfb.default-1375319201542\minidumps [28 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Wed 01/29/2014 at 13:34:14.23 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  13. First I have noticed that my AVG anti virus program was turned off in addition to the daily scan. I tried to do an update and it failed. Than when I clicked on certain websites that I visit daily they wouldn't load. I tried to download free anti virus scans but some would download some wouldn't. Even if a scan downloaded it would scan. Bitdefender Quick Scan page loaded but the scan button would not work. Than all of a sudden I was able to update my anti virus and everything back to normal. I am worried that someone has gained control of my PC and is entering and exiting at will. (paranoid effect lol) staff said to still post here so I am. Malwarebytes Quick scan Results: Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Database version: v2014.01.27.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 Computer :: VICTOR-PC [administrator] Protection: Enabled 1/27/2014 3:41:48 PM mbam-log-2014-01-27 (15-41-48).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 258385 Time elapsed: 3 minute(s), 38 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) DDS.txt: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.51.2 Run by Computer at 15:51:19 on 2014-01-27 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8174.4148 [GMT -5:00] . AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG2014\avgrsa.exe C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Program Files\Sandboxie\SbieSvc.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe C:\Program Files\Prevx\prevx.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe C:\Program Files (x86)\AVG\AVG2014\avgemca.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Prevx\prevx.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Sandboxie\SbieCtrl.exe C:\Program Files (x86)\HTC Home\Clock.exe C:\Users\Computer\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe C:\Users\Computer\AppData\Local\Akamai\netsession_win.exe C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE C:\Program Files (x86)\Java\jre7\bin\javaw.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Glary Utilities 4\Integrator.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe C:\Windows\system32\taskmgr.exe C:\Program Files (x86)\HTC Home\Clock.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\notepad.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uProxyOverride = <local> mWinlogon: Userinit = userinit.exe, BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" uRun: [Clock Widget (HTC Home)] "C:\Program Files (x86)\HTC Home\Clock.exe" uRun: [Akamai NetSession Interface] "C:\Users\Computer\AppData\Local\Akamai\netsession_win.exe" uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe mRun: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" StartupFolder: C:\Users\Computer\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PMSEXE~1.LNK - C:\Program Files (x86)\PS3 Media Server\PMS.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001045-0002-0045-ABCDEFFEDCBC} - <orphaned> IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.1.254 TCP: Interfaces\{50D33B4D-0B7E-4FF5-843E-DD459AF92158} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{9E4F7AC1-E126-4BF4-95B5-84E1EF954F9D} : DHCPNameServer = 192.168.42.129 TCP: Interfaces\{B8A96589-B3BF-4C37-A430-9B6F017F7228} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{C1F1B1BC-FCDF-466D-9A9D-6403E3AC379D} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{C1F1B1BC-FCDF-466D-9A9D-6403E3AC379D}\4646D2772747 : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned> x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\seqt1rfb.default-1375319201542\ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\browser\plugins\npMozCouponPrinter.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll FF - ExtSQL: !HIDDEN! 2013-02-14 14:32; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872] R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544] R0 BootDefragDriver;BootDefragDriver;C:\Windows\System32\drivers\BootDefragDriver.sys [2014-1-24 17088] R0 pxscan;pxscan;C:\Windows\System32\drivers\pxscan.sys [2012-8-31 36384] R0 vidsflt53;Acronis Disk Storage Filter (53);C:\Windows\System32\drivers\vsflt53.sys [2012-10-27 141920] R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808] R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192] R1 pxrts;pxrts;C:\Windows\System32\drivers\pxrts.sys [2012-8-31 65736] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-23 143120] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008] R2 CSIScanner;CSIScanner;C:\Program Files\Prevx\prevx.exe [2012-8-31 6724632] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-10 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-10 701512] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-2-12 1153368] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264] R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-9-19 1157056] R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-9-19 248248] R2 WDRulesService;WD Rules;C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-9-19 1177536] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-8-28 25928] R3 pxkbf;pxkbf;C:\Windows\System32\drivers\pxkbf.sys [2012-8-31 24024] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-4-12 539240] R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2014-1-17 202600] R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-12 111616] S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776] S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2012-9-9 97040] S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 PSKMAD;PSKMAD;C:\Windows\System32\drivers\PSKMAD.sys [2013-7-31 47632] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-25 19456] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2010-11-25 694888] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-25 57856] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-12 1255736] . =============== Created Last 30 ================ . 2014-01-27 18:58:57 -------- d-----w- C:\Users\Computer\AppData\Roaming\NVIDIA 2014-01-27 16:29:15 -------- d-----w- C:\ProgramData\McAfee Security Scan 2014-01-27 16:28:32 -------- d-----w- C:\Program Files\McAfee Security Scan 2014-01-25 01:46:41 17088 ----a-w- C:\Windows\System32\drivers\BootDefragDriver.sys 2014-01-25 01:46:41 117024 ----a-w- C:\Windows\System32\BootDefrag.exe 2014-01-25 01:08:18 -------- d-----w- C:\Program Files (x86)\Reg Organizer 2014-01-23 21:58:39 33512 ----a-w- C:\Windows\System32\drivers\DasPtct.SYS 2014-01-15 14:05:42 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2014-01-01 02:54:12 -------- d-----w- C:\Program Files (x86)\Coupons . ==================== Find3M ==================== . 2014-01-25 03:22:18 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-01-25 03:22:18 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-11-28 19:15:05 0 ----a-w- C:\Windows\SysWow64\dwm.exe 2013-11-28 19:15:05 0 ----a-w- C:\Windows\SysWow64\conhost.exe 2013-11-28 19:14:57 0 ----a-w- C:\Windows\SysWow64\taskhost.exe 2013-11-28 19:14:56 0 ----a-w- C:\Windows\SysWow64\spoolsv.exe 2013-11-28 19:14:53 0 ----a-w- C:\Windows\SysWow64\winlogon.exe 2013-11-28 19:14:53 0 ----a-w- C:\Windows\SysWow64\lsm.exe 2013-11-28 19:14:41 0 ----a-w- C:\Windows\SysWow64\smss.exe 2013-11-28 19:14:41 0 ----a-w- C:\Windows\SysWow64\services.exe 2013-11-28 19:14:41 0 ----a-w- C:\Windows\SysWow64\nvvsvc.exe 2013-11-28 19:14:41 0 ----a-w- C:\Windows\SysWow64\lsass.exe 2013-11-28 19:14:41 0 ----a-w- C:\Windows\SysWow64\csrss.exe 2013-11-06 02:55:48 150808 ----a-w- C:\Windows\System32\drivers\avgdiska.sys 2013-11-05 02:52:42 240920 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys 2013-11-01 04:00:18 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys 2013-11-01 03:49:46 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys 2013-02-03 21:47:20 3695104 ----a-w- C:\Program Files\MyMorph.msi . ============= FINISH: 15:51:52.99 =============== Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 4/12/2012 1:07:01 AM System Uptime: 1/27/2014 10:41:51 AM (5 hours ago) . Motherboard: ASUSTeK Computer INC. | | M5A78L-M LX PLUS Processor: AMD FX-4100 Quad-Core Processor | AM3R2 | 3600/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 931 GiB total, 840.897 GiB free. D: is CDROM () E: is FIXED (NTFS) - 2794 GiB total, 804.55 GiB free. F: is FIXED (NTFS) - 1863 GiB total, 310.098 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP197: 1/12/2014 2:31:33 AM - Scheduled Checkpoint RP198: 1/15/2014 9:03:50 AM - Installed Java 7 Update 51 RP199: 1/23/2014 12:14:21 AM - Scheduled Checkpoint . ==== Installed Programs ====================== . µTorrent 4500_Help 4Videosoft MKV Video Converter 64 Bit HP CIO Components Installer 7-Zip 9.20 (x64 edition) Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 12 Plugin Adobe Reader XI (11.0.06) MUI Akamai NetSession Interface Asus 802.11n Network Adapter ATI Catalyst Install Manager AVG 2014 AVIcodec (remove only) Awesome Duplicate Photo Finder v. 1.1 Belarc Advisor 8.2 bpd_scan BPDSoftware BPDSoftware_Ini BufferChm CCleaner ConvertHelper 2.2 Coupon Printer for Windows CPUID CPU-Z 1.61.3 Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition Destinations DeviceDiscovery DivX Setup DocMgr DocProc ESET Online Scanner v3 Fax ffdshow x64 v1.3.4500 [2013-01-06] File Renamer - Basic Glary Utilities 4.5 GPBaseService2 HP Document Manager 2.0 HP Imaging Device Functions 13.0 HP Photosmart Essential 3.5 HP Smart Web Printing 4.51 HP Solution Center 13.0 HP Update HPDiagnosticAlert HPPhotoSmartDiscLabelContent1 HPPhotosmartEssential HPProductAssistant HPSSupply HTC BMP USB Driver HTC Home Apis J4500 Java 7 Update 51 Java Auto Updater Malwarebytes Anti-Malware version 1.75.0.1300 McAfee Security Scan Plus Microsoft .NET Framework 4.5.1 Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 mkv2vob Mozilla Firefox 26.0 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) MyMorph NVIDIA 3D Vision Controller Driver 306.97 NVIDIA 3D Vision Driver 311.06 NVIDIA Control Panel 311.06 NVIDIA Graphics Driver 311.06 NVIDIA HD Audio Driver 1.3.18.0 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.12.0604 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.11.3 NVIDIA Update Components OCR Software by I.R.I.S. 13.0 Officejet J4500 Series Panda Cloud Cleaner Prevx ProductContext PS3 Media Server PS3 Video Converter Box Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Reg Organizer version 6.11 Sandboxie 4.08 (64-bit) Scan Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 64-Bit Edition Security Update for Microsoft Outlook 2010 (KB2837597) 64-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition Shop for HP Supplies Skype Click to Call Skype™ 6.6 SlimCleaner SmartWebPrinting SolutionCenter Spybot - Search & Destroy SpywareBlaster 5.0 Status SUPERAntiSpyware Toolbox TrayApp TVersity Codec Pack 1.7 TweakUAC Unlocker 1.9.1 Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition Update for Microsoft Word 2010 (KB2827323) 64-Bit Edition VC80CRTRedist - 8.0.50727.6195 Visual Studio 2008 x64 Redistributables Visual Studio 2010 x64 Redistributables Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables VLC media player 2.1.2 WD SmartWare WebReg Windows Media Player Firefox Plugin WinPatrol WinRAR 4.20 (64-bit) Xiph.Org Open Codecs 0.85.17777 . ==== Event Viewer Messages From Past Week ======== . 1/27/2014 9:48:24 AM, Error: Application Popup [1060] - \SystemRoot\System32\DRIVERS\PSKMAD.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 1/27/2014 11:40:58 AM, Error: Service Control Manager [7034] - The McAfee Security Scan Component Host Service service terminated unexpectedly. It has done this 1 time(s). 1/27/2014 10:44:52 AM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 1/27/2014 10:44:52 AM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure. 1/27/2014 10:44:00 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 1/27/2014 10:44:00 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. 1/27/2014 10:40:51 AM, Error: Service Control Manager [7000] - The CSIScanner service failed to start due to the following error: The pipe has been ended. 1/27/2014 10:40:41 AM, Error: Service Control Manager [7031] - The CSIScanner service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 1/27/2014 1:53:58 PM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107. 1/27/2014 1:53:58 PM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. 1/24/2014 9:02:02 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. 1/24/2014 10:21:06 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. . ==== End Of File ===========================
  14. Don't know what happened but all of a sudden everything is back to normal not sure if I should proceed
  15. I am trying to download free virus scanners ant either the webpage will not open or for quicksan bitdefender i cannot even hit the scan button on the webpage. Was able to downlaod Mccaffe Security Scan but when I checked the read and accept option it froze. What is going on how big of an issue do I have?