Jump to content


Photo

Bad Image Error Messages


  • This topic is locked This topic is locked
21 replies to this topic

#1 CharlesSmith899

CharlesSmith899

    Member

  • Members
  • 11 posts

Posted 20 October 2012 - 03:06 PM

I have had this problem for about a year, and (stupid me) have only started trying to solve it about a little while ago, as it seems that this error is impacting the speed of the computer. Upon opening most programs (and on startup/shutdown). I get error messages saying "C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll is either not designed to run on Windows or it contains an error. Try installing the program again using the original installation media or contact you system administrator or software vendor for support." The part of the error report that differs is the .exe file. Here is the DDS Log: DDS (Ver_2012-10-19.01) - NTFS_AMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.9.2 Run by Charles at 15:46:58 on 2012-10-20 #Option Extended Search is enabled. Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4095.1217 [GMT -4:00] . AV: Lavasoft Ad-Aware *Enabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800} AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: Lavasoft Ad-Aware *Enabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Spybot - Search and Destroy *Disabled/Updated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\WUDFHost.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookSvc.exe C:\Program Files (x86)\SensorsViewPro41\svservice.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe C:\Program Files (x86)\AVG\AVG2012\avgemca.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Windows\system32\atieclxx.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Media Player\WMPSideShowGadget.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDPictureViewer.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDYT.exe C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDMovieViewer.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDWebCam.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\PROGRA~2\AD-AWA~1\AdAware.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\GOG.com\GOG.com Downloader.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Windows\system32\LogonUI.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank uURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\prxtbSof0.dll uURLSearchHooks: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll mURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\prxtbSof0.dll dURLSearchHooks: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\prxtbSof0.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO: PodcastBHO Class: {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll BHO: UrlHelper Class: {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: Softonic-Eng7 Toolbar: {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files (x86)\Softonic-Eng7\prxtbSof0.dll TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file> TB: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\prxtbSof0.dll TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll uRun: [AROReminder] C:\Program Files (x86)\Advanced Registry Optimizer\ARO.exe -rem uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent uRun: [SensorsView] C:\Program Files (x86)\SensorsViewPro41\sviewpro.exe uRun: [InstallIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe uRunOnce: [SpybotDeletingB172] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\data.xml" uRunOnce: [SpybotDeletingD8483] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\data.xml" uRunOnce: [SpybotDeletingB2585] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\iqu.ini" uRunOnce: [SpybotDeletingD7300] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\iqu.ini" uRunOnce: [SpybotDeletingB1980] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\IQUMessageDlg.xsl" uRunOnce: [SpybotDeletingD9027] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\IQUMessageDlg.xsl" uRunOnce: [SpybotDeletingB4096] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\updater.log" uRunOnce: [SpybotDeletingD8660] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\updater.log" uRunOnce: [SpybotDeletingB9335] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\InstallIQ Updater.lnk" uRunOnce: [SpybotDeletingD6832] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\InstallIQ Updater.lnk" uRunOnce: [SpybotDeletingB5503] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Privacy Policy.url" uRunOnce: [SpybotDeletingD3302] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Privacy Policy.url" uRunOnce: [SpybotDeletingB6279] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Terms & Conditions.url" uRunOnce: [SpybotDeletingD4381] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Terms & Conditions.url" uRunOnce: [SpybotDeletingB3403] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Uninstall InstallIQ Updater.lnk" uRunOnce: [SpybotDeletingD2852] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Uninstall InstallIQ Updater.lnk" uRunOnce: [SpybotDeletingB2978] command.com /c del "C:\Program Files (x86)\Free Offers from Freeze.com\control.txt" uRunOnce: [SpybotDeletingD6786] cmd.exe /c del "C:\Program Files (x86)\Free Offers from Freeze.com\control.txt" uRunOnce: [SpybotDeletingB1110] command.com /c del "C:\Program Files (x86)\W3i\InstallIQUpdater\iqu.xsl" uRunOnce: [SpybotDeletingD8462] cmd.exe /c del "C:\Program Files (x86)\W3i\InstallIQUpdater\iqu.xsl" mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun: [Total Defense PC Tuneup Reminder] C:\Program Files (x86)\CA\CA PC Tune-Up\Reminder-PCTuneup.exe mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1262775310\ee\AOLSoftware.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run mRunOnce: [SpybotDeletingA3488] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\data.xml" mRunOnce: [SpybotDeletingC9095] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\data.xml" mRunOnce: [SpybotDeletingA213] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\iqu.ini" mRunOnce: [SpybotDeletingC8712] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\iqu.ini" mRunOnce: [SpybotDeletingA875] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\IQUMessageDlg.xsl" mRunOnce: [SpybotDeletingC5279] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\IQUMessageDlg.xsl" mRunOnce: [SpybotDeletingA3358] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\updater.log" mRunOnce: [SpybotDeletingC3642] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\updater.log" mRunOnce: [SpybotDeletingA9365] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\InstallIQ Updater.lnk" mRunOnce: [SpybotDeletingC2323] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\InstallIQ Updater.lnk" mRunOnce: [SpybotDeletingA5931] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Privacy Policy.url" mRunOnce: [SpybotDeletingC3550] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Privacy Policy.url" mRunOnce: [SpybotDeletingA9122] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Terms & Conditions.url" mRunOnce: [SpybotDeletingC3740] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Terms & Conditions.url" mRunOnce: [SpybotDeletingA4970] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Uninstall InstallIQ Updater.lnk" mRunOnce: [SpybotDeletingC28] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Uninstall InstallIQ Updater.lnk" mRunOnce: [SpybotDeletingA3252] command.com /c del "C:\Program Files (x86)\Free Offers from Freeze.com\control.txt" mRunOnce: [SpybotDeletingC5641] cmd.exe /c del "C:\Program Files (x86)\Free Offers from Freeze.com\control.txt" mRunOnce: [SpybotDeletingA4352] command.com /c del "C:\Program Files (x86)\W3i\InstallIQUpdater\iqu.xsl" mRunOnce: [SpybotDeletingC8421] cmd.exe /c del "C:\Program Files (x86)\W3i\InstallIQUpdater\iqu.xsl" mRunOnce: [SpybotSnD] "C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe" /autocheck StartupFolder: C:\Users\Charles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip uPolicies-Explorer: NoDriveTypeAutoRun = dword:255 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:255 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} - hxxp://utilities.pcpitstop.com/pctuneup2/controls/pctuneup.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab TCP: NameServer = 167.206.251.129 167.206.251.130 192.168.1.1 TCP: Interfaces\{6C70E1FF-FF5A-4516-A925-FE20FAD51CF4} : DHCPNameServer = 167.206.251.130 167.206.251.129 192.168.1.1 TCP: Interfaces\{7A308272-F54E-4D8C-9830-57B82510FB2F} : DHCPNameServer = 167.206.251.129 167.206.251.130 192.168.1.1 TCP: Interfaces\{7A308272-F54E-4D8C-9830-57B82510FB2F}\052594D4540525F44435 : DHCPNameServer = 167.206.251.130 167.206.251.129 192.168.1.1 TCP: Interfaces\{D758B26A-8010-4F17-B21C-1B3B3289B919}\C696E6B6379737 : DHCPNameServer = 208.59.247.45 208.59.247.46 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll Notify: SDWinLogon - SDWinLogon.dll SSODL: WebCheck - <orphaned> LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe" x64-Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" x64-Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned> x64-SSODL: WebCheck - <orphaned> Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-10-2 55856] R1 anodlwf;ANOD Network Security Filter driver;C:\Windows\System32\drivers\anodlwfx.sys [2010-7-24 15872] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-7-26 291680] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-8-24 384352] R1 hugoio64;hugoio64;C:\Program Files (x86)\i-Menu\hugoio64.sys [2009-12-28 13856] R1 SBRE;SBRE;C:\Windows\System32\drivers\sbredrv.sys [2010-6-15 57976] R1 SDHookDriver;Spybot-S&D 2 Hook Driver;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [2011-11-7 48888] R1 sensorsview;sensorsview;C:\Program Files (x86)\SensorsViewPro41\drv\sensorsview32_64.sys [2008-7-26 14544] R1 VWiFiFlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904] R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888] R2 iPodDrv;iPodDrv;C:\Windows\System32\drivers\iPodDrv.sys [2011-4-14 14952] R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2011-11-29 74872] R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-6-15 46136] R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2012-7-28 10278912] R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2012-7-27 368640] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-14 96896] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2011-12-23 124496] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008] R3 netr28ux;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;C:\Windows\System32\drivers\Dnetr28ux.sys [2010-7-24 1061888] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920] S1 Hmonitor45;Hmonitor45;C:\Windows\SysWOW64\drivers\hmonitor45.sys [2011-6-9 14544] S2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888] S3 AODDriver4.0;AODDriver4.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888] S3 athrusb6;Atheros Wireless LAN USB device driver 6 Series;C:\Windows\System32\drivers\athrxu6.sys [2007-7-5 1041920] S3 LGPBTDD;LGPBTDD.sys Display Driver;C:\Windows\System32\drivers\LGPBTDD.sys [2009-7-1 30728] S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\System32\drivers\motoandroid.sys [2009-7-10 31744] S3 RzSynapse;Razer Naga Driver;C:\Windows\System32\drivers\RzSynapse.sys [2010-4-21 73216] S3 sbhips;sbhips;C:\Windows\System32\drivers\sbhips.sys [2012-10-14 60536] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-27 59392] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688] S3 WRfiltv;WRfiltv;C:\Windows\System32\drivers\WRfiltv.sys [2009-7-31 25600] . =============== Created Last 60 ================ . 2012-10-20 15:56:21 -------- d-----w- C:\Users\Charles\AppData\Local\GOG.com 2012-10-20 15:56:12 -------- d-----w- C:\Program Files (x86)\GOG.com 2012-10-20 15:01:53 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2012-10-20 14:53:42 -------- d-----w- C:\Users\Charles\AppData\Local\adawarebp 2012-10-14 17:05:17 -------- d-----w- C:\ProgramData\Ad-Aware Antivirus 2012-10-14 16:50:17 60536 ----a-w- C:\Windows\System32\drivers\sbhips.sys 2012-10-14 16:50:16 45936 ----a-w- C:\Windows\System32\sbbd.exe 2012-10-14 16:50:13 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus 2012-10-14 16:49:38 -------- d-----w- C:\Users\Charles\AppData\Local\Downloaded Installations 2012-10-14 16:48:46 -------- d-----w- C:\ProgramData\blekko toolbars 2012-10-14 16:48:37 -------- d-----w- C:\Users\Charles\AppData\Roaming\blekko 2012-10-14 16:48:26 -------- d-----w- C:\Program Files (x86)\adawaretb 2012-10-14 16:44:27 -------- d-----w- C:\Users\Charles\AppData\Roaming\LavasoftStatistics 2012-10-14 16:42:52 -------- d-----w- C:\Users\Charles\AppData\Roaming\Ad-Aware Antivirus 2012-10-13 20:49:30 220160 ----a-w- C:\Windows\System32\wintrust.dll 2012-10-13 20:49:29 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-10-13 20:49:12 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-10-13 20:49:12 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-10-13 20:48:33 715776 ----a-w- C:\Windows\System32\kerberos.dll 2012-10-13 20:48:33 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll 2012-10-13 20:48:13 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2012-10-13 20:48:13 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-10-13 20:48:12 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-10-13 20:48:12 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-10-13 20:48:12 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-10-13 20:48:12 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-10-13 01:27:41 -------- d-----w- C:\Users\Charles\AppData\Local\SCE 2012-10-13 01:27:41 -------- d-----w- C:\Crash 2012-10-06 01:34:04 -------- d-----w- C:\Users\Charles\AppData\Local\MFAData 2012-10-06 01:34:04 -------- d-----w- C:\Users\Charles\AppData\Local\Avg2013 2012-09-29 21:02:55 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe 2012-09-23 15:15:14 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2012-09-23 15:12:37 -------- d-----w- C:\Program Files\iPod 2012-09-23 15:12:30 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2012-09-23 15:12:30 -------- d-----w- C:\Program Files\iTunes 2012-09-23 15:12:30 -------- d-----w- C:\Program Files (x86)\iTunes 2012-09-23 15:06:46 -------- d-----w- C:\Program Files\Bonjour 2012-09-23 15:06:46 -------- d-----w- C:\Program Files (x86)\Bonjour 2012-09-22 20:59:24 -------- d-----w- C:\Games 2012-09-22 20:59:18 -------- d-----w- C:\Users\Charles\AppData\Local\Package Cache 2012-09-16 23:45:54 -------- d-----w- C:\Windows\Microsoft Antimalware 2012-09-15 22:19:49 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys 2012-09-15 22:19:48 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys 2012-09-15 22:19:07 574464 ----a-w- C:\Windows\System32\d3d10level9.dll 2012-09-15 22:19:07 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2012-09-15 22:17:43 376688 ----a-w- C:\Windows\System32\drivers\netio.sys 2012-09-15 22:17:43 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-09-15 22:17:43 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-09-08 01:37:32 -------- d-----w- C:\Program Files (x86)\AMD APP 2012-09-08 00:52:15 503808 ----a-w- C:\Windows\System32\srcore.dll 2012-09-08 00:52:14 43008 ----a-w- C:\Windows\SysWow64\srclient.dll 2012-09-08 00:52:02 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-09-08 00:52:01 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-09-08 00:52:01 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-09-08 00:52:00 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll 2012-09-08 00:52:00 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2012-09-08 00:52:00 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-09-08 00:50:30 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-09-08 00:29:03 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-09-08 00:28:42 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-09-08 00:28:27 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-09-08 00:28:27 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-08-24 19:43:16 384352 ----a-w- C:\Windows\System32\drivers\avgtdia.sys . ==================== Find6M ==================== . 2012-10-13 01:21:32 821736 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2012-10-13 01:21:32 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-09-07 21:04:46 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-08-24 18:05:06 1188864 ----a-w- C:\Windows\System32\wininet.dll 2012-08-24 16:57:48 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-08-24 15:59:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2012-08-24 15:20:39 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-08-21 17:01:20 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll 2012-08-21 17:01:20 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll 2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll 2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll 2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll 2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe 2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe 2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-07-28 04:09:20 5538984 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2012-07-28 04:07:44 10278912 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2012-07-28 03:19:34 24935424 ----a-w- C:\Windows\System32\atio6axx.dll 2012-07-28 02:50:10 20546560 ----a-w- C:\Windows\SysWow64\SET67A9.tmp 2012-07-28 02:47:40 187392 ----a-w- C:\Windows\System32\clinfo.exe 2012-07-28 02:47:24 75776 ----a-w- C:\Windows\System32\OpenVideo64.dll 2012-07-28 02:47:16 65024 ----a-w- C:\Windows\SysWow64\OpenVideo.dll 2012-07-28 02:47:10 63488 ----a-w- C:\Windows\System32\OVDecode64.dll 2012-07-28 02:47:06 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll 2012-07-28 02:46:56 16464896 ----a-w- C:\Windows\System32\amdocl64.dll 2012-07-28 02:46:06 13013504 ----a-w- C:\Windows\SysWow64\amdocl.dll 2012-07-28 02:15:50 163840 ----a-w- C:\Windows\System32\atiapfxx.exe 2012-07-28 02:10:40 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2012-07-28 02:10:34 534528 ----a-w- C:\Windows\System32\atieclxx.exe 2012-07-28 02:09:44 239616 ----a-w- C:\Windows\System32\atiesrxx.exe 2012-07-28 02:08:20 120320 ----a-w- C:\Windows\System32\atitmm64.dll 2012-07-28 02:08:04 21504 ----a-w- C:\Windows\System32\atimuixx.dll 2012-07-28 02:07:58 59392 ----a-w- C:\Windows\System32\atiedu64.dll 2012-07-28 02:07:52 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2012-07-28 01:51:12 7052288 ----a-w- C:\Windows\System32\atidxx64.dll 2012-07-28 01:41:32 4266496 ----a-w- C:\Windows\System32\atiumd6a.dll 2012-07-28 01:35:10 51200 ----a-w- C:\Windows\System32\aticalrt64.dll 2012-07-28 01:35:02 44544 ----a-w- C:\Windows\System32\aticalcl64.dll 2012-07-28 01:34:48 16034304 ----a-w- C:\Windows\System32\aticaldd64.dll 2012-07-28 01:32:32 4751872 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2012-07-28 01:25:52 6676480 ----a-w- C:\Windows\System32\atiumd64.dll 2012-07-28 01:15:32 540160 ----a-w- C:\Windows\System32\atiadlxx.dll 2012-07-28 01:15:22 368640 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2012-07-28 01:15:12 17920 ----a-w- C:\Windows\System32\atig6pxx.dll 2012-07-28 01:15:04 41984 ----a-w- C:\Windows\System32\atig6txx.dll 2012-07-28 01:14:46 368640 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2012-07-28 01:13:54 129536 ----a-w- C:\Windows\System32\atiuxp64.dll 2012-07-28 01:13:40 103936 ----a-w- C:\Windows\System32\atiu9p64.dll 2012-07-28 01:12:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2012-07-28 01:08:42 56320 ----a-w- C:\Windows\System32\atimpc64.dll 2012-07-28 01:08:42 56320 ----a-w- C:\Windows\System32\amdpcom64.dll 2012-07-28 01:08:36 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2012-07-28 01:08:36 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll 2012-07-26 07:21:28 291680 ----a-w- C:\Windows\System32\drivers\avgldx64.sys 2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll 2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll 2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll 2012-06-16 05:16:04 609792 ----a-w- C:\Windows\System32\vbscript.dll 2012-06-16 04:26:57 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-06-07 00:59:42 1070152 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-14 06:12:30 96896 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys 2012-05-14 05:26:34 956928 ----a-w- C:\Windows\System32\localspl.dll 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe . ============= FINISH: 15:48:20.84 =============== . Here is the DDS ATTACH UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-10-19.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 12/27/2009 9:46:34 AM System Uptime: 10/20/2012 12:09:24 PM (3 hours ago) . Motherboard: MSI | | MS-7309 Processor: AMD Phenom™ 9850 Quad-Core Processor | CPU 1 | 2511/200mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 699 GiB total, 373.599 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Hmonitor45 Device ID: ROOT\LEGACY_HMONITOR45\0000 Manufacturer: Name: Hmonitor45 PNP Device ID: ROOT\LEGACY_HMONITOR45\0000 Service: Hmonitor45 . ==== System Restore Points =================== . RP352: 10/13/2012 8:09:44 PM - Installed DirectX RP353: 10/14/2012 10:47:16 AM - Windows Update RP354: 10/20/2012 10:59:44 AM - Installed Java 7 Update 9 . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 2007 Microsoft Office system Acrobat.com Ad-Aware Antivirus Ad-Aware Security Add-on Adobe AIR Adobe Flash Player 11 ActiveX 64-bit Adobe Flash Player 11 Plugin Adobe Reader 9.5.2 Adobe Shockwave Player 11.5 Advanced Registry Optimizer AIM 7 AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Media Foundation Decoders AMD VISION Engine Control Center Anime Studio Debut 6.1 AOL Uninstaller (Choose which Products to Remove) Apple Application Support Apple Mobile Device Support Apple Software Update ATI AVIVO64 Codecs AVG 2012 Battlefield 3™ Battlefield 3™ Open Beta Battlefield: Bad Company 2 Battlelog Web Plugins BioShock 2 Bonjour Borderlands Bulletstorm Call of Duty Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Cisco Connect Click to Call with Skype D-Link DWA-125 Desura Deus Ex: Human Revolution Diablo II DirectX 9 Runtime doubleTwist Download Updater (AOL LLC) Faster Than Light Façade File Type Assistant Fraps (remove only) GameShadow Gamestudio A8 GOG.com Downloader version 3.2.7 Google Chrome Google Earth Google Update Helper Gotham City Impostors Half-Life Half-Life 2 Half-Life 2: Episode One Half-Life 2: Episode Two Hardware sensors monitor 4.5 Hi-Rez Studios Authenticate and Update Service HydraVision i-Menu 1.1 iLivid iTunes Java 7 Update 9 Java Auto Updater Java™ 6 Update 35 League of Legends Liveupdate4 Logitech GamePanel Software 3.06.109 Malwarebytes Anti-Malware version 1.65.0.1400 MechWarrior Online Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional Hybrid 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft WSE 3.0 Runtime Microsoft XNA Framework Redistributable 4.0 MobileMe Control Panel MotoHelper 2.0.51 Driver 5.2.0 MotoHelper MergeModules Motorola Mobile Drivers Installation 5.2.0 MSM2MSI_gstudio MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NVIDIA 3D Vision Controller Driver NVIDIA 3D Vision Controller Driver 275.33 NVIDIA 3D Vision Driver 275.33 NVIDIA Control Panel 275.33 NVIDIA Drivers NVIDIA Graphics Driver 275.33 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.10.0514 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.3.5 NVIDIA Update Components Origin Pando Media Booster PlanetSide 2 Beta Portal 2 PunkBuster Services PVSonyDll QuickTime RAGE Razer Megalodon Firmware Updater Razer Naga Roxio PC Game Capture Roxio PC Game Capture - WeGame Client 2.3.7 Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition SensorsView Pro 4.1 Silent Hunter III Skype™ 5.10 Softonic-Eng7 Toolbar Sonic CinePlayer Decoder Pack SPORE™ SPORE™ Galactic Adventures Spybot - Search & Destroy Spybot - Search & Destroy 2 Star Wars Battlefront II Star Wars: Knights of the Old Republic StarCraft II Steam System Requirements Lab System Requirements Lab CYRI Team Fortress 2 Terraria The Binding Of Isaac The Elder Scrolls IV: Oblivion The Sims™ 3 The Sims™ 3 World Adventures Total War: SHOGUN 2 Tribes Ascend Open Beta Unigine Heaven DX11 Benchmark 2.5 version 2.5 Uninstall AOL Emergency Connect Utility 1.0 Unity Web Player Update for 2007 Microsoft Office System (KB2284654) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Ventrilo Client Ventrilo Client for Windows x64 Viewpoint Media Player Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 Visual C++ 8.0 Runtime Setup Package (x64) Visual Studio 2008 x64 Redistributables Visual Studio 2010 x64 Redistributables Windows Driver Package - NVIDIA (nvlddmkm) Display (01/07/2011 8.17.12.6658) Windows Driver Package - NVIDIA (nvlddmkm) Display (06/07/2010 8.17.12.5721) Windows Driver Package - NVIDIA (nvlddmkm) Display (07/09/2010 8.17.12.5896) Windows Driver Package - NVIDIA (nvlddmkm) Display (10/16/2010 8.17.12.6099) Windows Driver Package - Realtek Semiconductor Corp. (RTL8192su) Net (12/29/2009 1086.7.1229.2009) Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (04/06/2010 6.0.1.6083) Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (12/10/2009 6.0.1.6000) Windows Live ID Sign-in Assistant WinRAR 4.00 (64-bit) . ==== Event Viewer Messages From Past Week ======== . 10/20/2012 10:38:38 AM, Error: Service Control Manager [7000] - The AODDriver4.1 service failed to start due to the following error: The system cannot find the file specified. 10/20/2012 10:38:36 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Hmonitor45 hwinterface Lbd 10/20/2012 10:38:31 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect. 10/20/2012 10:38:31 AM, Error: Service Control Manager [7001] - The Spybot-S&D 2 Updating Service service depends on the Secondary Logon service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 10/20/2012 10:38:31 AM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 10/20/2012 10:37:55 AM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\hwinterface.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 10/14/2012 12:50:03 PM, Error: Service Control Manager [7000] - The Lbd service failed to start due to the following error: The system cannot find the file specified. 10/14/2012 11:03:05 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Hmonitor45 hwinterface 10/14/2012 10:46:19 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SensorsVService service. . ==== End Of File =========================== . Here is the HJT Log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 3:56:23 PM, on 10/20/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDYT.exe C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDMovieViewer.exe C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDWebCam.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\PROGRA~2\AD-AWA~1\AdAware.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Charles\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd

#2 Conspire

Conspire

    Advanced Member

  • Trusted Malware Techs
  • 695 posts
  • Gender:Male


Posted 22 October 2012 - 08:57 AM

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days. :)


Hello there, Charles

:wp:

I'm Conspire, I'll be glad to help you with your computer problems.

Please observe these rules while we work:
  • Read the entire procedure
  • It is important to perform ALL actions in sequence.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with me till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.

IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.

---------------------------------------------------------------------------------------------------

Please download aswMBR.exe and save it to your desktop.
  • Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator)
  • Allow it to update where necessary
  • Click Scan

  • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
  • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.
===================================================

Download TDSSKiller.exe and save it to your desktop

Execute TDSSKiller.exe by doubleclicking on it.
Press Start Scan
If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
Once complete, a log will be produced at the root drive which is typically C: ,for example, C:TDSSKiller.<version_date_time>log.txt

===================================================

On your next reply please post :
aswMBR log
MBR.dat (attachment)
TDSS Killer log


Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

Good Day!
Proud Graduate of the WTT Classroom
Member of ASAP and UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Donate

#3 CharlesSmith899

CharlesSmith899

    Member

  • Members
  • 11 posts

Posted 22 October 2012 - 05:18 PM

I am sorry, but I will not have access to the computer in question until Friday, I hope this will be ok.

#4 Conspire

Conspire

    Advanced Member

  • Trusted Malware Techs
  • 695 posts
  • Gender:Male


Posted 22 October 2012 - 11:11 PM

Sure. Thanks for letting us know. :)
Proud Graduate of the WTT Classroom
Member of ASAP and UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Donate

#5 CharlesSmith899

CharlesSmith899

    Member

  • Members
  • 11 posts

Posted 28 October 2012 - 03:50 PM

Lol i am such an idiot, I didn't realize that I cannot get to the computer until Saturday, November 3. Really sorry

#6 Conspire

Conspire

    Advanced Member

  • Trusted Malware Techs
  • 695 posts
  • Gender:Male


Posted 28 October 2012 - 10:05 PM

;)
Proud Graduate of the WTT Classroom
Member of ASAP and UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Donate

#7 CharlesSmith899

CharlesSmith899

    Member

  • Members
  • 11 posts

Posted 03 November 2012 - 09:21 PM

I AM SO SORRY, after the recent Hurricane Sandy, I am unable to access my computer (I am currently typing this on my friends comp). I will be able to access the comp next Saturday (hopefully this is the last delay!)

#8 Conspire

Conspire

    Advanced Member

  • Trusted Malware Techs
  • 695 posts
  • Gender:Male


Posted 04 November 2012 - 09:25 AM

I can totally understand about the storm you were facing. Take your time. :)
Proud Graduate of the WTT Classroom
Member of ASAP and UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Donate

#9 CharlesSmith899

CharlesSmith899

    Member

  • Members
  • 11 posts

Posted 16 November 2012 - 10:05 PM

I finally got to my computer lol, here you go: awsMBR log: aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software Run date: 2012-11-16 21:14:54 ----------------------------- 21:14:54.052 OS Version: Windows x64 6.1.7601 Service Pack 1 21:14:54.052 Number of processors: 4 586 0x203 21:14:54.053 ComputerName: CHARLESWARE UserName: Charles 21:14:57.580 Initialize success 21:15:11.285 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006b 21:15:11.288 Disk 0 Vendor: Size: 0MB BusType: 0 21:15:11.308 Disk 0 MBR read successfully 21:15:11.310 Disk 0 MBR scan 21:15:11.314 Disk 0 Windows 7 default MBR code 21:15:11.317 Disk 0 MBR hidden 21:15:11.337 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 21:15:11.349 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 715302 MB offset 206848 21:15:11.414 Disk 0 scanning C:\Windows\system32\drivers 21:15:23.915 Service scanning 21:15:37.823 Service GMSIPCI D:\INSTALL\GMSIPCI.SYS **LOCKED** 21 21:15:57.419 Modules scanning 21:15:57.428 Disk 0 trace - called modules: 21:15:57.504 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor.sys 21:15:57.509 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d76060] 21:15:57.518 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8003e08e40] 21:15:57.526 5 ACPI.sys[fffff88000f867a1] -> nt!IofCallDriver -> \Device\0000006b[0xfffffa8003de69c0] 21:15:57.534 Scan finished successfully 21:18:43.694 Disk 0 MBR has been saved successfully to "C:\Users\Charles\Desktop\MBR.dat" 21:18:43.704 The log file has been saved successfully to "C:\Users\Charles\Desktop\aswMBR (final).txt" There were no errors found in the tdsskiller scan Sorry for the wait

Attached Files

  • Attached File  MBR.zip   559bytes   1 downloads


#10 Conspire

Conspire

    Advanced Member

  • Trusted Malware Techs
  • 695 posts
  • Gender:Male


Posted 16 November 2012 - 11:22 PM

What about TDSS Killer?
Proud Graduate of the WTT Classroom
Member of ASAP and UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Donate

#11 CharlesSmith899

CharlesSmith899

    Member

  • Members
  • 11 posts

Posted 18 November 2012 - 02:57 PM

Oh sorry, here you go 21:22:20.0228 0192 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 21:22:21.0034 0192 ============================================================ 21:22:21.0034 0192 Current date / time: 2012/11/16 21:22:21.0034 21:22:21.0034 0192 SystemInfo: 21:22:21.0034 0192 21:22:21.0035 0192 OS Version: 6.1.7601 ServicePack: 1.0 21:22:21.0035 0192 Product type: Workstation 21:22:21.0035 0192 ComputerName: CHARLESWARE 21:22:21.0035 0192 UserName: Charles 21:22:21.0035 0192 Windows directory: C:Windows 21:22:21.0035 0192 System windows directory: C:Windows 21:22:21.0035 0192 Running under WOW64 21:22:21.0035 0192 Processor architecture: Intel x64 21:22:21.0035 0192 Number of processors: 4 21:22:21.0035 0192 Page size: 0x1000 21:22:21.0035 0192 Boot type: Normal boot 21:22:21.0035 0192 ============================================================ 21:22:24.0893 0192 Drive DeviceHarddisk0DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:22:24.0915 0192 ============================================================ 21:22:24.0915 0192 DeviceHarddisk0DR0: 21:22:24.0927 0192 MBR partitions: 21:22:24.0927 0192 DeviceHarddisk0DR0Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 21:22:24.0927 0192 DeviceHarddisk0DR0Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x57513000 21:22:24.0927 0192 ============================================================ 21:22:25.0110 0192 C: <-> DeviceHarddisk0DR0Partition2 21:22:25.0110 0192 ============================================================ 21:22:25.0111 0192 Initialize success 21:22:25.0111 0192 ============================================================ 21:22:35.0765 2468 ============================================================ 21:22:35.0765 2468 Scan started 21:22:35.0765 2468 Mode: Manual; 21:22:35.0765 2468 ============================================================ 21:22:41.0375 2468 ================ Scan system memory ======================== 21:22:41.0375 2468 System memory - ok 21:22:41.0376 2468 ================ Scan services ============================= 21:22:43.0440 2468 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:Windowssystem32drivers1394ohci.sys 21:22:43.0475 2468 1394ohci - ok 21:22:43.0607 2468 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:Windowssystem32driversACPI.sys 21:22:43.0629 2468 ACPI - ok 21:22:43.0708 2468 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:Windowssystem32driversacpipmi.sys 21:22:43.0727 2468 AcpiPmi - ok 21:22:44.0366 2468 [ C59992E25F4EBAD9E5C15B0D5D225F99 ] Ad-Aware Service C:Program Files (x86)Ad-Aware AntivirusAdAwareService.exe 21:22:44.0418 2468 Ad-Aware Service - ok 21:22:44.0704 2468 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:Windowssystem32DRIVERSadp94xx.sys 21:22:44.0752 2468 adp94xx - ok 21:22:44.0867 2468 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:Windowssystem32DRIVERSadpahci.sys 21:22:44.0881 2468 adpahci - ok 21:22:45.0115 2468 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:Windowssystem32DRIVERSadpu320.sys 21:22:45.0148 2468 adpu320 - ok 21:22:45.0329 2468 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:WindowsSystem32aelupsvc.dll 21:22:45.0331 2468 AeLookupSvc - ok 21:22:45.0593 2468 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:Windowssystem32driversafd.sys 21:22:45.0608 2468 AFD - ok 21:22:45.0685 2468 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:Windowssystem32driversagp440.sys 21:22:45.0695 2468 agp440 - ok 21:22:45.0782 2468 [ 3290D6946B5E30E70414990574883DDB ] ALG C:WindowsSystem32alg.exe 21:22:45.0783 2468 ALG - ok 21:22:45.0902 2468 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:Windowssystem32driversaliide.sys 21:22:45.0915 2468 aliide - ok 21:22:46.0050 2468 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:Windowssystem32atiesrxx.exe 21:22:46.0065 2468 AMD External Events Utility - ok 21:22:46.0332 2468 AMD FUEL Service - ok 21:22:46.0447 2468 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:Windowssystem32driversamdide.sys 21:22:46.0473 2468 amdide - ok 21:22:46.0583 2468 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:Windowssystem32DRIVERSamdiox64.sys 21:22:46.0593 2468 amdiox64 - ok 21:22:46.0704 2468 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:Windowssystem32DRIVERSamdk8.sys 21:22:46.0720 2468 AmdK8 - ok 21:22:49.0192 2468 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:Windowssystem32DRIVERSatikmdag.sys 21:22:49.0400 2468 amdkmdag - ok 21:22:49.0520 2468 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:Windowssystem32DRIVERSatikmpag.sys 21:22:49.0543 2468 amdkmdap - ok 21:22:49.0630 2468 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:Windowssystem32DRIVERSamdppm.sys 21:22:49.0661 2468 AmdPPM - ok 21:22:49.0747 2468 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:Windowssystem32driversamdsata.sys 21:22:49.0772 2468 amdsata - ok 21:22:49.0838 2468 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:Windowssystem32DRIVERSamdsbs.sys 21:22:49.0864 2468 amdsbs - ok 21:22:49.0895 2468 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:Windowssystem32driversamdxata.sys 21:22:49.0918 2468 amdxata - ok 21:22:50.0080 2468 [ 4CCF421E6C4B2A4CBCE000715911F7CC ] anodlwf C:Windowssystem32DRIVERSanodlwfx.sys 21:22:50.0104 2468 anodlwf - ok 21:22:50.0282 2468 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.0 C:Program FilesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys 21:22:50.0307 2468 AODDriver4.0 - ok 21:22:50.0451 2468 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.01 C:Program FilesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys 21:22:50.0452 2468 AODDriver4.01 - ok 21:22:50.0621 2468 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.1 C:Program FilesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys 21:22:50.0622 2468 AODDriver4.1 - ok 21:22:50.0790 2468 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2 C:Program FilesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys 21:22:50.0790 2468 AODDriver4.2 - ok 21:22:51.0061 2468 [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS C:Program Files (x86)Common FilesAOLACSAOLAcsd.exe 21:22:51.0176 2468 AOL ACS - ok 21:22:51.0291 2468 [ 89A69C3F2F319B43379399547526D952 ] AppID C:Windowssystem32driversappid.sys 21:22:51.0292 2468 AppID - ok 21:22:51.0334 2468 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:WindowsSystem32appidsvc.dll 21:22:51.0335 2468 AppIDSvc - ok 21:22:51.0457 2468 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:WindowsSystem32appinfo.dll 21:22:51.0480 2468 Appinfo - ok 21:22:51.0667 2468 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe 21:22:51.0694 2468 Apple Mobile Device - ok 21:22:51.0806 2468 [ C484F8CEB1717C540242531DB7845C4E ] arc C:Windowssystem32DRIVERSarc.sys 21:22:51.0827 2468 arc - ok 21:22:51.0926 2468 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:Windowssystem32DRIVERSarcsas.sys 21:22:51.0947 2468 arcsas - ok 21:22:52.0594 2468 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:WindowsMicrosoft.NETFramework64v4.0.30319aspnet_state.exe 21:22:52.0637 2468 aspnet_state - ok 21:22:52.0701 2468 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:Windowssystem32DRIVERSasyncmac.sys 21:22:52.0732 2468 AsyncMac - ok 21:22:52.0824 2468 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:Windowssystem32driversatapi.sys 21:22:52.0840 2468 atapi - ok 21:22:53.0409 2468 [ AEC505976EF01BBD8F57CBA912F39259 ] athrusb6 C:Windowssystem32DRIVERSathrxu6.sys 21:22:53.0449 2468 athrusb6 - ok 21:22:53.0644 2468 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:Windowssystem32driversAtihdW76.sys 21:22:53.0658 2468 AtiHDAudioService - ok 21:22:53.0923 2468 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:WindowsSystem32Audiosrv.dll 21:22:53.0929 2468 AudioEndpointBuilder - ok 21:22:54.0107 2468 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:WindowsSystem32Audiosrv.dll 21:22:54.0113 2468 AudioSrv - ok 21:22:55.0351 2468 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:Program Files (x86)AVGAVG2012AVGIDSAgent.exe 21:22:59.0832 2468 AVGIDSAgent - ok 21:22:59.0933 2468 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:Windowssystem32DRIVERSavgidsdrivera.sys 21:22:59.0944 2468 AVGIDSDriver - ok 21:23:00.0023 2468 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:Windowssystem32DRIVERSavgidsfiltera.sys 21:23:00.0051 2468 AVGIDSFilter - ok 21:23:00.0194 2468 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:Windowssystem32DRIVERSavgidsha.sys 21:23:00.0206 2468 AVGIDSHA - ok 21:23:00.0482 2468 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:Windowssystem32DRIVERSavgldx64.sys 21:23:00.0507 2468 Avgldx64 - ok 21:23:00.0686 2468 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:Windowssystem32DRIVERSavgmfx64.sys 21:23:00.0698 2468 Avgmfx64 - ok 21:23:00.0835 2468 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:Windowssystem32DRIVERSavgrkx64.sys 21:23:00.0843 2468 Avgrkx64 - ok 21:23:00.0974 2468 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:Windowssystem32DRIVERSavgtdia.sys 21:23:01.0004 2468 Avgtdia - ok 21:23:01.0152 2468 [ 371428CF0F71934CB0F2344823ADFA32 ] avgtp C:Windowssystem32driversavgtpx64.sys 21:23:01.0176 2468 avgtp - ok 21:23:01.0260 2468 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:Program Files (x86)AVGAVG2012avgwdsvc.exe 21:23:01.0380 2468 avgwd - ok 21:23:01.0496 2468 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:WindowsSystem32AxInstSV.dll 21:23:01.0498 2468 AxInstSV - ok 21:23:01.0609 2468 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:Windowssystem32DRIVERSbxvbda.sys 21:23:01.0625 2468 b06bdrv - ok 21:23:01.0759 2468 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:Windowssystem32DRIVERSb57nd60a.sys 21:23:01.0773 2468 b57nd60a - ok 21:23:01.0843 2468 BCMH43XX - ok 21:23:01.0883 2468 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:WindowsSystem32bdesvc.dll 21:23:01.0907 2468 BDESVC - ok 21:23:02.0016 2468 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:Windowssystem32driversBeep.sys 21:23:02.0017 2468 Beep - ok 21:23:02.0403 2468 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:WindowsSystem32bfe.dll 21:23:02.0487 2468 BFE - ok 21:23:02.0882 2468 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:WindowsSystem32qmgr.dll 21:23:03.0015 2468 BITS - ok 21:23:03.0129 2468 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:Windowssystem32DRIVERSblbdrive.sys 21:23:03.0195 2468 blbdrive - ok 21:23:03.0690 2468 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:Program FilesBonjourmDNSResponder.exe 21:23:04.0375 2468 Bonjour Service - ok 21:23:04.0467 2468 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:Windowssystem32DRIVERSbowser.sys 21:23:04.0468 2468 bowser - ok 21:23:04.0533 2468 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:Windowssystem32DRIVERSBrFiltLo.sys 21:23:04.0556 2468 BrFiltLo - ok 21:23:04.0574 2468 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:Windowssystem32DRIVERSBrFiltUp.sys 21:23:04.0607 2468 BrFiltUp - ok 21:23:04.0732 2468 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:WindowsSystem32browser.dll 21:23:04.0733 2468 Browser - ok 21:23:04.0893 2468 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:WindowsSystem32DriversBrserid.sys 21:23:04.0910 2468 Brserid - ok 21:23:05.0000 2468 [ 34F6C504B150F99DAE69D7073D2A4DF4 ] BrSerIf C:Windowssystem32DRIVERSBrSerIf.sys 21:23:05.0019 2468 BrSerIf - ok 21:23:05.0071 2468 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:WindowsSystem32DriversBrSerWdm.sys 21:23:05.0092 2468 BrSerWdm - ok 21:23:05.0109 2468 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:WindowsSystem32DriversBrUsbMdm.sys 21:23:05.0118 2468 BrUsbMdm - ok 21:23:05.0159 2468 [ 601CB966FFFEBC6806626DC8E7AA0EF2 ] BrUsbSer C:Windowssystem32DRIVERSBrUsbSer.sys 21:23:05.0173 2468 BrUsbSer - ok 21:23:05.0234 2468 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:Windowssystem32DRIVERSbthmodem.sys 21:23:05.0243 2468 BTHMODEM - ok 21:23:05.0281 2468 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:Windowssystem32bthserv.dll 21:23:05.0302 2468 bthserv - ok 21:23:05.0358 2468 [ B8BD2BB284668C84865658C77574381A ] cdfs C:Windowssystem32DRIVERScdfs.sys 21:23:05.0359 2468 cdfs - ok 21:23:05.0525 2468 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:Windowssystem32DRIVERScdrom.sys 21:23:05.0535 2468 cdrom - ok 21:23:05.0597 2468 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:WindowsSystem32certprop.dll 21:23:05.0612 2468 CertPropSvc - ok 21:23:05.0919 2468 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:Windowssystem32DRIVERScirclass.sys 21:23:05.0930 2468 circlass - ok 21:23:06.0055 2468 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:Windowssystem32CLFS.sys 21:23:06.0058 2468 CLFS - ok 21:23:06.0200 2468 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:WindowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe 21:23:06.0510 2468 clr_optimization_v2.0.50727_32 - ok 21:23:06.0739 2468 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe 21:23:06.0744 2468 clr_optimization_v2.0.50727_64 - ok 21:23:07.0946 2468 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe 21:23:08.0364 2468 clr_optimization_v4.0.30319_32 - ok 21:23:08.0483 2468 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe 21:23:08.0784 2468 clr_optimization_v4.0.30319_64 - ok 21:23:08.0915 2468 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:Windowssystem32DRIVERSCmBatt.sys 21:23:08.0937 2468 CmBatt - ok 21:23:09.0025 2468 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:Windowssystem32driverscmdide.sys 21:23:09.0085 2468 cmdide - ok 21:23:09.0423 2468 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:Windowssystem32Driverscng.sys 21:23:09.0458 2468 CNG - ok 21:23:09.0507 2468 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:Windowssystem32DRIVERScompbatt.sys 21:23:09.0517 2468 Compbatt - ok 21:23:09.0681 2468 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:Windowssystem32driversCompositeBus.sys 21:23:09.0726 2468 CompositeBus - ok 21:23:09.0743 2468 COMSysApp - ok 21:23:09.0803 2468 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:Windowssystem32DRIVERScrcdisk.sys 21:23:09.0820 2468 crcdisk - ok 21:23:10.0032 2468 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:Windowssystem32cryptsvc.dll 21:23:10.0035 2468 CryptSvc - ok 21:23:10.0041 2468 CV2K1 - ok 21:23:10.0289 2468 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:Windowssystem32rpcss.dll 21:23:10.0294 2468 DcomLaunch - ok 21:23:10.0503 2468 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:WindowsSystem32defragsvc.dll 21:23:10.0506 2468 defragsvc - ok 21:23:10.0971 2468 [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:Program Files (x86)Common FilesDesuradesura_service.exe 21:23:11.0104 2468 Desura Install Service - ok 21:23:11.0197 2468 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:Windowssystem32Driversdfsc.sys 21:23:11.0198 2468 DfsC - ok 21:23:11.0347 2468 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:Windowssystem32dhcpcore.dll 21:23:11.0399 2468 Dhcp - ok 21:23:11.0485 2468 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:Windowssystem32driversdiscache.sys 21:23:11.0498 2468 discache - ok 21:23:11.0665 2468 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:Windowssystem32DRIVERSdisk.sys 21:23:11.0668 2468 Disk - ok 21:23:11.0824 2468 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:WindowsSystem32dnsrslvr.dll 21:23:11.0827 2468 Dnscache - ok 21:23:11.0917 2468 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:WindowsSystem32dot3svc.dll 21:23:11.0920 2468 dot3svc - ok 21:23:12.0004 2468 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:Windowssystem32dps.dll 21:23:12.0008 2468 DPS - ok 21:23:12.0043 2468 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:Windowssystem32driversdrmkaud.sys 21:23:12.0068 2468 drmkaud - ok 21:23:12.0456 2468 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:WindowsSystem32driversdxgkrnl.sys 21:23:12.0533 2468 DXGKrnl - ok 21:23:12.0685 2468 [ F195FBC375342BD25C936982245A8FB0 ] D_Link_DWA-125 C:Program Files (x86)D-LinkDWA-125 revAANIWZCSdS.exe 21:23:18.0666 2468 D_Link_DWA-125 - ok 21:23:18.0781 2468 [ 4DB0907D750E0810309F8D8FA36625A6 ] D_Link_DWA-125_WPS C:Program Files (x86)D-LinkDWA-125 revAANIWConnService.exe 21:23:22.0551 2468 D_Link_DWA-125_WPS - ok 21:23:22.0651 2468 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:WindowsSystem32eapsvc.dll 21:23:22.0654 2468 EapHost - ok 21:23:23.0520 2468 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:Windowssystem32DRIVERSevbda.sys 21:23:23.0605 2468 ebdrv - ok 21:23:23.0677 2468 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:WindowsSystem32lsass.exe 21:23:23.0687 2468 EFS - ok 21:23:23.0930 2468 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:WindowsehomeehRecvr.exe 21:23:23.0973 2468 ehRecvr - ok 21:23:24.0065 2468 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:Windowsehomeehsched.exe 21:23:24.0083 2468 ehSched - ok 21:23:24.0261 2468 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:Windowssystem32DRIVERSelxstor.sys 21:23:24.0325 2468 elxstor - ok 21:23:24.0406 2468 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:Windowssystem32driverserrdev.sys 21:23:24.0417 2468 ErrDev - ok 21:23:24.0817 2468 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:Windowssystem32es.dll 21:23:24.0821 2468 EventSystem - ok 21:23:24.0919 2468 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:Windowssystem32driversexfat.sys 21:23:24.0946 2468 exfat - ok 21:23:25.0013 2468 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:Windowssystem32driversfastfat.sys 21:23:25.0039 2468 fastfat - ok 21:23:25.0278 2468 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:Windowssystem32fxssvc.exe 21:23:25.0322 2468 Fax - ok 21:23:25.0385 2468 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:Windowssystem32DRIVERSfdc.sys 21:23:25.0410 2468 fdc - ok 21:23:25.0483 2468 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:Windowssystem32fdPHost.dll 21:23:25.0499 2468 fdPHost - ok 21:23:25.0560 2468 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:Windowssystem32fdrespub.dll 21:23:25.0579 2468 FDResPub - ok 21:23:25.0624 2468 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:Windowssystem32driversfileinfo.sys 21:23:25.0649 2468 FileInfo - ok 21:23:25.0669 2468 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:Windowssystem32driversfiletrace.sys 21:23:25.0674 2468 Filetrace - ok 21:23:25.0699 2468 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:Windowssystem32DRIVERSflpydisk.sys 21:23:25.0721 2468 flpydisk - ok 21:23:25.0882 2468 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:Windowssystem32driversfltmgr.sys 21:23:25.0939 2468 FltMgr - ok 21:23:26.0470 2468 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:Windowssystem32FntCache.dll 21:23:26.0492 2468 FontCache - ok 21:23:26.0823 2468 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe 21:23:27.0019 2468 FontCache3.0.0.0 - ok 21:23:27.0060 2468 [ D43703496149971890703B4B1B723EAC ] FsDepends C:Windowssystem32driversFsDepends.sys 21:23:27.0072 2468 FsDepends - ok 21:23:27.0109 2468 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:Windowssystem32driversFs_Rec.sys 21:23:27.0110 2468 Fs_Rec - ok 21:23:27.0236 2468 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:Windowssystem32DRIVERSfvevol.sys 21:23:27.0258 2468 fvevol - ok 21:23:27.0333 2468 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:Windowssystem32DRIVERSgagp30kx.sys 21:23:27.0361 2468 gagp30kx - ok 21:23:27.0577 2468 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:Windowssystem32DRIVERSGEARAspiWDM.sys 21:23:27.0629 2468 GEARAspiWDM - ok 21:23:27.0662 2468 GMSIPCI - ok 21:23:28.0008 2468 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:WindowsSystem32gpsvc.dll 21:23:28.0067 2468 gpsvc - ok 21:23:28.0527 2468 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:Program Files (x86)GoogleUpdateGoogleUpdate.exe 21:23:28.0565 2468 gupdate - ok 21:23:28.0745 2468 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:Program Files (x86)GoogleUpdateGoogleUpdate.exe 21:23:28.0749 2468 gupdatem - ok 21:23:28.0795 2468 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:Windowssystem32drivershcw85cir.sys 21:23:28.0820 2468 hcw85cir - ok 21:23:28.0947 2468 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:Windowssystem32driversHdAudio.sys 21:23:28.0981 2468 HdAudAddService - ok 21:23:29.0059 2468 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:Windowssystem32driversHDAudBus.sys 21:23:29.0086 2468 HDAudBus - ok 21:23:29.0149 2468 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:Windowssystem32DRIVERSHidBatt.sys 21:23:29.0167 2468 HidBatt - ok 21:23:29.0234 2468 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:Windowssystem32DRIVERShidbth.sys 21:23:29.0260 2468 HidBth - ok 21:23:29.0290 2468 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:Windowssystem32DRIVERShidir.sys 21:23:29.0311 2468 HidIr - ok 21:23:29.0364 2468 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:Windowssystem32hidserv.dll 21:23:29.0383 2468 hidserv - ok 21:23:29.0506 2468 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:Windowssystem32DRIVERShidusb.sys 21:23:29.0521 2468 HidUsb - ok 21:23:29.0724 2468 [ D61F8E72032BDC43157F2B8AEA32B529 ] HiPatchService C:Program Files (x86)Hi-Rez StudiosHiPatchService.exe 21:23:30.0600 2468 HiPatchService - ok 21:23:30.0814 2468 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:Windowssystem32kmsvc.dll 21:23:30.0826 2468 hkmsvc - ok 21:23:35.0106 2468 [ 0C0195C48B6B8582FA6F6373032118DA ] Hmonitor45 C:WindowsSysWOW64drivershmonitor45.sys 21:23:35.0125 2468 Hmonitor45 - ok 21:23:35.0232 2468 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:Windowssystem32ListSvc.dll 21:23:35.0245 2468 HomeGroupListener - ok 21:23:35.0349 2468 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:Windowssystem32provsvc.dll 21:23:35.0400 2468 HomeGroupProvider - ok 21:23:35.0452 2468 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:Windowssystem32driversHpSAMD.sys 21:23:35.0460 2468 HpSAMD - ok 21:23:35.0682 2468 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:Windowssystem32driversHTTP.sys 21:23:35.0716 2468 HTTP - ok 21:23:36.0046 2468 [ 129128E192F9470EB92DB28B6730B06B ] hugoio64 C:Program Files (x86)i-Menuhugoio64.sys 21:23:36.0082 2468 hugoio64 - ok 21:23:36.0131 2468 hwinterface - ok 21:23:36.0198 2468 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:Windowssystem32drivershwpolicy.sys 21:23:36.0209 2468 hwpolicy - ok 21:23:36.0289 2468 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:Windowssystem32driversi8042prt.sys 21:23:36.0301 2468 i8042prt - ok 21:23:36.0484 2468 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:Windowssystem32driversiaStorV.sys 21:23:36.0498 2468 iaStorV - ok 21:23:36.0785 2468 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:WindowsMicrosoft.NETFramework64v3.0Windows Communication Foundationinfocard.exe 21:23:36.0819 2468 idsvc - ok 21:23:36.0864 2468 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:Windowssystem32DRIVERSiirsp.sys 21:23:36.0876 2468 iirsp - ok 21:23:37.0088 2468 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:WindowsSystem32ikeext.dll 21:23:37.0123 2468 IKEEXT - ok 21:23:37.0142 2468 IntcAzAudAddService - ok 21:23:37.0205 2468 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:Windowssystem32driversintelide.sys 21:23:37.0212 2468 intelide - ok 21:23:37.0254 2468 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:Windowssystem32DRIVERSintelppm.sys 21:23:37.0257 2468 intelppm - ok 21:23:37.0351 2468 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:Windowssystem32ipbusenum.dll 21:23:37.0379 2468 IPBusEnum - ok 21:23:37.0428 2468 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:Windowssystem32DRIVERSipfltdrv.sys 21:23:37.0442 2468 IpFilterDriver - ok 21:23:37.0605 2468 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:WindowsSystem32iphlpsvc.dll 21:23:37.0655 2468 iphlpsvc - ok 21:23:37.0705 2468 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:Windowssystem32driversIPMIDrv.sys 21:23:37.0724 2468 IPMIDRV - ok 21:23:37.0782 2468 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:Windowssystem32driversipnat.sys 21:23:37.0802 2468 IPNAT - ok 21:23:38.0276 2468 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:Program FilesiPodbiniPodService.exe 21:23:38.0790 2468 iPod Service - ok 21:23:38.0901 2468 [ 02DEF37AB75E0032C50724646F708DE8 ] iPodDrv C:Windowssystem32driversiPodDrv.sys 21:23:38.0914 2468 iPodDrv - ok 21:23:38.0961 2468 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:Windowssystem32driversirenum.sys 21:23:38.0971 2468 IRENUM - ok 21:23:39.0005 2468 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:Windowssystem32driversisapnp.sys 21:23:39.0007 2468 isapnp - ok 21:23:39.0073 2468 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:Windowssystem32driversmsiscsi.sys 21:23:39.0090 2468 iScsiPrt - ok 21:23:39.0149 2468 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:Windowssystem32DRIVERSkbdclass.sys 21:23:39.0151 2468 kbdclass - ok 21:23:39.0195 2468 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:Windowssystem32DRIVERSkbdhid.sys 21:23:39.0214 2468 kbdhid - ok 21:23:39.0253 2468 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:Windowssystem32lsass.exe 21:23:39.0254 2468 KeyIso - ok 21:23:39.0320 2468 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:Windowssystem32Driversksecdd.sys 21:23:39.0340 2468 KSecDD - ok 21:23:39.0424 2468 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:Windowssystem32Driversksecpkg.sys 21:23:39.0447 2468 KSecPkg - ok 21:23:39.0474 2468 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:Windowssystem32driversksthunk.sys 21:23:39.0476 2468 ksthunk - ok 21:23:39.0546 2468 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:Windowssystem32msdtckrm.dll 21:23:39.0550 2468 KtmRm - ok 21:23:39.0652 2468 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:Windowssystem32srvsvc.dll 21:23:39.0682 2468 LanmanServer - ok 21:23:39.0750 2468 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:WindowsSystem32wkssvc.dll 21:23:39.0757 2468 LanmanWorkstation - ok 21:23:39.0863 2468 Lbd - ok 21:23:39.0948 2468 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:Windowssystem32driversLGBusEnum.sys 21:23:39.0963 2468 LGBusEnum - ok 21:23:40.0028 2468 [ F705A641C18DF31B48B5DBDA94B425E4 ] LGPBTDD C:Windowssystem32DriversLGPBTDD.sys 21:23:40.0042 2468 LGPBTDD - ok 21:23:40.0130 2468 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:Windowssystem32driversLGVirHid.sys 21:23:40.0154 2468 LGVirHid - ok 21:23:40.0306 2468 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:Windowssystem32DRIVERSlltdio.sys 21:23:40.0337 2468 lltdio - ok 21:23:40.0398 2468 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:WindowsSystem32lltdsvc.dll 21:23:40.0409 2468 lltdsvc - ok 21:23:40.0448 2468 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:WindowsSystem32lmhsvc.dll 21:23:40.0457 2468 lmhosts - ok 21:23:40.0530 2468 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:Windowssystem32DRIVERSlsi_fc.sys 21:23:40.0578 2468 LSI_FC - ok 21:23:40.0641 2468 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:Windowssystem32DRIVERSlsi_sas.sys 21:23:40.0654 2468 LSI_SAS - ok 21:23:40.0696 2468 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:Windowssystem32DRIVERSlsi_sas2.sys 21:23:40.0708 2468 LSI_SAS2 - ok 21:23:40.0744 2468 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:Windowssystem32DRIVERSlsi_scsi.sys 21:23:40.0766 2468 LSI_SCSI - ok 21:23:40.0793 2468 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:Windowssystem32driversluafv.sys 21:23:40.0808 2468 luafv - ok 21:23:40.0883 2468 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:Windowssystem32Mcx2Svc.dll 21:23:40.0885 2468 Mcx2Svc - ok 21:23:40.0958 2468 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:Windowssystem32DRIVERSmegasas.sys 21:23:40.0978 2468 megasas - ok 21:23:41.0090 2468 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:Windowssystem32DRIVERSMegaSR.sys 21:23:41.0125 2468 MegaSR - ok 21:23:41.0178 2468 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:Windowssystem32mmcss.dll 21:23:41.0194 2468 MMCSS - ok 21:23:41.0249 2468 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:Windowssystem32driversmodem.sys 21:23:41.0258 2468 Modem - ok 21:23:41.0323 2468 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:Windowssystem32DRIVERSmonitor.sys 21:23:41.0353 2468 monitor - ok 21:23:41.0428 2468 [ D69F1E9A944A5F46A494AF901ED41118 ] motandroidusb C:Windowssystem32Driversmotoandroid.sys 21:23:41.0440 2468 motandroidusb - ok 21:23:41.0643 2468 [ 3BBC6C2402242401F791548AAEBF3D39 ] MotoHelper C:Program Files (x86)MotorolaMotoHelperMotoHelperService.exe 21:23:41.0894 2468 MotoHelper - ok 21:23:41.0926 2468 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:Windowssystem32DRIVERSmouclass.sys 21:23:41.0930 2468 mouclass - ok 21:23:41.0987 2468 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:Windowssystem32DRIVERSmouhid.sys 21:23:42.0000 2468 mouhid - ok 21:23:42.0031 2468 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:Windowssystem32driversmountmgr.sys 21:23:42.0034 2468 mountmgr - ok 21:23:42.0067 2468 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:Windowssystem32driversmpio.sys 21:23:42.0071 2468 mpio - ok 21:23:42.0115 2468 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:Windowssystem32driversmpsdrv.sys 21:23:42.0121 2468 mpsdrv - ok 21:23:42.0333 2468 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:Windowssystem32mpssvc.dll 21:23:42.0371 2468 MpsSvc - ok 21:23:42.0502 2468 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:Windowssystem32driversmrxdav.sys 21:23:42.0510 2468 MRxDAV - ok 21:23:42.0610 2468 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:Windowssystem32DRIVERSmrxsmb.sys 21:23:42.0624 2468 mrxsmb - ok 21:23:42.0721 2468 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:Windowssystem32DRIVERSmrxsmb10.sys 21:23:42.0748 2468 mrxsmb10 - ok 21:23:42.0810 2468 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:Windowssystem32DRIVERSmrxsmb20.sys 21:23:42.0817 2468 mrxsmb20 - ok 21:23:42.0883 2468 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:Windowssystem32driversmsahci.sys 21:23:42.0890 2468 msahci - ok 21:23:42.0927 2468 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:Windowssystem32driversmsdsm.sys 21:23:42.0934 2468 msdsm - ok 21:23:42.0972 2468 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:WindowsSystem32msdtc.exe 21:23:42.0975 2468 MSDTC - ok 21:23:43.0038 2468 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:Windowssystem32driversMsfs.sys 21:23:43.0052 2468 Msfs - ok 21:23:43.0093 2468 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:WindowsSystem32driversmshidkmdf.sys 21:23:43.0116 2468 mshidkmdf - ok 21:23:43.0160 2468 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:Windowssystem32driversmsisadrv.sys 21:23:43.0178 2468 msisadrv - ok 21:23:43.0317 2468 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:Windowssystem32iscsiexe.dll 21:23:43.0334 2468 MSiSCSI - ok 21:23:43.0340 2468 msiserver - ok 21:23:43.0441 2468 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:Windowssystem32driversMSKSSRV.sys 21:23:43.0514 2468 MSKSSRV - ok 21:23:43.0744 2468 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:Windowssystem32driversMSPCLOCK.sys 21:23:43.0755 2468 MSPCLOCK - ok 21:23:43.0795 2468 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:Windowssystem32driversMSPQM.sys 21:23:43.0817 2468 MSPQM - ok 21:23:43.0975 2468 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:Windowssystem32driversMsRPC.sys 21:23:44.0001 2468 MsRPC - ok 21:23:44.0059 2468 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:Windowssystem32driversmssmbios.sys 21:23:44.0070 2468 mssmbios - ok 21:23:44.0123 2468 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:Windowssystem32driversMSTEE.sys 21:23:44.0141 2468 MSTEE - ok 21:23:44.0177 2468 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:Windowssystem32DRIVERSMTConfig.sys 21:23:44.0187 2468 MTConfig - ok 21:23:44.0218 2468 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:Windowssystem32Driversmup.sys 21:23:44.0232 2468 Mup - ok 21:23:44.0375 2468 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:Windowssystem32qagentRT.dll 21:23:44.0387 2468 napagent - ok 21:23:44.0560 2468 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:Windowssystem32DRIVERSnwifi.sys 21:23:44.0574 2468 NativeWifiP - ok 21:23:44.0879 2468 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:Windowssystem32driversndis.sys 21:23:44.0954 2468 NDIS - ok 21:23:45.0021 2468 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:Windowssystem32DRIVERSndiscap.sys 21:23:45.0033 2468 NdisCap - ok 21:23:45.0086 2468 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:Windowssystem32DRIVERSndistapi.sys 21:23:45.0098 2468 NdisTapi - ok 21:23:45.0178 2468 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:Windowssystem32DRIVERSndisuio.sys 21:23:45.0201 2468 Ndisuio - ok 21:23:45.0319 2468 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:Windowssystem32DRIVERSndiswan.sys 21:23:45.0343 2468 NdisWan - ok 21:23:45.0421 2468 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:Windowssystem32driversNDProxy.sys 21:23:45.0434 2468 NDProxy - ok 21:23:45.0489 2468 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:Windowssystem32DRIVERSnetbios.sys 21:23:45.0509 2468 NetBIOS - ok 21:23:45.0655 2468 [ 09594D1089C523423B32A4229263F068 ] NetBT C:Windowssystem32DRIVERSnetbt.sys 21:23:45.0695 2468 NetBT - ok 21:23:45.0758 2468 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:Windowssystem32lsass.exe 21:23:45.0778 2468 Netlogon - ok 21:23:45.0947 2468 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:WindowsSystem32netman.dll 21:23:46.0015 2468 Netman - ok 21:23:46.0355 2468 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:WindowsMicrosoft.NETFramework64v4.0.30319SMSvcHost.exe 21:23:46.0367 2468 NetMsmqActivator - ok 21:23:46.0372 2468 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:WindowsMicrosoft.NETFramework64v4.0.30319SMSvcHost.exe 21:23:46.0374 2468 NetPipeActivator - ok 21:23:46.0489 2468 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:WindowsSystem32netprofm.dll 21:23:46.0531 2468 netprofm - ok 21:23:46.0877 2468 [ EED1FBDE98CF5F6D5C0C5B27AB1F68EC ] netr28ux C:Windowssystem32DRIVERSDnetr28ux.sys 21:23:46.0913 2468 netr28ux - ok 21:23:46.0980 2468 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:WindowsMicrosoft.NETFramework64v4.0.30319SMSvcHost.exe 21:23:46.0998 2468 NetTcpActivator - ok 21:23:47.0014 2468 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:WindowsMicrosoft.NETFramework64v4.0.30319SMSvcHost.exe 21:23:47.0016 2468 NetTcpPortSharing - ok 21:23:47.0069 2468 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:Windowssystem32DRIVERSnfrd960.sys 21:23:47.0093 2468 nfrd960 - ok 21:23:47.0242 2468 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:WindowsSystem32nlasvc.dll 21:23:47.0257 2468 NlaSvc - ok 21:23:47.0294 2468 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:Windowssystem32driversNpfs.sys 21:23:47.0316 2468 Npfs - ok 21:23:47.0369 2468 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:Windowssystem32nsisvc.dll 21:23:47.0382 2468 nsi - ok 21:23:47.0426 2468 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:Windowssystem32driversnsiproxy.sys 21:23:47.0451 2468 nsiproxy - ok 21:23:47.0813 2468 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:Windowssystem32driversNtfs.sys 21:23:47.0856 2468 Ntfs - ok 21:23:47.0910 2468 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:Windowssystem32driversNull.sys 21:23:47.0921 2468 Null - ok 21:23:48.0068 2468 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:Windowssystem32DRIVERSnvm62x64.sys 21:23:48.0099 2468 NVENETFD - ok 21:23:51.0025 2468 [ B34E9BFBD9C61048EF6281C3E7EC210A ] nvlddmkm C:Windowssystem32DRIVERSnvlddmkm.sys 21:23:51.0322 2468 nvlddmkm - ok 21:23:51.0363 2468 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:Windowssystem32driversnvraid.sys 21:23:51.0368 2468 nvraid - ok 21:23:51.0486 2468 [ 76B304C8156779D4D39530118ACF1D1A ] nvsmu C:Windowssystem32DRIVERSnvsmu.sys 21:23:51.0503 2468 nvsmu - ok 21:23:51.0533 2468 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:Windowssystem32driversnvstor.sys 21:23:51.0535 2468 nvstor - ok 21:23:51.0933 2468 [ DFDA089BB2CD0FF7E789E2EF6BA1E4BA ] nvsvc C:Windowssystem32nvvsvc.exe 21:23:51.0970 2468 nvsvc - ok 21:23:52.0616 2468 [ E7818CD4FB51284C948D68A7A85A69B8 ] nvUpdatusService C:Program Files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe 21:23:53.0866 2468 nvUpdatusService - ok 21:23:53.0937 2468 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:Windowssystem32driversnv_agp.sys 21:23:53.0968 2468 nv_agp - ok 21:23:54.0312 2468 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:Program Files (x86)Common FilesMicrosoft SharedOFFICE12ODSERV.EXE 21:23:54.0708 2468 odserv - ok 21:23:54.0761 2468 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:Windowssystem32driversohci1394.sys 21:23:54.0774 2468 ohci1394 - ok 21:23:54.0834 2468 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:Program Files (x86)Common FilesMicrosoft SharedSource EngineOSE.EXE 21:23:54.0875 2468 ose - ok 21:23:54.0926 2468 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:Windowssystem32pnrpsvc.dll 21:23:54.0953 2468 p2pimsvc - ok 21:23:55.0059 2468 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:Windowssystem32p2psvc.dll 21:23:55.0084 2468 p2psvc - ok 21:23:55.0129 2468 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:Windowssystem32DRIVERSparport.sys 21:23:55.0136 2468 Parport - ok 21:23:55.0159 2468 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:Windowssystem32driverspartmgr.sys 21:23:55.0167 2468 partmgr - ok 21:23:55.0195 2468 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:WindowsSystem32pcasvc.dll 21:23:55.0220 2468 PcaSvc - ok 21:23:55.0251 2468 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:Windowssystem32driverspci.sys 21:23:55.0267 2468 pci - ok 21:23:55.0336 2468 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:Windowssystem32driverspciide.sys 21:23:55.0346 2468 pciide - ok 21:23:55.0409 2468 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:Windowssystem32DRIVERSpcmcia.sys 21:23:55.0434 2468 pcmcia - ok 21:23:55.0485 2468 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:Windowssystem32driverspcw.sys 21:23:55.0497 2468 pcw - ok 21:23:55.0657 2468 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:Windowssystem32driverspeauth.sys 21:23:55.0689 2468 PEAUTH - ok 21:23:57.0759 2468 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:WindowsSysWow64perfhost.exe 21:23:57.0802 2468 PerfHost - ok 21:23:58.0123 2468 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:Windowssystem32pla.dll 21:23:58.0175 2468 pla - ok 21:23:58.0333 2468 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:Windowssystem32umpnpmgr.dll 21:23:58.0336 2468 PlugPlay - ok 21:23:58.0409 2468 PnkBstrA - ok 21:23:58.0451 2468 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:Windowssystem32pnrpauto.dll 21:23:58.0459 2468 PNRPAutoReg - ok 21:23:58.0500 2468 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:Windowssystem32pnrpsvc.dll 21:23:58.0503 2468 PNRPsvc - ok 21:23:58.0576 2468 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:WindowsSystem32ipsecsvc.dll 21:23:58.0591 2468 PolicyAgent - ok 21:23:59.0017 2468 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:Windowssystem32umpo.dll 21:23:59.0043 2468 Power - ok 21:23:59.0097 2468 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:Windowssystem32DRIVERSraspptp.sys 21:23:59.0123 2468 PptpMiniport - ok 21:23:59.0194 2468 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:Windowssystem32DRIVERSprocessr.sys 21:23:59.0208 2468 Processor - ok 21:23:59.0313 2468 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:Windowssystem32profsvc.dll 21:23:59.0339 2468 ProfSvc - ok 21:23:59.0377 2468 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:Windowssystem32lsass.exe 21:23:59.0392 2468 ProtectedStorage - ok 21:23:59.0578 2468 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:Windowssystem32DRIVERSpacer.sys 21:23:59.0601 2468 Psched - ok 21:23:59.0805 2468 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:Windowssystem32DriversPxHlpa64.sys 21:23:59.0817 2468 PxHlpa64 - ok 21:24:00.0291 2468 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:Windowssystem32DRIVERSql2300.sys 21:24:00.0328 2468 ql2300 - ok 21:24:00.0447 2468 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:Windowssystem32DRIVERSql40xx.sys 21:24:00.0464 2468 ql40xx - ok 21:24:00.0582 2468 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:Windowssystem32qwave.dll 21:24:00.0615 2468 QWAVE - ok 21:24:00.0655 2468 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:Windowssystem32driversqwavedrv.sys 21:24:00.0695 2468 QWAVEdrv - ok 21:24:00.0728 2468 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:Windowssystem32DRIVERSrasacd.sys 21:24:00.0742 2468 RasAcd - ok 21:24:00.0895 2468 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:Windowssystem32DRIVERSAgileVpn.sys 21:24:00.0939 2468 RasAgileVpn - ok 21:24:01.0088 2468 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:WindowsSystem32rasauto.dll 21:24:01.0124 2468 RasAuto - ok 21:24:01.0245 2468 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:Windowssystem32DRIVERSrasl2tp.sys 21:24:01.0260 2468 Rasl2tp - ok 21:24:01.0351 2468 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:WindowsSystem32rasmans.dll 21:24:01.0376 2468 RasMan - ok 21:24:01.0439 2468 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:Windowssystem32DRIVERSraspppoe.sys 21:24:01.0456 2468 RasPppoe - ok 21:24:01.0517 2468 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:Windowssystem32DRIVERSrassstp.sys 21:24:01.0526 2468 RasSstp - ok 21:24:01.0637 2468 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:Windowssystem32DRIVERSrdbss.sys 21:24:01.0663 2468 rdbss - ok 21:24:01.0692 2468 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:Windowssystem32DRIVERSrdpbus.sys 21:24:01.0701 2468 rdpbus - ok 21:24:01.0729 2468 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:Windowssystem32DRIVERSRDPCDD.sys 21:24:01.0738 2468 RDPCDD - ok 21:24:01.0799 2468 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:Windowssystem32driversrdpencdd.sys 21:24:01.0825 2468 RDPENCDD - ok 21:24:01.0860 2468 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:Windowssystem32driversrdprefmp.sys 21:24:01.0868 2468 RDPREFMP - ok 21:24:01.0942 2468 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:Windowssystem32driversRDPWD.sys 21:24:01.0953 2468 RDPWD - ok 21:24:02.0084 2468 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:Windowssystem32driversrdyboost.sys 21:24:02.0102 2468 rdyboost - ok 21:24:02.0149 2468 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:WindowsSystem32mprdim.dll 21:24:02.0169 2468 RemoteAccess - ok 21:24:02.0291 2468 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:Windowssystem32regsvc.dll 21:24:02.0333 2468 RemoteRegistry - ok 21:24:03.0136 2468 [ E1AAAFF55A3CB098B80D6E8D932FBC98 ] RoxMediaDBGame1X C:Program Files (x86)Common FilesRoxio SharedGame1XSharedCOMRoxMediaDBGame1X.exe 21:24:03.0650 2468 RoxMediaDBGame1X - ok 21:24:03.0719 2468 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:WindowsSystem32RpcEpMap.dll 21:24:03.0735 2468 RpcEptMapper - ok 21:24:03.0781 2468 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:Windowssystem32locator.exe 21:24:03.0806 2468 RpcLocator - ok 21:24:03.0976 2468 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:Windowssystem32rpcss.dll 21:24:03.0981 2468 RpcSs - ok 21:24:04.0063 2468 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:Windowssystem32DRIVERSrspndr.sys 21:24:04.0089 2468 rspndr - ok 21:24:04.0163 2468 RTL8192su - ok 21:24:04.0292 2468 [ D2CEFF3BEFE9C468717B6BB7FA4A5E44 ] RzSynapse C:Windowssystem32DRIVERSRzSynapse.sys 21:24:04.0311 2468 RzSynapse - ok 21:24:04.0333 2468 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:Windowssystem32lsass.exe 21:24:04.0346 2468 SamSs - ok 21:24:05.0316 2468 [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc C:Program Files (x86)Ad-Aware AntivirusSBAMSvc.exe 21:24:05.0401 2468 SBAMSvc - ok 21:24:05.0599 2468 [ 6E342316E72F4B6FA39C99E06373A1A3 ] sbapifs C:Windowssystem32DRIVERSsbapifs.sys 21:24:05.0613 2468 sbapifs - ok 21:24:05.0708 2468 [ B671EEF468D13016B9286F5835A06AE1 ] sbhips C:Windowssystem32driverssbhips.sys 21:24:05.0732 2468 sbhips - ok 21:24:05.0800 2468 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:Windowssystem32driverssbp2port.sys 21:24:05.0808 2468 sbp2port - ok 21:24:05.0908 2468 [ 9ACEB2A2362FC87A3825963E61BA9076 ] SBRE C:Windowssystem32driversSBREdrv.sys 21:24:05.0935 2468 SBRE - ok 21:24:05.0988 2468 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:WindowsSystem32SCardSvr.dll 21:24:06.0012 2468 SCardSvr - ok 21:24:06.0061 2468 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:Windowssystem32DRIVERSscfilter.sys 21:24:06.0066 2468 scfilter - ok 21:24:06.0213 2468 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:Windowssystem32schedsvc.dll 21:24:06.0249 2468 Schedule - ok 21:24:06.0304 2468 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:WindowsSystem32certprop.dll 21:24:06.0305 2468 SCPolicySvc - ok 21:24:06.0599 2468 [ 16080B87C1992415BE20A83FE8DA1B14 ] SDHookDriver C:Program Files (x86)Spybot - Search & Destroy 2SDHookDrv64.sys 21:24:06.0601 2468 SDHookDriver - ok 21:24:06.0700 2468 [ 5C31070D5A528D637322562E2A30E0E5 ] SDHookService C:Program Files (x86)Spybot - Search & Destroy 2SDHookSvc.exe 21:24:06.0726 2468 SDHookService - ok 21:24:06.0810 2468 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:WindowsSystem32SDRSVC.dll 21:24:06.0828 2468 SDRSVC - ok 21:24:07.0265 2468 [ 43D29ECB8137EEAE30B0970BBC7A5500 ] SDScannerService C:Program Files (x86)Spybot - Search & Destroy 2SDFSSvc.exe 21:24:08.0069 2468 SDScannerService - ok 21:24:08.0461 2468 [ 6B859B122E85C2C833E6D8C5DC4B07F3 ] SDUpdateService C:Program Files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe 21:24:09.0344 2468 SDUpdateService - ok 21:24:09.0416 2468 [ 59DCE6783F9ED27EB72C81466E363BF8 ] SDWSCService C:Program Files (x86)Spybot - Search & Destroy 2SDWSCSvc.exe 21:24:09.0429 2468 SDWSCService - ok 21:24:09.0459 2468 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:Windowssystem32driverssecdrv.sys 21:24:09.0462 2468 secdrv - ok 21:24:09.0502 2468 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:Windowssystem32seclogon.dll 21:24:09.0514 2468 seclogon - ok 21:24:09.0574 2468 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:WindowsSystem32sens.dll 21:24:09.0592 2468 SENS - ok 21:24:09.0782 2468 [ 0C0195C48B6B8582FA6F6373032118DA ] sensorsview C:Program Files (x86)SensorsViewPro41drvsensorsview32_64.sys 21:24:09.0813 2468 sensorsview - ok 21:24:10.0090 2468 [ 47991B39C2F6ED7E6B9064BC1BB4BC36 ] SensorsVService C:Program Files (x86)SensorsViewPro41svservice.exe 21:24:11.0041 2468 SensorsVService - ok 21:24:11.0123 2468 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:Windowssystem32sensrsvc.dll 21:24:11.0143 2468 SensrSvc - ok 21:24:11.0200 2468 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:Windowssystem32DRIVERSserenum.sys 21:24:11.0215 2468 Serenum - ok 21:24:11.0292 2468 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:Windowssystem32DRIVERSserial.sys 21:24:11.0323 2468 Serial - ok 21:24:11.0364 2468 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:Windowssystem32DRIVERSsermouse.sys 21:24:11.0373 2468 sermouse - ok 21:24:11.0459 2468 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:Windowssystem32sessenv.dll 21:24:11.0467 2468 SessionEnv - ok 21:24:11.0528 2468 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:Windowssystem32driverssffdisk.sys 21:24:11.0542 2468 sffdisk - ok 21:24:11.0578 2468 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:Windowssystem32driverssffp_mmc.sys 21:24:11.0585 2468 sffp_mmc - ok 21:24:11.0604 2468 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:Windowssystem32driverssffp_sd.sys 21:24:11.0610 2468 sffp_sd - ok 21:24:11.0649 2468 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:Windowssystem32DRIVERSsfloppy.sys 21:24:11.0664 2468 sfloppy - ok 21:24:11.0783 2468 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:WindowsSystem32ipnathlp.dll 21:24:11.0808 2468 SharedAccess - ok 21:24:11.0940 2468 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:WindowsSystem32shsvcs.dll 21:24:11.0974 2468 ShellHWDetection - ok 21:24:12.0016 2468 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:Windowssystem32DRIVERSSiSRaid2.sys 21:24:12.0026 2468 SiSRaid2 - ok 21:24:12.0042 2468 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:Windowssystem32DRIVERSsisraid4.sys 21:24:12.0051 2468 SiSRaid4 - ok 21:24:12.0333 2468 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:Program Files (x86)SkypeUpdaterUpdater.exe 21:24:12.0358 2468 SkypeUpdate - ok 21:24:12.0451 2468 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:Windowssystem32DRIVERSsmb.sys 21:24:12.0478 2468 Smb - ok 21:24:12.0598 2468 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:WindowsSystem32snmptrap.exe 21:24:12.0613 2468 SNMPTRAP - ok 21:24:12.0669 2468 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:Windowssystem32driversspldr.sys 21:24:12.0689 2468 spldr - ok 21:24:12.0917 2468 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:WindowsSystem32spoolsv.exe 21:24:12.0931 2468 Spooler - ok 21:24:14.0117 2468 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:Windowssystem32sppsvc.exe 21:24:14.0195 2468 sppsvc - ok 21:24:14.0252 2468 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:Windowssystem32sppuinotify.dll 21:24:14.0274 2468 sppuinotify - ok 21:24:14.0430 2468 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:Windowssystem32DRIVERSsrv.sys 21:24:14.0462 2468 srv - ok 21:24:14.0563 2468 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:Windowssystem32DRIVERSsrv2.sys 21:24:14.0577 2468 srv2 - ok 21:24:14.0624 2468 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:Windowssystem32DRIVERSsrvnet.sys 21:24:14.0635 2468 srvnet - ok 21:24:14.0733 2468 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:WindowsSystem32ssdpsrv.dll 21:24:14.0745 2468 SSDPSRV - ok 21:24:14.0764 2468 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:Windowssystem32sstpsvc.dll 21:24:14.0777 2468 SstpSvc - ok 21:24:14.0847 2468 Steam Client Service - ok 21:24:15.0028 2468 [ 6086B60F2E36D06A063CB07ED0524332 ] Stereo Service C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe 21:24:15.0355 2468 Stereo Service - ok 21:24:15.0422 2468 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:Windowssystem32DRIVERSstexstor.sys 21:24:15.0435 2468 stexstor - ok 21:24:15.0645 2468 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:WindowsSystem32wiaservc.dll 21:24:15.0679 2468 stisvc - ok 21:24:15.0729 2468 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:Windowssystem32driversswenum.sys 21:24:15.0751 2468 swenum - ok 21:24:15.0906 2468 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:WindowsSystem32swprv.dll 21:24:15.0922 2468 swprv - ok 21:24:16.0365 2468 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:Windowssystem32sysmain.dll 21:24:16.0416 2468 SysMain - ok 21:24:16.0482 2468 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:WindowsSystem32TabSvc.dll 21:24:16.0498 2468 TabletInputService - ok 21:24:16.0589 2468 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:WindowsSystem32tapisrv.dll 21:24:16.0604 2468 TapiSrv - ok 21:24:16.0661 2468 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:WindowsSystem32tbssvc.dll 21:24:16.0683 2468 TBS - ok 21:24:17.0186 2468 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:Windowssystem32driverstcpip.sys 21:24:17.0238 2468 Tcpip - ok 21:24:18.0010 2468 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:Windowssystem32DRIVERStcpip.sys 21:24:18.0021 2468 TCPIP6 - ok 21:24:18.0093 2468 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:Windowssystem32driverstcpipreg.sys 21:24:18.0115 2468 tcpipreg - ok 21:24:18.0201 2468 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:Windowssystem32driverstdpipe.sys 21:24:18.0212 2468 TDPIPE - ok 21:24:18.0284 2468 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:Windowssystem32driverstdtcp.sys 21:24:18.0296 2468 TDTCP - ok 21:24:18.0386 2468 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:Windowssystem32DRIVERStdx.sys 21:24:18.0414 2468 tdx - ok 21:24:18.0459 2468 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:Windowssystem32driverstermdd.sys 21:24:18.0475 2468 TermDD - ok 21:24:18.0667 2468 [ 2E648163254233755035B46DD7B89123 ] TermService C:WindowsSystem32termsrv.dll 21:24:18.0693 2468 TermService - ok 21:24:18.0781 2468 [ F0344071948D1A1FA732231785A0664C ] Themes C:Windowssystem32themeservice.dll 21:24:18.0791 2468 Themes - ok 21:24:18.0829 2468 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:Windowssystem32mmcss.dll 21:24:18.0832 2468 THREADORDER - ok 21:24:18.0890 2468 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:WindowsSystem32trkwks.dll 21:24:18.0914 2468 TrkWks - ok 21:24:19.0028 2468 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:WindowsservicingTrustedInstaller.exe 21:24:19.0053 2468 TrustedInstaller - ok 21:24:19.0114 2468 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:Windowssystem32DRIVERStssecsrv.sys 21:24:19.0137 2468 tssecsrv - ok 21:24:19.0293 2468 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:Windowssystem32driverstsusbflt.sys 21:24:19.0309 2468 TsUsbFlt - ok 21:24:19.0434 2468 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:Windowssystem32DRIVERStunnel.sys 21:24:19.0452 2468 tunnel - ok 21:24:19.0499 2468 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:Windowssystem32DRIVERSuagp35.sys 21:24:19.0524 2468 uagp35 - ok 21:24:19.0661 2468 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:Windowssystem32DRIVERSudfs.sys 21:24:19.0686 2468 udfs - ok 21:24:19.0746 2468 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:Windowssystem32UI0Detect.exe 21:24:19.0761 2468 UI0Detect - ok 21:24:19.0810 2468 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:Windowssystem32driversuliagpkx.sys 21:24:19.0843 2468 uliagpkx - ok 21:24:19.0927 2468 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:Windowssystem32driversumbus.sys 21:24:19.0960 2468 umbus - ok 21:24:20.0014 2468 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:Windowssystem32DRIVERSumpass.sys 21:24:20.0029 2468 UmPass - ok 21:24:20.0128 2468 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:WindowsSystem32upnphost.dll 21:24:20.0143 2468 upnphost - ok 21:24:20.0192 2468 [ CD03479F2DA26500B203ED075C146A7A ] USBAAPL64 C:Windowssystem32Driversusbaapl64.sys 21:24:20.0202 2468 USBAAPL64 - ok 21:24:20.0301 2468 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:Windowssystem32driversusbaudio.sys 21:24:20.0322 2468 usbaudio - ok 21:24:20.0380 2468 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:Windowssystem32DRIVERSusbccgp.sys 21:24:20.0406 2468 usbccgp - ok 21:24:20.0496 2468 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:Windowssystem32driversusbcir.sys 21:24:20.0515 2468 usbcir - ok 21:24:20.0559 2468 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:Windowssystem32DRIVERSusbehci.sys 21:24:20.0566 2468 usbehci - ok 21:24:20.0757 2468 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:Windowssystem32DRIVERSusbhub.sys 21:24:20.0791 2468 usbhub - ok 21:24:20.0841 2468 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:Windowssystem32DRIVERSusbohci.sys 21:24:20.0884 2468 usbohci - ok 21:24:20.0992 2468 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:Windowssystem32DRIVERSusbprint.sys 21:24:21.0013 2468 usbprint - ok 21:24:21.0106 2468 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:Windowssystem32DRIVERSusbscan.sys 21:24:21.0126 2468 usbscan - ok 21:24:21.0150 2468 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:Windowssystem32DRIVERSUSBSTOR.SYS 21:24:21.0173 2468 USBSTOR - ok 21:24:21.0214 2468 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:Windowssystem32driversusbuhci.sys 21:24:21.0233 2468 usbuhci - ok 21:24:21.0270 2468 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:WindowsSystem32uxsms.dll 21:24:21.0273 2468 UxSms - ok 21:24:21.0292 2468 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:Windowssystem32lsass.exe 21:24:21.0300 2468 VaultSvc - ok 21:24:21.0333 2468 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:Windowssystem32driversvdrvroot.sys 21:24:21.0359 2468 vdrvroot - ok 21:24:21.0518 2468 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:

#12 Conspire

Conspire

    Advanced Member

  • Trusted Malware Techs
  • 695 posts
  • Gender:Male


Posted 18 November 2012 - 09:58 PM

No worries :)

Please read through these instructions to familiarize yourself with what to expect when this tool runs

Refer to the ComboFix User's Guide


Download ComboFix from one of these locations:

Link 1
Link 2



* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs


====================================================


Double click on combofix.exe & follow the prompts.


When finished, it shall produce a log for you. Please include the C:ComboFix.txt in your next reply for further review.
Proud Graduate of the WTT Classroom
Member of ASAP and UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Donate

#13 CharlesSmith899

CharlesSmith899

    Member

  • Members
  • 11 posts

Posted 21 November 2012 - 04:32 PM

Here is the ComboFix log that was produced: ComboFix 12-11-20.02 - Charles 11/20/2012 22:47:02.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4095.2371 [GMT -5:00] Running from: c:usersCharlesDesktopComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Lavasoft Ad-Aware *Disabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800} FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Lavasoft Ad-Aware *Disabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD} SP: Spybot - Search and Destroy *Disabled/Outdated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:windowsiun6002.exe c:windowsSysWow64drivershwinterface.sys c:windowsSysWow64SET134C.tmp c:windowsSysWow64SET1638.tmp c:windowsSysWow64SET67A9.tmp c:windowsSysWow64SETF3C7.tmp . . ((((((((((((((((((((((((( Files Created from 2012-10-21 to 2012-11-21 ))))))))))))))))))))))))))))))) . . 2012-11-21 04:01 . 2012-11-21 04:01 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp 2012-11-21 04:01 . 2012-11-21 04:01 -------- d-----w- c:usersDefaultAppDataLocaltemp 2012-11-17 17:53 . 2012-07-26 02:26 87040 ----a-w- c:windowssystem32driversWUDFPf.sys 2012-11-17 17:53 . 2012-07-26 02:26 198656 ----a-w- c:windowssystem32driversWUDFRd.sys 2012-11-17 17:53 . 2012-07-26 03:08 84992 ----a-w- c:windowssystem32WUDFSvc.dll 2012-11-17 17:53 . 2012-07-26 03:08 194048 ----a-w- c:windowssystem32WUDFPlatform.dll 2012-11-17 17:53 . 2012-07-26 03:08 229888 ----a-w- c:windowssystem32WUDFHost.exe 2012-11-17 17:53 . 2012-07-26 03:08 744448 ----a-w- c:windowssystem32WUDFx.dll 2012-11-17 17:53 . 2012-07-26 03:08 45056 ----a-w- c:windowssystem32WUDFCoinstaller.dll 2012-11-17 08:15 . 2012-07-26 04:47 2560 ----a-w- c:windowssystem32driversen-USwdf01000.sys.mui 2012-11-17 08:15 . 2012-07-26 04:55 785512 ----a-w- c:windowssystem32driversWdf01000.sys 2012-11-17 08:15 . 2012-07-26 04:55 54376 ----a-w- c:windowssystem32driversWdfLdr.sys 2012-11-17 08:15 . 2012-07-26 02:36 9728 ----a-w- c:windowssystem32Wdfres.dll 2012-11-17 01:25 . 2012-11-17 01:25 -------- d-----w- c:programdataATI 2012-11-17 01:23 . 2012-11-17 01:23 -------- d-----w- c:program files (x86)AMD AVT 2012-11-17 01:23 . 2012-11-17 01:23 -------- d-----w- c:program files (x86)AMD APP 2012-11-17 01:20 . 2012-09-25 22:47 78336 ----a-w- c:windowsSysWow64synceng.dll 2012-11-17 01:20 . 2012-09-25 22:46 95744 ----a-w- c:windowssystem32synceng.dll 2012-11-11 13:06 . 2012-11-11 13:06 30568 ----a-w- c:windowssystem32driversavgtpx64.sys 2012-10-27 12:19 . 2012-10-27 12:19 -------- d-----w- c:programdataBattle.net . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-17 08:04 . 2010-01-06 00:28 66395536 ----a-w- c:windowssystem32MRT.exe 2012-10-13 01:21 . 2012-05-05 15:10 821736 ----a-w- c:windowsSysWow64npdeployJava1.dll 2012-10-13 01:21 . 2010-11-16 22:27 746984 ----a-w- c:windowsSysWow64deployJava1.dll 2012-09-30 00:54 . 2011-06-11 18:59 25928 ----a-w- c:windowssystem32driversmbam.sys 2012-09-28 20:37 . 2012-09-28 20:37 221696 ----a-w- c:windowssystem32clinfo.exe 2012-09-28 20:36 . 2012-09-28 20:36 75776 ----a-w- c:windowssystem32OpenVideo64.dll 2012-09-28 20:36 . 2012-09-28 20:36 65536 ----a-w- c:windowsSysWow64OpenVideo.dll 2012-09-28 20:36 . 2012-09-28 20:36 63488 ----a-w- c:windowssystem32OVDecode64.dll 2012-09-28 20:36 . 2012-09-28 20:36 56320 ----a-w- c:windowsSysWow64OVDecode.dll 2012-09-28 20:36 . 2012-09-28 20:36 32635904 ----a-w- c:windowssystem32amdocl64.dll 2012-09-28 20:32 . 2012-09-28 20:32 27341824 ----a-w- c:windowsSysWow64amdocl.dll 2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:windowssystem32atidemgy.dll 2012-09-25 03:16 . 2012-10-20 15:01 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll 2012-09-14 19:19 . 2012-10-13 20:49 2048 ----a-w- c:windowssystem32tzres.dll 2012-09-14 18:28 . 2012-10-13 20:49 2048 ----a-w- c:windowsSysWow64tzres.dll 2012-08-31 18:19 . 2012-10-13 20:50 1659760 ----a-w- c:windowssystem32driversntfs.sys 2012-08-30 18:03 . 2012-10-13 20:50 5559664 ----a-w- c:windowssystem32ntoskrnl.exe 2012-08-30 17:12 . 2012-10-13 20:50 3914096 ----a-w- c:windowsSysWow64ntoskrnl.exe 2012-08-30 17:12 . 2012-10-13 20:50 3968880 ----a-w- c:windowsSysWow64ntkrnlpa.exe 2012-08-24 19:43 . 2012-08-24 19:43 384352 ----a-w- c:windowssystem32driversavgtdia.sys 2012-08-24 18:05 . 2012-10-13 20:49 220160 ----a-w- c:windowssystem32wintrust.dll 2012-08-24 18:05 . 2012-09-22 02:20 1188864 ----a-w- c:windowssystem32wininet.dll 2012-08-24 18:05 . 2012-09-22 02:20 1494528 ----a-w- c:windowssystem32urlmon.dll 2012-08-24 18:05 . 2012-09-22 02:20 134144 ----a-w- c:windowssystem32url.dll 2012-08-24 18:03 . 2012-09-22 02:20 9056256 ----a-w- c:windowssystem32mshtml.dll 2012-08-24 18:03 . 2012-09-22 02:20 97792 ----a-w- c:windowssystem32mshtmled.dll 2012-08-24 18:03 . 2012-09-22 02:20 735744 ----a-w- c:windowssystem32msfeeds.dll 2012-08-24 18:03 . 2012-09-22 02:20 64512 ----a-w- c:windowssystem32jsproxy.dll 2012-08-24 18:02 . 2012-09-22 02:20 247808 ----a-w- c:windowssystem32ieui.dll 2012-08-24 18:02 . 2012-09-22 02:20 12295680 ----a-w- c:windowssystem32ieframe.dll 2012-08-24 18:02 . 2012-09-22 02:20 2453504 ----a-w- c:windowssystem32iertutil.dll 2012-08-24 16:57 . 2012-10-13 20:49 172544 ----a-w- c:windowsSysWow64wintrust.dll 2012-08-24 16:57 . 2012-09-22 02:20 981504 ----a-w- c:windowsSysWow64wininet.dll 2012-08-24 15:59 . 2012-09-22 02:20 1638912 ----a-w- c:windowssystem32mshtml.tlb 2012-08-24 15:20 . 2012-09-22 02:20 1638912 ----a-w- c:windowsSysWow64mshtml.tlb . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks] "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:program files (x86)Softonic-Eng7prxtbSof0.dll" [2011-05-09 176936] "{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:program files (x86)adawaretbadawareDx.dll" [2012-09-20 87448] . [HKEY_CLASSES_ROOTclsid{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] . [HKEY_CLASSES_ROOTclsid{6c97a91e-4524-4019-86af-2aa2d567bf5c}] . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] 2011-05-09 09:49 176936 ----a-w- c:program files (x86)Softonic-Eng7prxtbSof0.dll . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{6c97a91e-4524-4019-86af-2aa2d567bf5c}] 2012-09-20 20:06 87448 ----a-w- c:program files (x86)adawaretbadawareDx.dll . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-11-11 13:06 1796552 ----a-w- c:program files (x86)AVG Secure Search13.2.0.5AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar] "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:program files (x86)Softonic-Eng7prxtbSof0.dll" [2011-05-09 176936] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:program files (x86)AVG Secure Search13.2.0.5AVG Secure Search_toolbar.dll" [2012-11-11 1796552] "{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:program files (x86)adawaretbadawareDx.dll" [2012-09-20 87448] . [HKEY_CLASSES_ROOTclsid{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] . [HKEY_CLASSES_ROOTclsid{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOTAVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOTAVG Secure Search.PugiObj] . [HKEY_CLASSES_ROOTclsid{6c97a91e-4524-4019-86af-2aa2d567bf5c}] . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "AROReminder"="c:program files (x86)Advanced Registry OptimizerARO.exe" [2008-08-22 2084480] "Steam"="c:program files (x86)SteamSteam.exe" [2012-09-08 1353080] "SensorsView"="c:program files (x86)SensorsViewPro41sviewpro.exe" [2011-04-05 2267648] "SpybotSD TeaTimer"="c:program files (x86)Spybot - Search & DestroyTeaTimer.exe" [2009-03-05 2260480] "HydraVisionDesktopManager"="c:program files (x86)ATI TechnologiesHydraVisionHydraDM.exe" [2011-03-10 393216] . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun] "Ad-Aware Antivirus"="c:program files (x86)Ad-Aware AntivirusAdAwareLauncher --windows-run" [X] "AVG_TRAY"="c:program files (x86)AVGAVG2012avgtray.exe" [2012-07-31 2596984] "AppleSyncNotifier"="c:program files (x86)Common FilesAppleMobile Device SupportAppleSyncNotifier.exe" [2011-04-20 58656] "Total Defense PC Tuneup Reminder"="c:program files (x86)CACA PC Tune-UpReminder-PCTuneup.exe" [2009-09-09 205496] "vProt"="c:program files (x86)AVG Secure Searchvprot.exe" [2012-11-11 997320] "SDTray"="c:program files (x86)Spybot - Search & Destroy 2SDTray.exe" [2012-07-04 3921432] "Ad-Aware Browsing Protection"="c:programdataAd-Aware Browsing Protectionadawarebp.exe" [2012-08-08 540056] "HostManager"="c:program files (x86)Common FilesAOL1262775310eeAOLSoftware.exe" [2010-03-08 41800] "Adobe Reader Speed Launcher"="c:program files (x86)AdobeReader 9.0ReaderReader_sl.exe" [2012-07-31 38872] "Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-11 919008] "APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-08-28 59280] "QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-04-19 421888] "iTunesHelper"="c:program files (x86)iTunesiTunesHelper.exe" [2012-09-10 421776] "SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848] "StartCCC"="c:program files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" [2012-09-28 642728] . c:usersCharlesAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup CurseClientStartup.ccip [2010-1-4 0] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32] "aux9"=wdmaud.drv . [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsession manager] BootExecute REG_MULTI_SZ autocheck autochk *00sdnclean64.exe0c:progra~2AVGAVG2012avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalAd-Aware Service] @="Ad-Aware Service" . [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMSIServer] @="Service" . [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSBAMSvc] @="Service" . R0 Lbd;Lbd;c:windowssystem32DRIVERSLbd.sys [x] R1 Hmonitor45;Hmonitor45;c:windowsSysWOW64drivershmonitor45.sys [2011-06-10 14544] R2 AODDriver4.1;AODDriver4.1;c:program filesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys [2012-04-09 57472] R2 AODDriver4.2;AODDriver4.2;c:program filesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys [2012-04-09 57472] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576] R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:program files (x86)Spybot - Search & Destroy 2SDFSSvc.exe [2012-07-04 1188896] R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:program files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe [2012-07-04 1395736] R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944] R3 AODDriver4.0;AODDriver4.0;c:program filesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys [2012-04-09 57472] R3 athrusb6;Atheros Wireless LAN USB device driver 6 Series;c:windowssystem32DRIVERSathrxu6.sys [2007-07-05 1041920] R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:windowssystem32DRIVERSbcmwlhigh664.sys [x] R3 CV2K1;CommView Network Monitor;c:windowssystem32DRIVERScv2k1.sys [x] R3 D_Link_DWA-125;D_Link_DWA-125 Service;c:program files (x86)D-LinkDWA-125 revAANIWZCSdS.exe [2009-08-21 126976] R3 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service;c:program files (x86)D-LinkDWA-125 revAANIWConnService.exe [2009-07-07 40960] R3 Desura Install Service;Desura Install Service;c:program files (x86)Common FilesDesuradesura_service.exe [2012-03-23 131912] R3 LGPBTDD;LGPBTDD.sys Display Driver;c:windowssystem32DriversLGPBTDD.sys [2009-07-01 30728] R3 motandroidusb;Mot ADB Interface Driver;c:windowssystem32Driversmotoandroid.sys [2009-07-10 31744] R3 MotoHelper;MotoHelper Service;c:program files (x86)MotorolaMotoHelperMotoHelperService.exe [2011-04-26 223088] R3 RoxMediaDBGame1X;RoxMediaDBGame1X;c:program files (x86)Common FilesRoxio SharedGame1XSharedCOMRoxMediaDBGame1X.exe [2011-02-17 1099248] R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:windowssystem32DRIVERSRTL8192su.sys [x] R3 RzSynapse;Razer Naga Driver;c:windowssystem32DRIVERSRzSynapse.sys [2010-04-21 73216] R3 sbhips;sbhips;c:windowssystem32driverssbhips.sys [2011-12-19 60536] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:windowssystem32Driversusbaapl64.sys [2010-04-20 50688] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2010-02-26 1255736] R3 WRfiltv;WRfiltv;c:windowssystem32driversWRfiltv.sys [2009-07-31 25600] S0 AVGIDSHA;AVGIDSHA;c:windowssystem32DRIVERSavgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:windowssystem32DRIVERSavgrkx64.sys [2012-01-31 36944] S0 PxHlpa64;PxHlpa64;c:windowsSystem32DriversPxHlpa64.sys [2010-03-19 55856] S1 anodlwf;ANOD Network Security Filter driver;c:windowssystem32DRIVERSanodlwfx.sys [2009-03-06 15872] S1 Avgldx64;AVG AVI Loader Driver;c:windowssystem32DRIVERSavgldx64.sys [2012-07-26 291680] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:windowssystem32DRIVERSavgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:windowssystem32DRIVERSavgtdia.sys [2012-08-24 384352] S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-11 30568] S1 hugoio64;hugoio64;c:program files (x86)i-Menuhugoio64.sys [2008-04-30 13856] S1 SBRE;SBRE;c:windowssystem32driversSBREdrv.sys [2011-10-26 57976] S1 SDHookDriver;Spybot-S&D 2 Hook Driver;c:program files (x86)Spybot - Search & Destroy 2SDHookDrv64.sys [2011-10-05 48888] S1 sensorsview;sensorsview;c:program files (x86)SensorsViewPro41drvsensorsview32_64.sys [2008-07-26 14544] S2 Ad-Aware Service;Ad-Aware Service;c:program files (x86)Ad-Aware AntivirusAdAwareService.exe [2012-09-20 1236368] S2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [2012-04-06 236544] S2 AMD FUEL Service;AMD FUEL Service;c:program filesATI TechnologiesATI.ACEFuelFuel.Service.exe [2012-09-28 361984] S2 AODDriver4.01;AODDriver4.01;c:program filesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys [2012-04-09 57472] S2 AVGIDSAgent;AVGIDSAgent;c:program files (x86)AVGAVG2012AVGIDSAgent.exe [2012-08-13 5167736] S2 avgwd;AVG WatchDog;c:program files (x86)AVGAVG2012avgwdsvc.exe [2012-02-14 193288] S2 iPodDrv;iPodDrv;c:windowssystem32driversiPodDrv.sys [2011-04-15 14952] S2 SBAMSvc;Ad-Aware;c:program files (x86)Ad-Aware AntivirusSBAMSvc.exe [2011-12-19 3289032] S2 sbapifs;sbapifs;c:windowssystem32DRIVERSsbapifs.sys [2011-11-29 74872] S2 SDHookService;Spybot S&D 2 Live Protection Service;c:program files (x86)Spybot - Search & Destroy 2SDHookSvc.exe [2011-10-05 130976] S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:program files (x86)Spybot - Search & Destroy 2SDWSCSvc.exe [2012-03-22 166528] S2 SensorsVService;SensorsVService;c:program files (x86)SensorsViewPro41svservice.exe [2010-06-17 923648] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:program files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [2011-05-21 378472] S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:program files (x86)Common FilesAVG Secure SearchvToolbarUpdater13.2.0ToolbarUpdater.exe [2012-11-11 711112] S3 amdiox64;AMD IO Driver;c:windowssystem32DRIVERSamdiox64.sys [2010-02-18 46136] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:windowssystem32driversAtihdW76.sys [2012-05-14 96896] S3 AVGIDSDriver;AVGIDSDriver;c:windowssystem32DRIVERSavgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:windowssystem32DRIVERSavgidsfiltera.sys [2011-12-23 29776] S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:windowssystem32driversLGBusEnum.sys [2009-11-23 22408] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:windowssystem32driversLGVirHid.sys [2009-11-23 16008] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-11-21 c:windowsTasksCheck for updates (Spybot - Search & Destroy).job - c:program files (x86)Spybot - Search & Destroy 2SDUpdate.exe [2012-10-14 10:41] . 2012-11-21 c:windowsTasksGoogleUpdateTaskMachineCore.job - c:program files (x86)GoogleUpdateGoogleUpdate.exe [2010-06-15 09:26] . 2012-11-21 c:windowsTasksGoogleUpdateTaskMachineUA.job - c:program files (x86)GoogleUpdateGoogleUpdate.exe [2010-06-15 09:26] . 2012-09-22 c:windowsTasksRefresh immunization (Spybot - Search & Destroy).job - c:program files (x86)Spybot - Search & Destroy 2SDImmunize.exe [2011-11-08 10:40] . 2012-06-02 c:windowsTasksScan the system (Spybot - Search & Destroy).job - c:program files (x86)Spybot - Search & Destroy 2SDScan.exe [2011-11-08 10:40] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "Launch LgDeviceAgent"="c:program filesLogitechGamePanel SoftwareLgDevAgt.exe" [2010-08-03 415816] "Launch LCDMon"="c:program filesLogitechGamePanel SoftwareLCD ManagerLCDMon.exe" [2010-08-03 2412616] "Launch LGDCore"="c:program filesLogitechGamePanel SoftwareG-series SoftwareLGDCore.exe" [2010-08-03 4725320] . ------- Supplementary Scan ------- . uLocal Page = c:windowssystem32blank.htm uStart Page = about:blank mLocal Page = c:windowsSysWOW64blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:progra~2MICROS~1Office12EXCEL.EXE/3000 TCP: DhcpNameServer = 167.206.251.129 167.206.251.130 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:program files (x86)Common FilesAVG Secure SearchViProtocolInstaller13.2.0ViProtocol.dll DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} - hxxp://utilities.pcpitstop.com/pctuneup2/controls/pctuneup.cab . - - - - ORPHANS REMOVED - - - - . BHO-{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - c:progra~2WI3C8A~1DatamngrIEBHO.dll Toolbar-10 - (no file) Wow6432Node-HKCU-Run-InstallIQUpdater - c:program files (x86)W3iInstallIQUpdaterInstallIQUpdater.exe Wow6432Node-HKLM-Run-ROC_roc_dec12 - c:program files (x86)AVG Secure SearchROC_roc_dec12.exe Notify-SDWinLogon - SDWinLogon.dll Toolbar-10 - (no file) WebBrowser-{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) AddRemove-Adobe Shockwave Player - c:windowssystem32AdobeShockwave 11uninstaller.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERSS-1-5-21-1758300881-2850360034-3307528170-1000SoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved{4571B2AB-AFA4-B64E-A7B9-EC7567198DF4}*] "hajcndefnahgikcm"=hex:6a,61,63,70,67,64,63,70,68,70,61,65,70,65,6e,64,69,64, 6d,6a,00,01 "iadiebhndjpcngehpo"=hex:6a,61,68,6f,62,63,61,6e,68,6a,70,62,67,6a,68,62,61,61, 6c,62,00,fe . [HKEY_USERSS-1-5-21-1758300881-2850360034-3307528170-1000SoftwareSecuROMLicense information*] "datasecu"=hex:44,85,20,e0,bd,f5,4a,6b,b4,24,e7,5b,19,4c,2d,b5,96,a4,e4,6c,71, e4,ce,94,77,68,c3,90,77,f1,fe,3b,9a,e5,5c,4e,f3,25,f2,9a,ad,58,49,2d,29,1f, "rkeysecu"=hex:cd,f6,83,2f,df,a2,10,15,cc,41,42,93,55,dd,0a,a8 . [HKEY_USERSS-1-5-21-1758300881-2850360034-3307528170-1000 õ**] @Allowed: (Read) (RestrictedCode) "MachineID"=hex:df,01,be,79,da,44,e0,00 DUMPHIVE0.003 (REGF) . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}LocalServer32] @="c:WindowsSysWOW64MacromedFlashFlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus] @="0" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash11e.ocx, 1" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash11e.ocx, 1" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINEsystemControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:program files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe c:windowsSysWOW64PnkBstrA.exe c:program files (x86)Windows Media Playerwmplayer.exe c:program filesLogitechGamePanel SoftwareAppletsColorOnlyLCDYT.exe c:program filesLogitechGamePanel SoftwareAppletsColorOnlyLCDMovieViewer.exe c:program filesLogitechGamePanel SoftwareAppletsColorOnlyLCDWebCam.exe c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe . ************************************************************************** . Completion time: 2012-11-20 23:23:49 - machine was rebooted ComboFix-quarantined-files.txt 2012-11-21 04:23 . Pre-Run: 395,146,117,120 bytes free Post-Run: 395,209,773,056 bytes free . - - End Of File - - 6EA8C305EB9D83ED29F051F169600335

#14 Conspire

Conspire

    Advanced Member

  • Trusted Malware Techs
  • 695 posts
  • Gender:Male


Posted 22 November 2012 - 04:00 AM

Please follow all previous instructions regarding security programs.

Open a new Notepad session
  • Click the Start button, click run
  • in the run box type notepad
  • click ok
  • In the notepad, Click "Format" and be certain that Word Wrap is not checked.
  • Copy and paste all the text in the code box below into the Notepad. Do Not copy the word CODE

ClearJavaCache::

RegLockDel::
[HKEY_USERSS-1-5-21-1758300881-2850360034-3307528170-1000SoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved{4571B2AB-AFA4-B64E-A7B9-EC7567198DF4}*]


In the notepad
  • Click File, Save as..., and set the Save in to your Desktop
  • In the filename box, type (including quotation marks) as the filename: "CFScript.txt"
  • Click save
Using your mouse left button, drag the new file CFscript.txt and drop it on the ComboFix.exe icon as shown below.

This will start ComboFix again.Close all browser/windows first.

When finished, it shall produce a log for you. Please post that log, C:ComboFix.txt, in your next reply.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Posted Image
Proud Graduate of the WTT Classroom
Member of ASAP and UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Donate

#15 CharlesSmith899

CharlesSmith899

    Member

  • Members
  • 11 posts

Posted 24 November 2012 - 11:30 PM

I just wanted to add that the bad image error reports stopped after the first combo-fix run, but here is the log of the one I just completed: ComboFix 12-11-24.02 - Charles 11/24/2012 22:18:31.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4095.3016 [GMT -5:00] Running from: c:usersCharlesDesktopComboFix.exe Command switches used :: c:usersCharlesDesktopCFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Lavasoft Ad-Aware *Disabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800} FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Lavasoft Ad-Aware *Disabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD} SP: Spybot - Search and Destroy *Disabled/Outdated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:usersCharlesAppDataLocalTemp~7846.tmp . . ((((((((((((((((((((((((( Files Created from 2012-10-25 to 2012-11-25 ))))))))))))))))))))))))))))))) . . 2012-11-25 03:38 . 2012-11-25 03:38 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp 2012-11-25 03:38 . 2012-11-25 03:38 -------- d-----w- c:usersDefaultAppDataLocaltemp 2012-11-22 21:57 . 2012-11-22 21:57 -------- d-----w- c:program files (x86)Guild Wars 2 2012-11-22 02:24 . 2012-11-22 02:25 -------- d-----w- c:usersCharlesAppDataLocaleSupport.com 2012-11-22 02:24 . 2012-11-22 02:24 21712 ----a-w- c:windowsSysWow64driversDrvAgent64.SYS 2012-11-22 01:49 . 2012-11-22 01:49 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe 2012-11-21 22:55 . 2012-11-19 06:01 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{F0483645-65D1-44BB-81B7-1508BC248980}mpengine.dll 2012-11-21 21:53 . 2012-11-21 22:12 -------- d-----w- c:usersCharlesAppDataLocalSony Online Entertainment 2012-11-17 17:53 . 2012-07-26 02:26 87040 ----a-w- c:windowssystem32driversWUDFPf.sys 2012-11-17 17:53 . 2012-07-26 02:26 198656 ----a-w- c:windowssystem32driversWUDFRd.sys 2012-11-17 17:53 . 2012-07-26 03:08 84992 ----a-w- c:windowssystem32WUDFSvc.dll 2012-11-17 17:53 . 2012-07-26 03:08 194048 ----a-w- c:windowssystem32WUDFPlatform.dll 2012-11-17 17:53 . 2012-07-26 03:08 229888 ----a-w- c:windowssystem32WUDFHost.exe 2012-11-17 17:53 . 2012-07-26 03:08 744448 ----a-w- c:windowssystem32WUDFx.dll 2012-11-17 17:53 . 2012-07-26 03:08 45056 ----a-w- c:windowssystem32WUDFCoinstaller.dll 2012-11-17 08:15 . 2012-07-26 04:47 2560 ----a-w- c:windowssystem32driversen-USwdf01000.sys.mui 2012-11-17 08:15 . 2012-07-26 04:55 785512 ----a-w- c:windowssystem32driversWdf01000.sys 2012-11-17 08:15 . 2012-07-26 04:55 54376 ----a-w- c:windowssystem32driversWdfLdr.sys 2012-11-17 08:15 . 2012-07-26 02:36 9728 ----a-w- c:windowssystem32Wdfres.dll 2012-11-17 01:25 . 2012-11-17 01:25 -------- d-----w- c:programdataATI 2012-11-17 01:23 . 2012-11-17 01:23 -------- d-----w- c:program files (x86)AMD AVT 2012-11-17 01:23 . 2012-11-17 01:23 -------- d-----w- c:program files (x86)AMD APP 2012-11-17 01:20 . 2012-09-25 22:47 78336 ----a-w- c:windowsSysWow64synceng.dll 2012-11-17 01:20 . 2012-09-25 22:46 95744 ----a-w- c:windowssystem32synceng.dll 2012-11-11 13:06 . 2012-11-11 13:06 30568 ----a-w- c:windowssystem32driversavgtpx64.sys 2012-10-27 12:19 . 2012-10-27 12:19 -------- d-----w- c:programdataBattle.net . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-22 01:49 . 2011-06-26 14:25 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl 2012-11-17 08:04 . 2010-01-06 00:28 66395536 ----a-w- c:windowssystem32MRT.exe 2012-10-13 01:21 . 2012-05-05 15:10 821736 ----a-w- c:windowsSysWow64npdeployJava1.dll 2012-10-13 01:21 . 2010-11-16 22:27 746984 ----a-w- c:windowsSysWow64deployJava1.dll 2012-09-30 00:54 . 2011-06-11 18:59 25928 ----a-w- c:windowssystem32driversmbam.sys 2012-09-28 20:37 . 2012-09-28 20:37 221696 ----a-w- c:windowssystem32clinfo.exe 2012-09-28 20:36 . 2012-09-28 20:36 75776 ----a-w- c:windowssystem32OpenVideo64.dll 2012-09-28 20:36 . 2012-09-28 20:36 65536 ----a-w- c:windowsSysWow64OpenVideo.dll 2012-09-28 20:36 . 2012-09-28 20:36 63488 ----a-w- c:windowssystem32OVDecode64.dll 2012-09-28 20:36 . 2012-09-28 20:36 56320 ----a-w- c:windowsSysWow64OVDecode.dll 2012-09-28 20:36 . 2012-09-28 20:36 32635904 ----a-w- c:windowssystem32amdocl64.dll 2012-09-28 20:32 . 2012-09-28 20:32 27341824 ----a-w- c:windowsSysWow64amdocl.dll 2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:windowssystem32atidemgy.dll 2012-09-25 03:16 . 2012-10-20 15:01 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll 2012-09-14 19:19 . 2012-10-13 20:49 2048 ----a-w- c:windowssystem32tzres.dll 2012-09-14 18:28 . 2012-10-13 20:49 2048 ----a-w- c:windowsSysWow64tzres.dll 2012-08-31 18:19 . 2012-10-13 20:50 1659760 ----a-w- c:windowssystem32driversntfs.sys 2012-08-30 18:03 . 2012-10-13 20:50 5559664 ----a-w- c:windowssystem32ntoskrnl.exe 2012-08-30 17:12 . 2012-10-13 20:50 3914096 ----a-w- c:windowsSysWow64ntoskrnl.exe 2012-08-30 17:12 . 2012-10-13 20:50 3968880 ----a-w- c:windowsSysWow64ntkrnlpa.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks] "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:program files (x86)Softonic-Eng7prxtbSof0.dll" [2011-05-09 176936] "{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:program files (x86)adawaretbadawareDx.dll" [2012-09-20 87448] . [HKEY_CLASSES_ROOTclsid{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] . [HKEY_CLASSES_ROOTclsid{6c97a91e-4524-4019-86af-2aa2d567bf5c}] . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] 2011-05-09 09:49 176936 ----a-w- c:program files (x86)Softonic-Eng7prxtbSof0.dll . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{6c97a91e-4524-4019-86af-2aa2d567bf5c}] 2012-09-20 20:06 87448 ----a-w- c:program files (x86)adawaretbadawareDx.dll . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-11-11 13:06 1796552 ----a-w- c:program files (x86)AVG Secure Search13.2.0.5AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}] c:progra~2WI3C8A~1DatamngrIEBHO.dll [BU] . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar] "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:program files (x86)Softonic-Eng7prxtbSof0.dll" [2011-05-09 176936] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:program files (x86)AVG Secure Search13.2.0.5AVG Secure Search_toolbar.dll" [2012-11-11 1796552] "{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:program files (x86)adawaretbadawareDx.dll" [2012-09-20 87448] . [HKEY_CLASSES_ROOTclsid{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] . [HKEY_CLASSES_ROOTclsid{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOTAVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOTAVG Secure Search.PugiObj] . [HKEY_CLASSES_ROOTclsid{6c97a91e-4524-4019-86af-2aa2d567bf5c}] . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "AROReminder"="c:program files (x86)Advanced Registry OptimizerARO.exe" [2008-08-22 2084480] "Steam"="c:program files (x86)SteamSteam.exe" [2012-09-08 1353080] "SensorsView"="c:program files (x86)SensorsViewPro41sviewpro.exe" [2011-04-05 2267648] "SpybotSD TeaTimer"="c:program files (x86)Spybot - Search & DestroyTeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun] "Ad-Aware Antivirus"="c:program files (x86)Ad-Aware AntivirusAdAwareLauncher --windows-run" [X] "AVG_TRAY"="c:program files (x86)AVGAVG2012avgtray.exe" [2012-07-31 2596984] "AppleSyncNotifier"="c:program files (x86)Common FilesAppleMobile Device SupportAppleSyncNotifier.exe" [2011-04-20 58656] "Total Defense PC Tuneup Reminder"="c:program files (x86)CACA PC Tune-UpReminder-PCTuneup.exe" [2009-09-09 205496] "vProt"="c:program files (x86)AVG Secure Searchvprot.exe" [2012-11-11 997320] "SDTray"="c:program files (x86)Spybot - Search & Destroy 2SDTray.exe" [2012-07-04 3921432] "Ad-Aware Browsing Protection"="c:programdataAd-Aware Browsing Protectionadawarebp.exe" [2012-08-08 540056] "HostManager"="c:program files (x86)Common FilesAOL1262775310eeAOLSoftware.exe" [2010-03-08 41800] "Adobe Reader Speed Launcher"="c:program files (x86)AdobeReader 9.0ReaderReader_sl.exe" [2012-07-31 38872] "Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-11 919008] "APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-08-28 59280] "QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-04-19 421888] "iTunesHelper"="c:program files (x86)iTunesiTunesHelper.exe" [2012-09-10 421776] "SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848] "StartCCC"="c:program files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" [2012-09-28 642728] . c:usersCharlesAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup CurseClientStartup.ccip [2010-1-4 0] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32] "aux9"=wdmaud.drv . [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsession manager] BootExecute REG_MULTI_SZ autocheck autochk *00sdnclean64.exe0c:progra~2AVGAVG2012avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalAd-Aware Service] @="Ad-Aware Service" . [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMSIServer] @="Service" . [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSBAMSvc] @="Service" . R0 Lbd;Lbd;c:windowssystem32DRIVERSLbd.sys [x] R1 Hmonitor45;Hmonitor45;c:windowsSysWOW64drivershmonitor45.sys [2011-06-10 14544] R2 AODDriver4.1;AODDriver4.1;c:program filesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys [2012-04-09 57472] R2 AODDriver4.2;AODDriver4.2;c:program filesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys [2012-04-09 57472] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576] R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:program files (x86)Spybot - Search & Destroy 2SDFSSvc.exe [2012-07-04 1188896] R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:program files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe [2012-07-04 1395736] R2 SensorsVService;SensorsVService;c:program files (x86)SensorsViewPro41svservice.exe [2010-06-17 923648] R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944] R3 AODDriver4.0;AODDriver4.0;c:program filesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys [2012-04-09 57472] R3 athrusb6;Atheros Wireless LAN USB device driver 6 Series;c:windowssystem32DRIVERSathrxu6.sys [2007-07-05 1041920] R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:windowssystem32DRIVERSbcmwlhigh664.sys [x] R3 CV2K1;CommView Network Monitor;c:windowssystem32DRIVERScv2k1.sys [x] R3 D_Link_DWA-125;D_Link_DWA-125 Service;c:program files (x86)D-LinkDWA-125 revAANIWZCSdS.exe [2009-08-21 126976] R3 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service;c:program files (x86)D-LinkDWA-125 revAANIWConnService.exe [2009-07-07 40960] R3 Desura Install Service;Desura Install Service;c:program files (x86)Common FilesDesuradesura_service.exe [2012-03-23 131912] R3 DrvAgent64;DrvAgent64;c:windowsSysWOW64DriversDrvAgent64.SYS [2012-11-22 21712] R3 LGPBTDD;LGPBTDD.sys Display Driver;c:windowssystem32DriversLGPBTDD.sys [2009-07-01 30728] R3 motandroidusb;Mot ADB Interface Driver;c:windowssystem32Driversmotoandroid.sys [2009-07-10 31744] R3 MotoHelper;MotoHelper Service;c:program files (x86)MotorolaMotoHelperMotoHelperService.exe [2011-04-26 223088] R3 RoxMediaDBGame1X;RoxMediaDBGame1X;c:program files (x86)Common FilesRoxio SharedGame1XSharedCOMRoxMediaDBGame1X.exe [2011-02-17 1099248] R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:windowssystem32DRIVERSRTL8192su.sys [x] R3 RzSynapse;Razer Naga Driver;c:windowssystem32DRIVERSRzSynapse.sys [2010-04-21 73216] R3 sbhips;sbhips;c:windowssystem32driverssbhips.sys [2011-12-19 60536] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:windowssystem32Driversusbaapl64.sys [2010-04-20 50688] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2010-02-26 1255736] R3 WRfiltv;WRfiltv;c:windowssystem32driversWRfiltv.sys [2009-07-31 25600] S0 AVGIDSHA;AVGIDSHA;c:windowssystem32DRIVERSavgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:windowssystem32DRIVERSavgrkx64.sys [2012-01-31 36944] S0 PxHlpa64;PxHlpa64;c:windowsSystem32DriversPxHlpa64.sys [2010-03-19 55856] S1 anodlwf;ANOD Network Security Filter driver;c:windowssystem32DRIVERSanodlwfx.sys [2009-03-06 15872] S1 Avgldx64;AVG AVI Loader Driver;c:windowssystem32DRIVERSavgldx64.sys [2012-07-26 291680] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:windowssystem32DRIVERSavgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:windowssystem32DRIVERSavgtdia.sys [2012-08-24 384352] S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-11 30568] S1 hugoio64;hugoio64;c:program files (x86)i-Menuhugoio64.sys [2008-04-30 13856] S1 SBRE;SBRE;c:windowssystem32driversSBREdrv.sys [2011-10-26 57976] S1 SDHookDriver;Spybot-S&D 2 Hook Driver;c:program files (x86)Spybot - Search & Destroy 2SDHookDrv64.sys [2011-10-05 48888] S1 sensorsview;sensorsview;c:program files (x86)SensorsViewPro41drvsensorsview32_64.sys [2008-07-26 14544] S2 Ad-Aware Service;Ad-Aware Service;c:program files (x86)Ad-Aware AntivirusAdAwareService.exe [2012-09-20 1236368] S2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [2012-04-06 236544] S2 AMD FUEL Service;AMD FUEL Service;c:program filesATI TechnologiesATI.ACEFuelFuel.Service.exe [2012-09-28 361984] S2 AODDriver4.01;AODDriver4.01;c:program filesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys [2012-04-09 57472] S2 AVGIDSAgent;AVGIDSAgent;c:program files (x86)AVGAVG2012AVGIDSAgent.exe [2012-08-13 5167736] S2 avgwd;AVG WatchDog;c:program files (x86)AVGAVG2012avgwdsvc.exe [2012-02-14 193288] S2 iPodDrv;iPodDrv;c:windowssystem32driversiPodDrv.sys [2011-04-15 14952] S2 SBAMSvc;Ad-Aware;c:program files (x86)Ad-Aware AntivirusSBAMSvc.exe [2011-12-19 3289032] S2 sbapifs;sbapifs;c:windowssystem32DRIVERSsbapifs.sys [2011-11-29 74872] S2 SDHookService;Spybot S&D 2 Live Protection Service;c:program files (x86)Spybot - Search & Destroy 2SDHookSvc.exe [2011-10-05 130976] S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:program files (x86)Spybot - Search & Destroy 2SDWSCSvc.exe [2012-03-22 166528] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:program files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [2011-05-21 378472] S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:program files (x86)Common FilesAVG Secure SearchvToolbarUpdater13.2.0ToolbarUpdater.exe [2012-11-11 711112] S3 amdiox64;AMD IO Driver;c:windowssystem32DRIVERSamdiox64.sys [2010-02-18 46136] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:windowssystem32driversAtihdW76.sys [2012-05-14 96896] S3 AVGIDSDriver;AVGIDSDriver;c:windowssystem32DRIVERSavgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:windowssystem32DRIVERSavgidsfiltera.sys [2011-12-23 29776] S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:windowssystem32driversLGBusEnum.sys [2009-11-23 22408] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:windowssystem32driversLGVirHid.sys [2009-11-23 16008] . . Contents of the 'Scheduled Tasks' folder . 2012-11-25 c:windowsTasksCheck for updates (Spybot - Search & Destroy).job - c:program files (x86)Spybot - Search & Destroy 2SDUpdate.exe [2012-10-14 10:41] . 2012-11-25 c:windowsTasksGoogleUpdateTaskMachineCore.job - c:program files (x86)GoogleUpdateGoogleUpdate.exe [2010-06-15 09:26] . 2012-11-25 c:windowsTasksGoogleUpdateTaskMachineUA.job - c:program files (x86)GoogleUpdateGoogleUpdate.exe [2010-06-15 09:26] . 2012-11-22 c:windowsTasksRefresh immunization (Spybot - Search & Destroy).job - c:program files (x86)Spybot - Search & Destroy 2SDImmunize.exe [2011-11-08 10:40] . 2012-06-02 c:windowsTasksScan the system (Spybot - Search & Destroy).job - c:program files (x86)Spybot - Search & Destroy 2SDScan.exe [2011-11-08 10:40] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "Launch LgDeviceAgent"="c:program filesLogitechGamePanel SoftwareLgDevAgt.exe" [2010-08-03 415816] "Launch LCDMon"="c:program filesLogitechGamePanel SoftwareLCD ManagerLCDMon.exe" [2010-08-03 2412616] "Launch LGDCore"="c:program filesLogitechGamePanel SoftwareG-series SoftwareLGDCore.exe" [2010-08-03 4725320] . ------- Supplementary Scan ------- . uLocal Page = c:windowssystem32blank.htm uStart Page = about:blank mLocal Page = c:windowsSysWOW64blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:progra~2MICROS~1Office12EXCEL.EXE/3000 Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 167.206.251.129 167.206.251.130 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:program files (x86)Common FilesAVG Secure SearchViProtocolInstaller13.2.0ViProtocol.dll DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} - hxxp://utilities.pcpitstop.com/pctuneup2/controls/pctuneup.cab . - - - - ORPHANS REMOVED - - - - . Toolbar-10 - (no file) Notify-SDWinLogon - SDWinLogon.dll WebBrowser-{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) AddRemove-Adobe Shockwave Player - c:windowssystem32AdobeShockwave 11uninstaller.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERSS-1-5-21-1758300881-2850360034-3307528170-1000SoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved{4571B2AB-AFA4-B64E-A7B9-EC7567198DF4}*] "hajcndefnahgikcm"=hex:6a,61,63,70,67,64,63,70,68,70,61,65,70,65,6e,64,69,64, 6d,6a,00,01 "iadiebhndjpcngehpo"=hex:6a,61,68,6f,62,63,61,6e,68,6a,70,62,67,6a,68,62,61,61, 6c,62,00,fe . [HKEY_USERSS-1-5-21-1758300881-2850360034-3307528170-1000SoftwareSecuROMLicense information*] "datasecu"=hex:44,85,20,e0,bd,f5,4a,6b,b4,24,e7,5b,19,4c,2d,b5,96,a4,e4,6c,71, e4,ce,94,77,68,c3,90,77,f1,fe,3b,9a,e5,5c,4e,f3,25,f2,9a,ad,58,49,2d,29,1f, "rkeysecu"=hex:cd,f6,83,2f,df,a2,10,15,cc,41,42,93,55,dd,0a,a8 . [HKEY_USERSS-1-5-21-1758300881-2850360034-3307528170-1000 õ**] @Allowed: (Read) (RestrictedCode) "MachineID"=hex:df,01,be,79,da,44,e0,00 DUMPHIVE0.003 (REGF) . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}LocalServer32] @="c:WindowsSysWOW64MacromedFlashFlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus] @="0" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash11e.ocx, 1" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash11e.ocx, 1" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINEsystemControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:program files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe c:windowsSysWOW64PnkBstrA.exe c:program filesLogitechGamePanel SoftwareAppletsColorOnlyLCDYT.exe c:program filesLogitechGamePanel SoftwareAppletsColorOnlyLCDMovieViewer.exe c:program filesLogitechGamePanel SoftwareAppletsColorOnlyLCDWebCam.exe c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe . ************************************************************************** . Completion time: 2012-11-24 23:25:14 - machine was rebooted ComboFix-quarantined-files.txt 2012-11-25 04:25 ComboFix2.txt 2012-11-21 04:23 . Pre-Run: 367,423,795,200 bytes free Post-Run: 367,189,139,456 bytes free . - - End Of File - - A5CCEFD4487CDE2FDB87A9F3EB482C95 Thank you very much for your continued help

#16 Conspire

Conspire

    Advanced Member

  • Trusted Malware Techs
  • 695 posts
  • Gender:Male


Posted 25 November 2012 - 03:28 AM

You're welcome :)

Please run this script once more. It's a little different this one.

Please follow all previous instructions regarding security programs.

Open a new Notepad session
  • Click the Start button, click run
  • in the run box type notepad
  • click ok
  • In the notepad, Click "Format" and be certain that Word Wrap is not checked.
  • Copy and paste all the text in the code box below into the Notepad. Do Not copy the word CODE

RegLockDel::
[HKEY_USERSS-1-5-21-1758300881-2850360034-3307528170-1000SoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved{4571B2AB-AFA4-B64E-A7B9-EC7567198DF4}]


In the notepad
  • Click File, Save as..., and set the Save in to your Desktop
  • In the filename box, type (including quotation marks) as the filename: "CFScript.txt"
  • Click save
Using your mouse left button, drag the new file CFscript.txt and drop it on the ComboFix.exe icon as shown below.

This will start ComboFix again.Close all browser/windows first.

When finished, it shall produce a log for you. Please post that log, C:ComboFix.txt, in your next reply.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Posted Image
Proud Graduate of the WTT Classroom
Member of ASAP and UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Donate

#17 Conspire

Conspire

    Advanced Member

  • Trusted Malware Techs
  • 695 posts
  • Gender:Male


Posted 29 November 2012 - 08:06 AM

Are you still with me?
Proud Graduate of the WTT Classroom
Member of ASAP and UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Donate

#18 CharlesSmith899

CharlesSmith899

    Member

  • Members
  • 11 posts

Posted 01 December 2012 - 01:55 PM

Yes, sorry I have been working and have not had time to run the scan. I will run it as soon as possible

#19 CharlesSmith899

CharlesSmith899

    Member

  • Members
  • 11 posts

Posted 01 December 2012 - 04:20 PM

Here is the log: ComboFix 12-12-01.02 - Charles 12/01/2012 15:23:59.3.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4095.3007 [GMT -5:00] Running from: c:usersCharlesDesktopComboFix.exe Command switches used :: c:usersCharlesDesktopCFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Lavasoft Ad-Aware *Disabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800} FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Lavasoft Ad-Aware *Disabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD} SP: Spybot - Search and Destroy *Disabled/Outdated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-11-01 to 2012-12-01 ))))))))))))))))))))))))))))))) . . 2012-12-01 20:41 . 2012-12-01 20:41 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp 2012-12-01 20:41 . 2012-12-01 20:41 -------- d-----w- c:usersDefaultAppDataLocaltemp 2012-11-22 21:57 . 2012-11-22 21:57 -------- d-----w- c:program files (x86)Guild Wars 2 2012-11-22 02:24 . 2012-11-22 02:25 -------- d-----w- c:usersCharlesAppDataLocaleSupport.com 2012-11-22 02:24 . 2012-11-22 02:24 21712 ----a-w- c:windowsSysWow64driversDrvAgent64.SYS 2012-11-22 01:49 . 2012-11-22 01:49 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe 2012-11-21 22:55 . 2012-11-19 06:01 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{F0483645-65D1-44BB-81B7-1508BC248980}mpengine.dll 2012-11-21 21:53 . 2012-11-21 22:12 -------- d-----w- c:usersCharlesAppDataLocalSony Online Entertainment 2012-11-17 17:53 . 2012-07-26 02:26 87040 ----a-w- c:windowssystem32driversWUDFPf.sys 2012-11-17 17:53 . 2012-07-26 02:26 198656 ----a-w- c:windowssystem32driversWUDFRd.sys 2012-11-17 17:53 . 2012-07-26 03:08 84992 ----a-w- c:windowssystem32WUDFSvc.dll 2012-11-17 17:53 . 2012-07-26 03:08 194048 ----a-w- c:windowssystem32WUDFPlatform.dll 2012-11-17 17:53 . 2012-07-26 03:08 229888 ----a-w- c:windowssystem32WUDFHost.exe 2012-11-17 17:53 . 2012-07-26 03:08 744448 ----a-w- c:windowssystem32WUDFx.dll 2012-11-17 17:53 . 2012-07-26 03:08 45056 ----a-w- c:windowssystem32WUDFCoinstaller.dll 2012-11-17 08:15 . 2012-07-26 04:47 2560 ----a-w- c:windowssystem32driversen-USwdf01000.sys.mui 2012-11-17 08:15 . 2012-07-26 04:55 785512 ----a-w- c:windowssystem32driversWdf01000.sys 2012-11-17 08:15 . 2012-07-26 04:55 54376 ----a-w- c:windowssystem32driversWdfLdr.sys 2012-11-17 08:15 . 2012-07-26 02:36 9728 ----a-w- c:windowssystem32Wdfres.dll 2012-11-17 01:25 . 2012-11-17 01:25 -------- d-----w- c:programdataATI 2012-11-17 01:23 . 2012-11-17 01:23 -------- d-----w- c:program files (x86)AMD AVT 2012-11-17 01:23 . 2012-11-17 01:23 -------- d-----w- c:program files (x86)AMD APP 2012-11-17 01:20 . 2012-09-25 22:47 78336 ----a-w- c:windowsSysWow64synceng.dll 2012-11-17 01:20 . 2012-09-25 22:46 95744 ----a-w- c:windowssystem32synceng.dll 2012-11-11 13:06 . 2012-11-11 13:06 30568 ----a-w- c:windowssystem32driversavgtpx64.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-22 01:49 . 2011-06-26 14:25 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl 2012-11-17 08:04 . 2010-01-06 00:28 66395536 ----a-w- c:windowssystem32MRT.exe 2012-10-13 01:21 . 2012-05-05 15:10 821736 ----a-w- c:windowsSysWow64npdeployJava1.dll 2012-10-13 01:21 . 2010-11-16 22:27 746984 ----a-w- c:windowsSysWow64deployJava1.dll 2012-09-30 00:54 . 2011-06-11 18:59 25928 ----a-w- c:windowssystem32driversmbam.sys 2012-09-28 20:37 . 2012-09-28 20:37 221696 ----a-w- c:windowssystem32clinfo.exe 2012-09-28 20:36 . 2012-09-28 20:36 75776 ----a-w- c:windowssystem32OpenVideo64.dll 2012-09-28 20:36 . 2012-09-28 20:36 65536 ----a-w- c:windowsSysWow64OpenVideo.dll 2012-09-28 20:36 . 2012-09-28 20:36 63488 ----a-w- c:windowssystem32OVDecode64.dll 2012-09-28 20:36 . 2012-09-28 20:36 56320 ----a-w- c:windowsSysWow64OVDecode.dll 2012-09-28 20:36 . 2012-09-28 20:36 32635904 ----a-w- c:windowssystem32amdocl64.dll 2012-09-28 20:32 . 2012-09-28 20:32 27341824 ----a-w- c:windowsSysWow64amdocl.dll 2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:windowssystem32atidemgy.dll 2012-09-25 03:16 . 2012-10-20 15:01 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll 2012-09-14 19:19 . 2012-10-13 20:49 2048 ----a-w- c:windowssystem32tzres.dll 2012-09-14 18:28 . 2012-10-13 20:49 2048 ----a-w- c:windowsSysWow64tzres.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks] "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:program files (x86)Softonic-Eng7prxtbSof0.dll" [2011-05-09 176936] "{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:program files (x86)adawaretbadawareDx.dll" [2012-09-20 87448] . [HKEY_CLASSES_ROOTclsid{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] . [HKEY_CLASSES_ROOTclsid{6c97a91e-4524-4019-86af-2aa2d567bf5c}] . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] 2011-05-09 09:49 176936 ----a-w- c:program files (x86)Softonic-Eng7prxtbSof0.dll . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{6c97a91e-4524-4019-86af-2aa2d567bf5c}] 2012-09-20 20:06 87448 ----a-w- c:program files (x86)adawaretbadawareDx.dll . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-11-11 13:06 1796552 ----a-w- c:program files (x86)AVG Secure Search13.2.0.5AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}] c:progra~2WI3C8A~1DatamngrIEBHO.dll [BU] . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar] "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:program files (x86)Softonic-Eng7prxtbSof0.dll" [2011-05-09 176936] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:program files (x86)AVG Secure Search13.2.0.5AVG Secure Search_toolbar.dll" [2012-11-11 1796552] "{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:program files (x86)adawaretbadawareDx.dll" [2012-09-20 87448] . [HKEY_CLASSES_ROOTclsid{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] . [HKEY_CLASSES_ROOTclsid{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOTAVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOTAVG Secure Search.PugiObj] . [HKEY_CLASSES_ROOTclsid{6c97a91e-4524-4019-86af-2aa2d567bf5c}] . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "AROReminder"="c:program files (x86)Advanced Registry OptimizerARO.exe" [2008-08-22 2084480] "Steam"="c:program files (x86)SteamSteam.exe" [2012-09-08 1353080] "SensorsView"="c:program files (x86)SensorsViewPro41sviewpro.exe" [2011-04-05 2267648] "SpybotSD TeaTimer"="c:program files (x86)Spybot - Search & DestroyTeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun] "Ad-Aware Antivirus"="c:program files (x86)Ad-Aware AntivirusAdAwareLauncher --windows-run" [X] "AVG_TRAY"="c:program files (x86)AVGAVG2012avgtray.exe" [2012-07-31 2596984] "AppleSyncNotifier"="c:program files (x86)Common FilesAppleMobile Device SupportAppleSyncNotifier.exe" [2011-04-20 58656] "Total Defense PC Tuneup Reminder"="c:program files (x86)CACA PC Tune-UpReminder-PCTuneup.exe" [2009-09-09 205496] "vProt"="c:program files (x86)AVG Secure Searchvprot.exe" [2012-11-11 997320] "SDTray"="c:program files (x86)Spybot - Search & Destroy 2SDTray.exe" [2012-07-04 3921432] "Ad-Aware Browsing Protection"="c:programdataAd-Aware Browsing Protectionadawarebp.exe" [2012-08-08 540056] "HostManager"="c:program files (x86)Common FilesAOL1262775310eeAOLSoftware.exe" [2010-03-08 41800] "Adobe Reader Speed Launcher"="c:program files (x86)AdobeReader 9.0ReaderReader_sl.exe" [2012-07-31 38872] "Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-11 919008] "APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-08-28 59280] "QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-04-19 421888] "iTunesHelper"="c:program files (x86)iTunesiTunesHelper.exe" [2012-09-10 421776] "SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848] "StartCCC"="c:program files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" [2012-09-28 642728] . c:usersCharlesAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup CurseClientStartup.ccip [2010-1-4 0] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32] "aux9"=wdmaud.drv . [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsession manager] BootExecute REG_MULTI_SZ autocheck autochk *00sdnclean64.exe0c:progra~2AVGAVG2012avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalAd-Aware Service] @="Ad-Aware Service" . [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMSIServer] @="Service" . [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSBAMSvc] @="Service" . R0 Lbd;Lbd;c:windowssystem32DRIVERSLbd.sys [x] R1 Hmonitor45;Hmonitor45;c:windowsSysWOW64drivershmonitor45.sys [2011-06-10 14544] R1 SBRE;SBRE;c:windowssystem32driversSBREdrv.sys [2011-10-26 57976] R2 AODDriver4.1;AODDriver4.1;c:program filesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys [2012-04-09 57472] R2 AODDriver4.2;AODDriver4.2;c:program filesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys [2012-04-09 57472] R2 AVGIDSAgent;AVGIDSAgent;c:program files (x86)AVGAVG2012AVGIDSAgent.exe [2012-08-13 5167736] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576] R2 SBAMSvc;Ad-Aware;c:program files (x86)Ad-Aware AntivirusSBAMSvc.exe [2011-12-19 3289032] R2 SDHookService;Spybot S&D 2 Live Protection Service;c:program files (x86)Spybot - Search & Destroy 2SDHookSvc.exe [2011-10-05 130976] R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:program files (x86)Spybot - Search & Destroy 2SDFSSvc.exe [2012-07-04 1188896] R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:program files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe [2012-07-04 1395736] R2 SensorsVService;SensorsVService;c:program files (x86)SensorsViewPro41svservice.exe [2010-06-17 923648] R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944] R3 AODDriver4.0;AODDriver4.0;c:program filesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys [2012-04-09 57472] R3 athrusb6;Atheros Wireless LAN USB device driver 6 Series;c:windowssystem32DRIVERSathrxu6.sys [2007-07-05 1041920] R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:windowssystem32DRIVERSbcmwlhigh664.sys [x] R3 CV2K1;CommView Network Monitor;c:windowssystem32DRIVERScv2k1.sys [x] R3 D_Link_DWA-125;D_Link_DWA-125 Service;c:program files (x86)D-LinkDWA-125 revAANIWZCSdS.exe [2009-08-21 126976] R3 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service;c:program files (x86)D-LinkDWA-125 revAANIWConnService.exe [2009-07-07 40960] R3 Desura Install Service;Desura Install Service;c:program files (x86)Common FilesDesuradesura_service.exe [2012-03-23 131912] R3 DrvAgent64;DrvAgent64;c:windowsSysWOW64DriversDrvAgent64.SYS [2012-11-22 21712] R3 LGPBTDD;LGPBTDD.sys Display Driver;c:windowssystem32DriversLGPBTDD.sys [2009-07-01 30728] R3 motandroidusb;Mot ADB Interface Driver;c:windowssystem32Driversmotoandroid.sys [2009-07-10 31744] R3 MotoHelper;MotoHelper Service;c:program files (x86)MotorolaMotoHelperMotoHelperService.exe [2011-04-26 223088] R3 RoxMediaDBGame1X;RoxMediaDBGame1X;c:program files (x86)Common FilesRoxio SharedGame1XSharedCOMRoxMediaDBGame1X.exe [2011-02-17 1099248] R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:windowssystem32DRIVERSRTL8192su.sys [x] R3 RzSynapse;Razer Naga Driver;c:windowssystem32DRIVERSRzSynapse.sys [2010-04-21 73216] R3 sbhips;sbhips;c:windowssystem32driverssbhips.sys [2011-12-19 60536] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:windowssystem32Driversusbaapl64.sys [2010-04-20 50688] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2010-02-26 1255736] R3 WRfiltv;WRfiltv;c:windowssystem32driversWRfiltv.sys [2009-07-31 25600] S0 AVGIDSHA;AVGIDSHA;c:windowssystem32DRIVERSavgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:windowssystem32DRIVERSavgrkx64.sys [2012-01-31 36944] S0 PxHlpa64;PxHlpa64;c:windowsSystem32DriversPxHlpa64.sys [2010-03-19 55856] S1 anodlwf;ANOD Network Security Filter driver;c:windowssystem32DRIVERSanodlwfx.sys [2009-03-06 15872] S1 Avgldx64;AVG AVI Loader Driver;c:windowssystem32DRIVERSavgldx64.sys [2012-07-26 291680] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:windowssystem32DRIVERSavgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:windowssystem32DRIVERSavgtdia.sys [2012-08-24 384352] S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-11 30568] S1 hugoio64;hugoio64;c:program files (x86)i-Menuhugoio64.sys [2008-04-30 13856] S1 SDHookDriver;Spybot-S&D 2 Hook Driver;c:program files (x86)Spybot - Search & Destroy 2SDHookDrv64.sys [2011-10-05 48888] S1 sensorsview;sensorsview;c:program files (x86)SensorsViewPro41drvsensorsview32_64.sys [2008-07-26 14544] S2 Ad-Aware Service;Ad-Aware Service;c:program files (x86)Ad-Aware AntivirusAdAwareService.exe [2012-09-20 1236368] S2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [2012-04-06 236544] S2 AMD FUEL Service;AMD FUEL Service;c:program filesATI TechnologiesATI.ACEFuelFuel.Service.exe [2012-09-28 361984] S2 AODDriver4.01;AODDriver4.01;c:program filesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys [2012-04-09 57472] S2 avgwd;AVG WatchDog;c:program files (x86)AVGAVG2012avgwdsvc.exe [2012-02-14 193288] S2 iPodDrv;iPodDrv;c:windowssystem32driversiPodDrv.sys [2011-04-15 14952] S2 sbapifs;sbapifs;c:windowssystem32DRIVERSsbapifs.sys [2011-11-29 74872] S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:program files (x86)Spybot - Search & Destroy 2SDWSCSvc.exe [2012-03-22 166528] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:program files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [2011-05-21 378472] S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:program files (x86)Common FilesAVG Secure SearchvToolbarUpdater13.2.0ToolbarUpdater.exe [2012-11-11 711112] S3 amdiox64;AMD IO Driver;c:windowssystem32DRIVERSamdiox64.sys [2010-02-18 46136] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:windowssystem32driversAtihdW76.sys [2012-05-14 96896] S3 AVGIDSDriver;AVGIDSDriver;c:windowssystem32DRIVERSavgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:windowssystem32DRIVERSavgidsfiltera.sys [2011-12-23 29776] S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:windowssystem32driversLGBusEnum.sys [2009-11-23 22408] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:windowssystem32driversLGVirHid.sys [2009-11-23 16008] . . Contents of the 'Scheduled Tasks' folder . 2012-12-01 c:windowsTasksCheck for updates (Spybot - Search & Destroy).job - c:program files (x86)Spybot - Search & Destroy 2SDUpdate.exe [2012-10-14 10:41] . 2012-12-01 c:windowsTasksGoogleUpdateTaskMachineCore.job - c:program files (x86)GoogleUpdateGoogleUpdate.exe [2010-06-15 09:26] . 2012-12-01 c:windowsTasksGoogleUpdateTaskMachineUA.job - c:program files (x86)GoogleUpdateGoogleUpdate.exe [2010-06-15 09:26] . 2012-11-22 c:windowsTasksRefresh immunization (Spybot - Search & Destroy).job - c:program files (x86)Spybot - Search & Destroy 2SDImmunize.exe [2011-11-08 10:40] . 2012-06-02 c:windowsTasksScan the system (Spybot - Search & Destroy).job - c:program files (x86)Spybot - Search & Destroy 2SDScan.exe [2011-11-08 10:40] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "Launch LgDeviceAgent"="c:program filesLogitechGamePanel SoftwareLgDevAgt.exe" [2010-08-03 415816] "Launch LCDMon"="c:program filesLogitechGamePanel SoftwareLCD ManagerLCDMon.exe" [2010-08-03 2412616] "Launch LGDCore"="c:program filesLogitechGamePanel SoftwareG-series SoftwareLGDCore.exe" [2010-08-03 4725320] . ------- Supplementary Scan ------- . uLocal Page = c:windowssystem32blank.htm uStart Page = about:blank mLocal Page = c:windowsSysWOW64blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:progra~2MICROS~1Office12EXCEL.EXE/3000 Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 167.206.251.129 167.206.251.130 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:program files (x86)Common FilesAVG Secure SearchViProtocolInstaller13.2.0ViProtocol.dll DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} - hxxp://utilities.pcpitstop.com/pctuneup2/controls/pctuneup.cab . - - - - ORPHANS REMOVED - - - - . Toolbar-10 - (no file) Notify-SDWinLogon - SDWinLogon.dll WebBrowser-{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) AddRemove-Adobe Shockwave Player - c:windowssystem32AdobeShockwave 11uninstaller.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERSS-1-5-21-1758300881-2850360034-3307528170-1000SoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved{4571B2AB-AFA4-B64E-A7B9-EC7567198DF4}*] "hajcndefnahgikcm"=hex:6a,61,65,6f,65,70,65,6b,68,6f,6a,63,63,66,6c,65,63,65, 67,6b,00,01 "iadiebhndjpcngehpo"=hex:6a,61,68,6f,62,63,61,6e,68,6a,70,62,67,6a,68,62,61,61, 6c,62,00,fe . [HKEY_USERSS-1-5-21-1758300881-2850360034-3307528170-1000SoftwareSecuROMLicense information*] "datasecu"=hex:44,85,20,e0,bd,f5,4a,6b,b4,24,e7,5b,19,4c,2d,b5,96,a4,e4,6c,71, e4,ce,94,77,68,c3,90,77,f1,fe,3b,9a,e5,5c,4e,f3,25,f2,9a,ad,58,49,2d,29,1f, "rkeysecu"=hex:cd,f6,83,2f,df,a2,10,15,cc,41,42,93,55,dd,0a,a8 . [HKEY_USERSS-1-5-21-1758300881-2850360034-3307528170-1000 õ**] @Allowed: (Read) (RestrictedCode) "MachineID"=hex:df,01,be,79,da,44,e0,00 DUMPHIVE0.003 (REGF) . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}LocalServer32] @="c:WindowsSysWOW64MacromedFlashFlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus] @="0" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash11e.ocx, 1" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash11e.ocx, 1" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINEsoftwareClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINEsystemControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . Completion time: 2012-12-01 15:59:41 ComboFix-quarantined-files.txt 2012-12-01 20:59 ComboFix2.txt 2012-11-25 04:25 ComboFix3.txt 2012-11-21 04:23 . Pre-Run: 367,769,944,064 bytes free Post-Run: 367,054,876,672 bytes free . - - End Of File - - 0FBDE9F7162F8CCA2C234129B20628D1

#20 Conspire

Conspire

    Advanced Member

  • Trusted Malware Techs
  • 695 posts
  • Gender:Male


Posted 01 December 2012 - 10:12 PM

If everything is running good, you're good to go. :)

Follow these steps to uninstall Combofix
  • Click START then RUN
  • Now copy/paste the code into the runbox and click OK. Note the space between the ..X and the /U, it needs to be there.
Combofix /Uninstall
Posted Image

===================================================

Thank you for your patience, and performing all of the procedures requested. I would also like to take this opportunity to apologize for any delay that may have occurred.

--------------------------------------------------------------------------------------------------------------

MICROSOFT UPDATES
It is very important that you get all of the critical updates for your Operating System and Internet Explorer. Keeping your OS and browser up to date will help make you less susceptible to attacks by Trojans and viruses. Please go to Microsoft and download all the critical updates to help prevent possible re-infection.


Passwords
It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
Strong passwords: How to create and use them and consider a password keeper, to keep all your passwords safe.


SPYWARE PREVENTION
This is a good time to set up protection against further attacks. In light of your recent problem, I'm sure you'd like to avoid any future infections. Please read these well written articles:
To help protect your computer in the future I recommend that you get the following free programs if you do not already have them:
  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
  • Green to go
  • Yellow for caution
  • Red to stop

WOT has an add-on available for both Firefox and IE.

  • SpywareBlaster prevents the installation of ActiveX-based malware, blocks cookies, and restricts the actions of "bad" sites. See tutorial here
  • MVPS HOSTS FILE replaces your current HOSTS file with one that will restrict known ad sites from serving you unsolicited advertisements. It basically prevents your computer from connecting to those sites by redirecting the attempted connections to 127.0.0.1, which is the IP of your local computer. See guide here and for Windows Vista here
  • Download Host.zip and Save it to your Desktop.
  • Right-click hosts.zip and select 'Extract all files' or 'Extract files...'.
  • Follow the prompts and click 'Finish'.
  • This will open the newly created hosts folder on your Desktop.
  • Double-click on the included mvps.bat file, this will rename the existing HOSTS file to HOSTS.MVP, then it will copy the included updated HOSTS file to the correct location on your machine.
  • Once updated you should see another prompt that the task was completed.
Follow this list and keep your antivirus program and antispyware programs updated and scan with them on a regular basis. By doing so, your potential for being infected again will reduce dramatically.

Hopefully this should take care of your problems! Good luck.

Do you have any questions or problems to ask? Please do not hesitate to do so.

**Please respond this one more time to ensure it is resolved and close this topic.
Proud Graduate of the WTT Classroom
Member of ASAP and UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Donate




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users