Yesterday I downloaded a few files and I recall at some point one I got something saying some thing along the lines of "Services and controller app would like to connect to the internet" and I allowed it. This morning I'm getting a bunch of threat alerts from AVG telling me that C:/windows/system32/services.exe is infected, yet no options to get rid of it. I ignored this for a while and now I'm getting different threat alerts talking about backdoors and trojans and whatnot, google and other obliviously safe sites being identified as malicious, random audio files being played, different things popping up asking for permission. AVG says the threats name is win64/patched.A. I have no idea what to do, help would be appreciated. Heres all the stuff I'm supposed to do.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.07.14.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
JKJones :: JKJ [administrator]
14/07/2013 6:50:06 PM
mbam-log-2013-07-14 (18-50-06).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 284843
Time elapsed: 22 minute(s), 46 second(s)
Memory Processes Detected: 1
C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> 5036 -> Delete on reboot.
Memory Modules Detected: 1
C:\Program Files (x86)\BrowserCompanion\sqlite3.dll (PUP.Blabbers) -> Delete on reboot.
Registry Keys Detected: 21
HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Quarantined and deleted successfully.
Registry Values Detected: 4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Browser companion helper (PUP.Blabbers) -> Data: C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 -> Quarantined and deleted successfully.
HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Quarantined and deleted successfully.
HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Quarantined and deleted successfully.
HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 4
C:\Program Files (x86)\BrowserCompanion (PUP.Blabbers) -> Delete on reboot.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache (PUP.Blabbers) -> Quarantined and deleted successfully.
Files Detected: 85
C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Delete on reboot.
C:\Program Files (x86)\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\Local\Temp\pricepeep_130001_0101.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\JKJones\Downloads\FLVPlayerSetup_MMM.exe (PUP.Adware.Installcore) -> Quarantined and deleted successfully.
C:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\U\000000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Quarantined and deleted successfully.
C:\Users\JKJones\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\logo.ico (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\sqlite3.dll (PUP.Blabbers) -> Delete on reboot.
C:\Program Files (x86)\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\updater.ini (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_71.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_83.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\icon.png (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar183.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\lock.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\witapi.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\witmain.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\0e9d25e4292d98ba32a6fe97d13727da (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\0e9d25e4292d98ba32a6fe97d13727da_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\2d974ac953014884136c9d1e3e60e88b (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\2d974ac953014884136c9d1e3e60e88b_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\2e74403c227112bec523796d5a77d77e (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\2e74403c227112bec523796d5a77d77e_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\34551036bc3f914365494bfba21e22b3 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\34551036bc3f914365494bfba21e22b3_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\35be5402f067ffc68e907e81a84fb1f3 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\35be5402f067ffc68e907e81a84fb1f3_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\4468a69fab52be44633277819d2769e5 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\4468a69fab52be44633277819d2769e5_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\5408239ba224620fe9430fa7e1ccfe35 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\5408239ba224620fe9430fa7e1ccfe35_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\740ef46a3ebcc6c5788c773f32cc9b53 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\740ef46a3ebcc6c5788c773f32cc9b53_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\758b14a5f80e224d51582746d31fff04 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\758b14a5f80e224d51582746d31fff04_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\7efb9aab6fcb49f138e15f423901eca1 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\7efb9aab6fcb49f138e15f423901eca1_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\80bdd74895296ba59ed249e55290d5c8 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\80bdd74895296ba59ed249e55290d5c8_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\82e860d8be1ad29b10cec9faf04916f5 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\82e860d8be1ad29b10cec9faf04916f5_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\9042735b0a03cc0cbc1dd8ecd0cac9ea (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\9042735b0a03cc0cbc1dd8ecd0cac9ea_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\91ed24cba47f3cabaaaf7bdb0e620066 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\91ed24cba47f3cabaaaf7bdb0e620066_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\953da8e419e22f1346e1c44b4fea115d (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\953da8e419e22f1346e1c44b4fea115d_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\998b6d8279010664133f982651782355 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\998b6d8279010664133f982651782355_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\b5a0035d59ed62ea458d6ab3b1e14240 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\b5a0035d59ed62ea458d6ab3b1e14240_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\d4e14468ab597a9937d3a03727ecccaa (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\d4e14468ab597a9937d3a03727ecccaa_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\dc6668d28979688b1e2066d1dcaef0f6 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\dc6668d28979688b1e2066d1dcaef0f6_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
(end)
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16635
Run by JKJones at 19:25:38 on 2013-07-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.5612.3230 [GMT -4:00]
.
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atieclxx.exe
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\windows\system32\svchost.exe -k HPService
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Switcher\Switcher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\JKJones\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe
C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Samsung\Eco Mode\SmartEco.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\windows\system32\sppsvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Samsung\Samsung Control Center\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\windows\system32\NOTEPAD.EXE
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\windows\SysWOW64\svchost.exe" -k LocalServiceDns
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={8EDA33F5-56A7-11E2-B7EF-B4749FFD668A}
uSearch Bar = hxxp://www.plusnetwork.com/?sp=lintbie&q={searchTerms}&dp=MessengerPlus
uSearch Page = hxxp://www.plusnetwork.com/?sp=lintbie&q={searchTerms}&dp=MessengerPlus
uDefault_Page_URL = hxxp://samsung.msn.com
uSearchAssistant = hxxp://www.plusnetwork.com/?sp=lintbie&q={searchTerms}&dp=MessengerPlus
uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
BHO: Samsung BHO Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Codecv Class: {DD547721-AFCD-878F-0951-9368D3ACAD4E} - C:\ProgramData\Codecv\bhoclass.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} -
BHO: SMTTB2009 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: uTorrentControl2 Toolbar: {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Community Smart Bar: {ae07101b-46d4-4a98-af68-0333ea26e113} -
TB: DealBulldog Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll
TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} -
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} -
uRun: [Switcher] "C:\Program Files (x86)\Switcher\Switcher.exe" /quiet
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Google Update] "C:\Users\JKJones\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [MurGee.com Auto Keyboard] C:\Program Files (x86)\Auto Keyboard\AutoKeyboard.exe :silent
uRun: [AutoTyperMurGee] C:\Program Files (x86)\Auto Typer by MurGee\AutoTyper.exe :settings
uRun: [Driver Detective] C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [AdobeBridge] <no file>
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
LSP: mswsock.dll
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: NameServer = 64.71.255.204 64.71.255.198
TCP: Interfaces\{37C73B23-456E-4C64-84E7-6EFC2D35EFB3} : DHCPNameServer = 64.71.255.204 64.71.255.198
TCP: Interfaces\{37C73B23-456E-4C64-84E7-6EFC2D35EFB3}\2454C4C4231313 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{37C73B23-456E-4C64-84E7-6EFC2D35EFB3}\351696E696D27657563747 : DHCPNameServer = 64.71.255.198 192.168.33.1
TCP: Interfaces\{37C73B23-456E-4C64-84E7-6EFC2D35EFB3}\452554E444E65647 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{C10B2787-67F7-4AC5-AD6C-87C0903AF9FC} : DHCPNameServer = 64.71.255.205 64.71.255.253
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
x64-TB: Community Smart Bar: {ae07101b-46d4-4a98-af68-0333ea26e113} -
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [MRT] "C:\windows\System32\MRT.exe" /R
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\JKJones\AppData\Roaming\Mozilla\Firefox\Profiles\avw53iy5.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\JKJones\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Users\JKJones\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\JKJones\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\JKJones\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\JKJones\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
FF - ExtSQL: !HIDDEN! 2011-10-17 01:07; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2011-7-17 78976]
R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2011-7-17 38528]
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2012-4-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]
R1 Avgfwfd;AVG network filter service;C:\windows\System32\drivers\avgfwd6a.sys [2011-5-23 48992]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2012-11-8 307040]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]
R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2013-4-11 384800]
R1 avgtp;avgtp;C:\windows\System32\drivers\avgtpx64.sys [2012-11-8 45856]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2011-7-16 13824]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-7-17 204288]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2012-12-5 2321560]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-11-2 5174392]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [2013-6-26 1598128]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\windows\System32\drivers\AtihdW76.sys [2011-7-17 115216]
R3 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2012-12-10 127328]
R3 AVGIDSFilter;AVGIDSFilter;C:\windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]
R3 BTWAMPFL;BTWAMPFL;C:\windows\System32\drivers\btwampfl.sys [2011-10-15 349736]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2011-10-15 39464]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-4-14 31088]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2011-7-17 138024]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-7-16 533096]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
S3 BtFilter;BtFilter;C:\windows\System32\drivers\btfilter.sys [2011-7-14 289704]
S3 HPMo4DE3;Mouse Suite Driver_4DE3 (WDF Version);C:\windows\System32\drivers\HPMo4DE3.sys [2012-7-30 25088]
S3 HPub4DE3;USB Mouse Low Filter Driver_4DE3 (WDF Version);C:\windows\System32\drivers\HPub4DE3.sys [2012-7-30 18432]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\windows\System32\drivers\netaapl64.sys [2011-8-2 22528]
S3 Samsung UPD Service;Samsung UPD Service;C:\windows\System32\SUPDSvc.exe [2011-7-17 166704]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-17 68440]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-10-17 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-07-14 22:49:23--------d-----w-C:\Users\JKJones\AppData\Roaming\Malwarebytes
2013-07-14 22:45:37--------d-----w-C:\ProgramData\Malwarebytes
2013-07-14 22:45:3625928----a-w-C:\windows\System32\drivers\mbam.sys
2013-07-14 22:45:36--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-14 22:45:04--------d-----w-C:\Users\JKJones\AppData\Local\Programs
2013-07-14 21:49:22--------d-----w-C:\Rustbfix
2013-07-14 21:16:46--------d-----w-C:\windows\System32\MRT
2013-07-12 19:03:59--------d-----w-C:\Program Files (x86)\ReNamer
2013-07-11 01:13:219216----a-w-C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 01:13:2154784----a-w-C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-11 01:13:214608----a-w-C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 01:13:21392704----a-w-C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-11 01:13:18624128----a-w-C:\windows\System32\qedit.dll
2013-07-11 01:13:18509440----a-w-C:\windows\SysWow64\qedit.dll
2013-07-11 01:13:161887744----a-w-C:\windows\System32\WMVDECOD.DLL
2013-07-11 01:13:161620480----a-w-C:\windows\SysWow64\WMVDECOD.DLL
2013-07-11 01:13:023153920----a-w-C:\windows\System32\win32k.sys
2013-07-11 01:13:001732608----a-w-C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-11 01:12:591402880----a-w-C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-11 01:12:591393152----a-w-C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-11 01:12:591367040----a-w-C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 01:12:58936448----a-w-C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 01:12:401643520----a-w-C:\windows\System32\DWrite.dll
2013-07-11 01:12:391247744----a-w-C:\windows\SysWow64\DWrite.dll
.
==================== Find3M ====================
.
2013-06-26 22:09:3045856----a-w-C:\windows\System32\drivers\avgtpx64.sys
2013-06-13 23:15:1371048----a-w-C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-13 23:15:13692104----a-w-C:\windows\SysWow64\FlashPlayerApp.exe
2013-06-11 23:43:371767936----a-w-C:\windows\SysWow64\wininet.dll
2013-06-11 23:43:002877440----a-w-C:\windows\SysWow64\jscript9.dll
2013-06-11 23:42:5861440----a-w-C:\windows\SysWow64\iesetup.dll
2013-06-11 23:42:58109056----a-w-C:\windows\SysWow64\iesysprep.dll
2013-06-11 23:26:202241024----a-w-C:\windows\System32\wininet.dll
2013-06-11 23:25:163958784----a-w-C:\windows\System32\jscript9.dll
2013-06-11 23:25:1367072----a-w-C:\windows\System32\iesetup.dll
2013-06-11 23:25:13136704----a-w-C:\windows\System32\iesysprep.dll
2013-06-11 22:51:4571680----a-w-C:\windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:5889600----a-w-C:\windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:182706432----a-w-C:\windows\System32\mshtml.tlb
2013-06-07 02:37:522706432----a-w-C:\windows\SysWow64\mshtml.tlb
2013-05-21 05:03:459728---ha-w-C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-13 05:51:01184320----a-w-C:\windows\System32\cryptsvc.dll
2013-05-13 05:51:001464320----a-w-C:\windows\System32\crypt32.dll
2013-05-13 05:51:00139776----a-w-C:\windows\System32\cryptnet.dll
2013-05-13 05:50:4052224----a-w-C:\windows\System32\certenc.dll
2013-05-13 04:45:55140288----a-w-C:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:551160192----a-w-C:\windows\SysWow64\crypt32.dll
2013-05-13 04:45:55103936----a-w-C:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43:551192448----a-w-C:\windows\System32\certutil.exe
2013-05-13 03:08:10903168----a-w-C:\windows\SysWow64\certutil.exe
2013-05-13 03:08:0643008----a-w-C:\windows\SysWow64\certenc.dll
2013-05-10 05:49:2730720----a-w-C:\windows\System32\cryptdlg.dll
2013-05-10 03:20:5424576----a-w-C:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:011910632----a-w-C:\windows\System32\drivers\tcpip.sys
2013-05-01 07:59:1294208----a-w-C:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 07:59:1269632----a-w-C:\windows\SysWow64\QuickTime.qts
2013-04-26 05:51:36751104----a-w-C:\windows\System32\win32spl.dll
2013-04-26 04:55:21492544----a-w-C:\windows\SysWow64\win32spl.dll
2013-04-25 23:30:321505280----a-w-C:\windows\SysWow64\d3d11.dll
2013-04-17 07:02:061230336----a-w-C:\windows\SysWow64\WindowsCodecs.dll
2013-04-17 06:24:461424384----a-w-C:\windows\System32\WindowsCodecs.dll
.
============= FINISH: 19:30:21.01 ===============
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.07.14.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
JKJones :: JKJ [administrator]
14/07/2013 6:50:06 PM
mbam-log-2013-07-14 (18-50-06).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 284843
Time elapsed: 22 minute(s), 46 second(s)
Memory Processes Detected: 1
C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> 5036 -> Delete on reboot.
Memory Modules Detected: 1
C:\Program Files (x86)\BrowserCompanion\sqlite3.dll (PUP.Blabbers) -> Delete on reboot.
Registry Keys Detected: 21
HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Quarantined and deleted successfully.
Registry Values Detected: 4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Browser companion helper (PUP.Blabbers) -> Data: C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 -> Quarantined and deleted successfully.
HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Quarantined and deleted successfully.
HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Quarantined and deleted successfully.
HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 4
C:\Program Files (x86)\BrowserCompanion (PUP.Blabbers) -> Delete on reboot.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache (PUP.Blabbers) -> Quarantined and deleted successfully.
Files Detected: 85
C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Delete on reboot.
C:\Program Files (x86)\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\Local\Temp\pricepeep_130001_0101.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\JKJones\Downloads\FLVPlayerSetup_MMM.exe (PUP.Adware.Installcore) -> Quarantined and deleted successfully.
C:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\U\000000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Quarantined and deleted successfully.
C:\Users\JKJones\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\logo.ico (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\sqlite3.dll (PUP.Blabbers) -> Delete on reboot.
C:\Program Files (x86)\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\updater.ini (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_71.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_83.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\icon.png (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar183.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\lock.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\witapi.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\witmain.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\0e9d25e4292d98ba32a6fe97d13727da (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\0e9d25e4292d98ba32a6fe97d13727da_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\2d974ac953014884136c9d1e3e60e88b (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\2d974ac953014884136c9d1e3e60e88b_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\2e74403c227112bec523796d5a77d77e (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\2e74403c227112bec523796d5a77d77e_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\34551036bc3f914365494bfba21e22b3 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\34551036bc3f914365494bfba21e22b3_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\35be5402f067ffc68e907e81a84fb1f3 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\35be5402f067ffc68e907e81a84fb1f3_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\4468a69fab52be44633277819d2769e5 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\4468a69fab52be44633277819d2769e5_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\5408239ba224620fe9430fa7e1ccfe35 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\5408239ba224620fe9430fa7e1ccfe35_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\740ef46a3ebcc6c5788c773f32cc9b53 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\740ef46a3ebcc6c5788c773f32cc9b53_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\758b14a5f80e224d51582746d31fff04 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\758b14a5f80e224d51582746d31fff04_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\7efb9aab6fcb49f138e15f423901eca1 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\7efb9aab6fcb49f138e15f423901eca1_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\80bdd74895296ba59ed249e55290d5c8 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\80bdd74895296ba59ed249e55290d5c8_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\82e860d8be1ad29b10cec9faf04916f5 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\82e860d8be1ad29b10cec9faf04916f5_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\9042735b0a03cc0cbc1dd8ecd0cac9ea (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\9042735b0a03cc0cbc1dd8ecd0cac9ea_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\91ed24cba47f3cabaaaf7bdb0e620066 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\91ed24cba47f3cabaaaf7bdb0e620066_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\953da8e419e22f1346e1c44b4fea115d (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\953da8e419e22f1346e1c44b4fea115d_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\998b6d8279010664133f982651782355 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\998b6d8279010664133f982651782355_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\b5a0035d59ed62ea458d6ab3b1e14240 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\b5a0035d59ed62ea458d6ab3b1e14240_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\d4e14468ab597a9937d3a03727ecccaa (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\d4e14468ab597a9937d3a03727ecccaa_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\dc6668d28979688b1e2066d1dcaef0f6 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\dc6668d28979688b1e2066d1dcaef0f6_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
(end)
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16635
Run by JKJones at 19:25:38 on 2013-07-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.5612.3230 [GMT -4:00]
.
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atieclxx.exe
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\windows\system32\svchost.exe -k HPService
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Switcher\Switcher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\JKJones\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe
C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Samsung\Eco Mode\SmartEco.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\windows\system32\sppsvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Samsung\Samsung Control Center\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\windows\system32\NOTEPAD.EXE
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\windows\SysWOW64\svchost.exe" -k LocalServiceDns
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={8EDA33F5-56A7-11E2-B7EF-B4749FFD668A}
uSearch Bar = hxxp://www.plusnetwork.com/?sp=lintbie&q={searchTerms}&dp=MessengerPlus
uSearch Page = hxxp://www.plusnetwork.com/?sp=lintbie&q={searchTerms}&dp=MessengerPlus
uDefault_Page_URL = hxxp://samsung.msn.com
uSearchAssistant = hxxp://www.plusnetwork.com/?sp=lintbie&q={searchTerms}&dp=MessengerPlus
uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
BHO: Samsung BHO Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Codecv Class: {DD547721-AFCD-878F-0951-9368D3ACAD4E} - C:\ProgramData\Codecv\bhoclass.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} -
BHO: SMTTB2009 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: uTorrentControl2 Toolbar: {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Community Smart Bar: {ae07101b-46d4-4a98-af68-0333ea26e113} -
TB: DealBulldog Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll
TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} -
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} -
uRun: [Switcher] "C:\Program Files (x86)\Switcher\Switcher.exe" /quiet
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Google Update] "C:\Users\JKJones\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [MurGee.com Auto Keyboard] C:\Program Files (x86)\Auto Keyboard\AutoKeyboard.exe :silent
uRun: [AutoTyperMurGee] C:\Program Files (x86)\Auto Typer by MurGee\AutoTyper.exe :settings
uRun: [Driver Detective] C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [AdobeBridge] <no file>
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
LSP: mswsock.dll
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: NameServer = 64.71.255.204 64.71.255.198
TCP: Interfaces\{37C73B23-456E-4C64-84E7-6EFC2D35EFB3} : DHCPNameServer = 64.71.255.204 64.71.255.198
TCP: Interfaces\{37C73B23-456E-4C64-84E7-6EFC2D35EFB3}\2454C4C4231313 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{37C73B23-456E-4C64-84E7-6EFC2D35EFB3}\351696E696D27657563747 : DHCPNameServer = 64.71.255.198 192.168.33.1
TCP: Interfaces\{37C73B23-456E-4C64-84E7-6EFC2D35EFB3}\452554E444E65647 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{C10B2787-67F7-4AC5-AD6C-87C0903AF9FC} : DHCPNameServer = 64.71.255.205 64.71.255.253
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
x64-TB: Community Smart Bar: {ae07101b-46d4-4a98-af68-0333ea26e113} -
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [MRT] "C:\windows\System32\MRT.exe" /R
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\JKJones\AppData\Roaming\Mozilla\Firefox\Profiles\avw53iy5.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\JKJones\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Users\JKJones\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\JKJones\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\JKJones\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\JKJones\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
FF - ExtSQL: !HIDDEN! 2011-10-17 01:07; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2011-7-17 78976]
R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2011-7-17 38528]
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2012-4-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]
R1 Avgfwfd;AVG network filter service;C:\windows\System32\drivers\avgfwd6a.sys [2011-5-23 48992]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2012-11-8 307040]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]
R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2013-4-11 384800]
R1 avgtp;avgtp;C:\windows\System32\drivers\avgtpx64.sys [2012-11-8 45856]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2011-7-16 13824]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-7-17 204288]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2012-12-5 2321560]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-11-2 5174392]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [2013-6-26 1598128]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\windows\System32\drivers\AtihdW76.sys [2011-7-17 115216]
R3 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2012-12-10 127328]
R3 AVGIDSFilter;AVGIDSFilter;C:\windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]
R3 BTWAMPFL;BTWAMPFL;C:\windows\System32\drivers\btwampfl.sys [2011-10-15 349736]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2011-10-15 39464]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-4-14 31088]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2011-7-17 138024]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-7-16 533096]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
S3 BtFilter;BtFilter;C:\windows\System32\drivers\btfilter.sys [2011-7-14 289704]
S3 HPMo4DE3;Mouse Suite Driver_4DE3 (WDF Version);C:\windows\System32\drivers\HPMo4DE3.sys [2012-7-30 25088]
S3 HPub4DE3;USB Mouse Low Filter Driver_4DE3 (WDF Version);C:\windows\System32\drivers\HPub4DE3.sys [2012-7-30 18432]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\windows\System32\drivers\netaapl64.sys [2011-8-2 22528]
S3 Samsung UPD Service;Samsung UPD Service;C:\windows\System32\SUPDSvc.exe [2011-7-17 166704]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-17 68440]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-10-17 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-07-14 22:49:23--------d-----w-C:\Users\JKJones\AppData\Roaming\Malwarebytes
2013-07-14 22:45:37--------d-----w-C:\ProgramData\Malwarebytes
2013-07-14 22:45:3625928----a-w-C:\windows\System32\drivers\mbam.sys
2013-07-14 22:45:36--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-14 22:45:04--------d-----w-C:\Users\JKJones\AppData\Local\Programs
2013-07-14 21:49:22--------d-----w-C:\Rustbfix
2013-07-14 21:16:46--------d-----w-C:\windows\System32\MRT
2013-07-12 19:03:59--------d-----w-C:\Program Files (x86)\ReNamer
2013-07-11 01:13:219216----a-w-C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 01:13:2154784----a-w-C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-11 01:13:214608----a-w-C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 01:13:21392704----a-w-C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-11 01:13:18624128----a-w-C:\windows\System32\qedit.dll
2013-07-11 01:13:18509440----a-w-C:\windows\SysWow64\qedit.dll
2013-07-11 01:13:161887744----a-w-C:\windows\System32\WMVDECOD.DLL
2013-07-11 01:13:161620480----a-w-C:\windows\SysWow64\WMVDECOD.DLL
2013-07-11 01:13:023153920----a-w-C:\windows\System32\win32k.sys
2013-07-11 01:13:001732608----a-w-C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-11 01:12:591402880----a-w-C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-11 01:12:591393152----a-w-C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-11 01:12:591367040----a-w-C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 01:12:58936448----a-w-C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 01:12:401643520----a-w-C:\windows\System32\DWrite.dll
2013-07-11 01:12:391247744----a-w-C:\windows\SysWow64\DWrite.dll
.
==================== Find3M ====================
.
2013-06-26 22:09:3045856----a-w-C:\windows\System32\drivers\avgtpx64.sys
2013-06-13 23:15:1371048----a-w-C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-13 23:15:13692104----a-w-C:\windows\SysWow64\FlashPlayerApp.exe
2013-06-11 23:43:371767936----a-w-C:\windows\SysWow64\wininet.dll
2013-06-11 23:43:002877440----a-w-C:\windows\SysWow64\jscript9.dll
2013-06-11 23:42:5861440----a-w-C:\windows\SysWow64\iesetup.dll
2013-06-11 23:42:58109056----a-w-C:\windows\SysWow64\iesysprep.dll
2013-06-11 23:26:202241024----a-w-C:\windows\System32\wininet.dll
2013-06-11 23:25:163958784----a-w-C:\windows\System32\jscript9.dll
2013-06-11 23:25:1367072----a-w-C:\windows\System32\iesetup.dll
2013-06-11 23:25:13136704----a-w-C:\windows\System32\iesysprep.dll
2013-06-11 22:51:4571680----a-w-C:\windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:5889600----a-w-C:\windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:182706432----a-w-C:\windows\System32\mshtml.tlb
2013-06-07 02:37:522706432----a-w-C:\windows\SysWow64\mshtml.tlb
2013-05-21 05:03:459728---ha-w-C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-13 05:51:01184320----a-w-C:\windows\System32\cryptsvc.dll
2013-05-13 05:51:001464320----a-w-C:\windows\System32\crypt32.dll
2013-05-13 05:51:00139776----a-w-C:\windows\System32\cryptnet.dll
2013-05-13 05:50:4052224----a-w-C:\windows\System32\certenc.dll
2013-05-13 04:45:55140288----a-w-C:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:551160192----a-w-C:\windows\SysWow64\crypt32.dll
2013-05-13 04:45:55103936----a-w-C:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43:551192448----a-w-C:\windows\System32\certutil.exe
2013-05-13 03:08:10903168----a-w-C:\windows\SysWow64\certutil.exe
2013-05-13 03:08:0643008----a-w-C:\windows\SysWow64\certenc.dll
2013-05-10 05:49:2730720----a-w-C:\windows\System32\cryptdlg.dll
2013-05-10 03:20:5424576----a-w-C:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:011910632----a-w-C:\windows\System32\drivers\tcpip.sys
2013-05-01 07:59:1294208----a-w-C:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 07:59:1269632----a-w-C:\windows\SysWow64\QuickTime.qts
2013-04-26 05:51:36751104----a-w-C:\windows\System32\win32spl.dll
2013-04-26 04:55:21492544----a-w-C:\windows\SysWow64\win32spl.dll
2013-04-25 23:30:321505280----a-w-C:\windows\SysWow64\d3d11.dll
2013-04-17 07:02:061230336----a-w-C:\windows\SysWow64\WindowsCodecs.dll
2013-04-17 06:24:461424384----a-w-C:\windows\System32\WindowsCodecs.dll
.
============= FINISH: 19:30:21.01 ===============