Alrighty I have the Attach and DDS logs first, I'll do this in as little posts as I can:
Attach.txt:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 1/20/2011 8:36:36 PM
System Uptime: 8/8/2013 10:23:14 PM (5 hours ago)
.
Motherboard: Acer | | Aspire 7551
Processor: AMD Phenom(tm) II N850 Triple-Core Processor | Socket S1G4 | 2194/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 428 GiB total, 51.92 GiB free.
D: is CDROM (UDF)
E: is FIXED (NTFS) - 0 GiB total, 0.064 GiB free.
F: is CDROM ()
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: LogMeIn Kernel Information Provider
Device ID: ROOT\LEGACY_LMIINFO\0000
Manufacturer:
Name: LogMeIn Kernel Information Provider
PNP Device ID: ROOT\LEGACY_LMIINFO\0000
Service: LMIInfo
.
==== System Restore Points ===================
.
RP517: 8/7/2013 1:35:09 AM - Installed DirectX
RP518: 8/9/2013 12:38:59 AM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
7-Zip 9.20
7-Zip 9.20 (x64 edition)
A.R.E.S.
Acer Backup Manager
Acer Crystal Eye Webcam
Acer ePower Management
Acer eRecovery Management
Acer Registration
Acer ScreenSaver
Acer Updater
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Adobe Shockwave Player 12.0
Advanced Archive Password Recovery
Advanced SystemCare 6
Akamai NetSession Interface
Akamai NetSession Interface Service
Alcor Micro USB Card Reader
Alien Zombie Megadeath
ALPS Touch Pad Driver
Amazon MP3 Downloader 1.0.17
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
AMD USB Filter Driver
AMD VISION Engine Control Center
Antichamber
AoA Audio Extractor
Apple Application Support
Apple Software Update
ArcSoft TotalMedia Backup
ASIO4ALL
Audacity 1.2.6
Audiosurf
Auditorium
Auslogics DiskDefrag
avast! Free Antivirus
Backup Manager Basic
Bamboo
Bastion
Beat Hazard
BioShock 2
BioShock Infinite
BIT.TRIP BEAT
BIT.TRIP RUNNER
Blocks That Matter
Brobdingnag 2
Castle Crashers
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Localization All
Cave Story+
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Chessmaster
Chime
Closure
Cogs
Content Manager Assistant for PlayStation(R)
CPUID CPU-Z 1.61.5
Cthulhu Saves the World
Cubemen
D-Fend Reloaded 1.2.1 (deinstall)
D3DX10
DAEMON Tools Lite
Darwinia
Debut Video Capture Software
DEFCON
Defraggler
Driver Fusion
Dropbox
Dual-Core Optimizer
Dustforce
DVD Decrypter (Remove Only)
EDGE
Eufloria
Facebook Video Calling 1.2.0.287
FastStone Image Viewer 4.8
Finale NotePad 2008
FL Studio 10
Flash Decompiler Trillix
Flash Movie Player 1.5
Foldit
Foxit Reader
Fractal: Make Blooms Not War
Fraps (remove only)
Garry's Mod
Google Chrome
Google Earth
Google Talk (remove only)
Google Update Helper
Half Minute Hero: Super Mega Neo Climax Ultimate Boy
Hammerfight
HandBrake 0.9.5
Hell Yeah!
Hi-Command
HydraVision
I-Doser v4
Identity Card
IL Download Manager
inSSIDer
IObit Apps Toolbar v7.2
IrfanView (remove only)
Jack Claw
Jamestown
Java 7 Update 25
Java 7 Update 25 (64-bit)
Java Auto Updater
JDownloader
Junk Mail filter update
K-Lite Codec Pack 9.9.5 (64-bit)
K-Lite Codec Pack 9.9.5 (Full)
Katawa Shoujo
LAME v3.99.3 (for Windows)
Launch Manager
Lexmark 730 Series
LIMBO
LinuxLive USB Creator
Little Inferno
Logitech Gaming Software 5.10
Lone Survivor
Magic ISO Maker v5.5 (build 0261)
Magicka
Malwarebytes Anti-Malware version 1.75.0.1300
Meebo Notifier
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft IntelliPoint 8.2
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Virtual PC 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft Windows Media Video 9 VCM
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Microsoft XNA Framework Redistributable 4.0 Refresh
MotioninJoy ds3 driver version 0.6.0003
Movie Maker
Mozilla Firefox 23.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Game Long Name
Myst: Masterpiece Edition
MyWinLocker
MyWinLocker Suite
Noitu Love 2 Devolution
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
NVIDIA PhysX
Offspring Fling!
OpenAL
OpenOffice.org 3.4.1
Osmos
osu!
PC Gamer
PC Wizard 2012.2.11
PCSX2 - Playstation 2 Emulator
Photo Common
Photo Gallery
Pidgin
Plants vs. Zombies: Game of the Year
Poker Night 2
Poker Night at the Inventory
Portal 2
Portal 2 - The Final Hours
Prism Video File Converter
Project64 1.6
QuickTime
Rainmeter
Really Big Sky
Realm of the Mad God
Realtek High Definition Audio Driver
REAPER (x64)
RecordPad Sound Recorder
Saints Row: The Third
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 USB Driver Installer
Sculptris Alpha 6
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
SEGA Genesis & Mega Drive Classics
Shatter
Shredder
Sid Meier's Civilization V
Skype™ 6.7
Smart Defrag 2
Snapshot
Solar 2
Songbird 1.8.0 (Build 1800)
Sonic CD
SpeedFan (remove only)
Spirits
Splice
Spybot - Search & Destroy
Steam
StepMania 3.9b (remove only)
SumatraPDF
Super Hexagon
Super Meat Boy
Swarm Arena
swMSM
Symphony
Synergy
System Requirements Lab CYRI
System Requirements Lab Detection
Team Fortress 2
TeraCopy 2.27
Terraria
The Binding Of Isaac
The Incredible Machine Series
The Polynomial
The White Laboratory
Toki Tori
Torchlight
Torchlight II
TRAUMA
Trillian
Ubuntu
Unity Web Player
Universe Sandbox
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Uplink
Virus Guard - powered by BitDefender
VLC media player 2.0.8
Voxatron 0.1.3
VVVVVV
WebTablet IE Plugin
WebTablet Netscape Plugin
Welcome Center
Winamp
Winamp Detector Plug-in
WinDirStat 1.1.2
Windows 7 Logon Background Changer
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinMerge 2.14.0
Wireshark 1.4.3
XnView 1.98
Yahoo! Messenger
Yosumin!
Zip Motion Block Video codec (Remove Only)
.
==== Event Viewer Messages From Past Week ========
.
8/8/2013 3:23:29 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TouchServicePen service.
8/8/2013 3:23:29 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
8/8/2013 10:26:23 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
8/8/2013 10:26:23 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147218173.
8/8/2013 10:23:43 PM, Error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the file specified.
8/8/2013 10:23:41 PM, Error: Service Control Manager [7000] - The AODDriver4.2 service failed to start due to the following error: The system cannot find the file specified.
8/8/2013 10:23:27 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
8/8/2013 10:23:23 PM, Error: volmgr [46] - Crash dump initialization failed!
.
==== End Of File ===========================
DDS.txt:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
Run by Scot Grusian at 3:31:17 on 2013-08-09
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4094.1282 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Users\Scot Grusian\AppData\Local\Akamai\netsession_win.exe
C:\Users\Scot Grusian\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\Suo10_SmartRAM.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Scot Grusian\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com?type=800236&fr=spigot-yhp-ie
uDefault_Page_URL = hxxp://acer.msn.com
uProxyServer = localhost:21320
uProxyOverride = 127.0.0.1:9421;<local>
uURLSearchHooks: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.2\iobitappsToolbarIE.dll
mWinlogon: Userinit = userinit.exe,
BHO: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.2\iobitappsToolbarIE.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.2\iobitappsToolbarIE.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Akamai NetSession Interface] "C:\Users\Scot Grusian\AppData\Local\Akamai\netsession_win.exe"
uRun: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
uRun: [SmartRAM] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\Suo10_SmartRAM.exe" /m
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
uExplorerRun: [speedfan] C:\Program Files (x86)\SpeedFan\speedfan.exe
StartupFolder: C:\Users\SCOTGR~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\Users\SCOTGR~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONTEN~1.LNK - C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Windows\System: UseOEMBackground = dword:1
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{10D8A60C-CCAA-4A1F-A375-63025B5C4F5A} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{9294BEFA-2C25-4ABF-8988-E5A83ABBA9DF} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{9294BEFA-2C25-4ABF-8988-E5A83ABBA9DF}\2456C6B696E6F5E4F575962756C6563737F5341354344313 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{9294BEFA-2C25-4ABF-8988-E5A83ABBA9DF}\2656C6B696E6E2338343 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{9294BEFA-2C25-4ABF-8988-E5A83ABBA9DF}\3496479702F6660254577656E656D26427565602055726C696360275966496 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{9294BEFA-2C25-4ABF-8988-E5A83ABBA9DF}\458657E64656273786F636B6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{9294BEFA-2C25-4ABF-8988-E5A83ABBA9DF}\46279637B696C6C6 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{9294BEFA-2C25-4ABF-8988-E5A83ABBA9DF}\64F62747F584561647F6E6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{9294BEFA-2C25-4ABF-8988-E5A83ABBA9DF}\F4572784F6D656 : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [PLFSetI] C:\Windows\PLFSetI.exe
x64-Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [LXCFCATS] rundll32 \3\LXCFtime.dll,RunDLLEntry
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Scot Grusian\AppData\Roaming\Mozilla\Firefox\Profiles\cfxu0p0u.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://
www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p=
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101772.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\Program Files (x86)\Winamp Detect\npwachk.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Scot Grusian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Scot Grusian\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Scot Grusian\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-08-01 05:39;
ascsurfingprotection@iobit.com; C:\Users\Scot Grusian\AppData\Roaming\Mozilla\Firefox\Profiles\cfxu0p0u.default\extensions\
ascsurfingprotection@iobit.com
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: extensions.searchya.hmpg - true
FF - user.js: extensions.searchya.hmpgUrl - hxxp://
www.searchya.com/?f=1&a=dnldyho&cd=2XzuyEtN2Y1L1QzutB0AyB0Czz0FtByC0E0BtBzz0B0CzytDtN0D0Tzu0CyEtCtCtN1L2XzutBtFtBtFtCtFyEyBzztN1L1Czu1Q1G1I1Q2U1M1F&cr=2006260437&ir=
FF - user.js: extensions.searchya.dfltSrch - true
FF - user.js: extensions.searchya.srchPrvdr - SearchYa!
FF - user.js: extensions.searchya.dnsErr - true
FF - user.js: extensions.searchya_i.newTab - false
FF - user.js: extensions.searchya.newTabUrl - hxxp://
www.searchya.com/?f=2&a=dnldyho&cd=2XzuyEtN2Y1L1QzutB0AyB0Czz0FtByC0E0BtBzz0B0CzytDtN0D0Tzu0CyEtCtCtN1L2XzutBtFtBtFtCtFyEyBzztN1L1Czu1Q1G1I1Q2U1M1F&cr=2006260437&ir=
FF - user.js: extensions.searchya.tlbrSrchUrl - hxxp://
www.searchya.com/?f=3&a=dnldyho&cd=2XzuyEtN2Y1L1QzutB0AyB0Czz0FtByC0E0BtBzz0B0CzytDtN0D0Tzu0CyEtCtCtN1L2XzutBtFtBtFtCtFyEyBzztN1L1Czu1Q1G1I1Q2U1M1F&cr=2006260437&ir=&q=
FF - user.js: extensions.searchya.id - 2A7C8F26EB28BC90
FF - user.js: extensions.searchya.instlDay - 15750
FF - user.js: extensions.searchya.vrsn - 1.8.8.0
FF - user.js: extensions.searchya.vrsni - 1.8.8.0
FF - user.js: extensions.searchya_i.vrsnTs - 1.8.8.019:16:27
FF - user.js: extensions.searchya.prtnrId - searchya
FF - user.js: extensions.searchya.prdct - searchya
FF - user.js: extensions.searchya.aflt - dnldyho
FF - user.js: extensions.searchya_i.smplGrp - none
FF - user.js: extensions.searchya.tlbrId - base
FF - user.js: extensions.searchya.instlRef -
FF - user.js: extensions.searchya.dfltLng -
FF - user.js: extensions.searchya.appId - {1973277F-87B0-4EA3-9ED2-470A91D284CF}
FF - user.js: extensions.searchya.excTlbr - false
FF - user.js: extensions.searchya_i.hmpg - true
FF - user.js: extensions.irspeeddial.aflt - dnldyho
FF - user.js: extensions.irspeeddial.instlRef -
FF - user.js: extensions.irspeeddial.cr - 2006260437
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1QzutB0AyB0Czz0FtByC0E0BtBzz0B0CzytDtN0D0Tzu0CyEtCtCtN1L2XzutBtFtBtFtCtFyEyBzztN1L1Czu1Q1G1I1Q2U1M1F
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-17 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-17 189936]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-2-4 17720]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-8-29 19600]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-2-20 1030952]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-2-20 378944]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-7-29 283064]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-2 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-2 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-2 60464]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-11-13 574272]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-2-20 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-2-20 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-5-25 46808]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-10-8 321104]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-8 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2011-12-1 8704]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2012-12-7 72216]
R3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2010-6-10 40448]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-12-21 321064]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 stdriver;Sound tap driver Upper Class Filter Driver v2.0.0.0;C:\Windows\System32\drivers\stdriver64.sys [2011-5-5 56408]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-10-8 38456]
S2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-2-19 46136]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-5-26 305520]
S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;C:\Windows\System32\drivers\netr7364.sys [2011-10-5 729152]
S3 NMgamingmsFltr;USB Optical Mouse;C:\Windows\System32\drivers\NMgamingms.sys [2009-7-24 11264]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-30 19456]
S3 SaiU0CCB;SaiU0CCB;C:\Windows\System32\drivers\SaiU0CCB.sys [2010-4-22 41096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-30 57856]
S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2011-2-19 18288]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 XENfiltv;XENfiltv;C:\Windows\System32\drivers\XENfiltv.sys [2009-7-31 25600]
.
=============== Created Last 30 ================
.
2013-08-09 07:41:009460976----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B01F6B81-DD8E-45C0-AA31-CEFB112C61C6}\mpengine.dll
2013-08-09 05:39:5617272----a-w-C:\Windows\System32\sdnclean64.exe
2013-08-09 05:39:40--------d-----w-C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-08-09 05:39:06--------d-----r-C:\Program Files (x86)\Skype
2013-08-08 10:21:07262552----a-w-C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2013-08-08 09:57:06--------d-----w-C:\ProgramData\CheckPoint
2013-08-06 01:08:37--------d-----w-C:\Users\Scot Grusian\AppData\Roaming\MinMaxGames
2013-08-04 05:54:02216064----a-w-C:\Windows\SysWow64\gcapi_dll.dll
2013-08-04 05:53:45--------d-----w-C:\Users\Scot Grusian\AppData\Roaming\Foxit Software
2013-08-04 05:53:43--------d-----w-C:\Program Files (x86)\Foxit Software
2013-08-04 05:50:44--------d-----w-C:\Program Files (x86)\SumatraPDF
2013-08-02 10:16:160----a-w-C:\Windows\SysWow64\sho80DA.tmp
2013-08-02 04:59:23--------d-----w-C:\Users\Scot Grusian\AppData\Roaming\com.fc2.blog21.irafyou.Brobdingnag2
2013-08-02 04:56:30--------d-----w-C:\Program Files (x86)\Brobdingnag2
2013-08-02 04:34:16--------d-----w-C:\Program Files (x86)\Auslogics
2013-07-31 10:40:470----a-w-C:\Windows\SysWow64\shoBA1C.tmp
2013-07-30 05:08:08283064----a-w-C:\Windows\System32\drivers\dtsoftbus01.sys
2013-07-30 05:08:00--------d-----w-C:\Program Files (x86)\DAEMON Tools Lite
2013-07-28 09:03:480----a-w-C:\Windows\SysWow64\shoD147.tmp
2013-07-28 08:34:05--------d-----w-C:\Program Files (x86)\Winamp Detect
2013-07-28 08:32:53--------d-----w-C:\Program Files (x86)\Common Files\PX Storage Engine
2013-07-26 11:32:540----a-w-C:\Windows\SysWow64\sho3EC8.tmp
2013-07-24 05:51:29--------d-----w-C:\Users\Scot Grusian\AppData\Local\dxhr
2013-07-24 05:45:48--------d-----w-C:\Users\Scot Grusian\AppData\Local\28050
2013-07-13 11:06:340----a-w-C:\Windows\SysWow64\sho14FC.tmp
2013-07-13 08:33:16--------d-----w-C:\ProgramData\Package Cache
2013-07-12 03:32:28571904----a-w-C:\Program Files\Windows Defender\MpClient.dll
2013-07-12 03:32:2854784----a-w-C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-12 03:32:28392704----a-w-C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-12 03:32:28314880----a-w-C:\Program Files\Windows Defender\MpCommu.dll
2013-07-12 03:32:281011712----a-w-C:\Program Files\Windows Defender\MpSvc.dll
2013-07-12 03:32:279216----a-w-C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-12 03:32:274608----a-w-C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-12 03:32:26624128----a-w-C:\Windows\System32\qedit.dll
2013-07-12 03:32:26509440----a-w-C:\Windows\SysWow64\qedit.dll
2013-07-12 03:32:241887744----a-w-C:\Windows\System32\WMVDECOD.DLL
2013-07-12 03:32:241620480----a-w-C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-12 03:32:063153920----a-w-C:\Windows\System32\win32k.sys
2013-07-12 03:31:581732608----a-w-C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-12 03:31:581367040----a-w-C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-12 03:31:571402880----a-w-C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-12 03:31:571393152----a-w-C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-12 03:31:56936448----a-w-C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-12 03:31:161643520----a-w-C:\Windows\System32\DWrite.dll
2013-07-12 03:31:151247744----a-w-C:\Windows\SysWow64\DWrite.dll
2013-07-12 03:05:370----a-w-C:\Windows\SysWow64\sho5CC3.tmp
2013-07-12 02:16:57--------d-----w-C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-07-12 02:16:36--------d-----w-C:\ProgramData\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
.
==================== Find3M ====================
.
2013-07-29 23:15:16692104----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-29 23:15:1571048----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-08 10:50:310----a-w-C:\Windows\SysWow64\shoE41F.tmp
2013-06-28 01:50:40189936----a-w-C:\Windows\System32\drivers\aswVmm.sys
2013-06-28 01:50:401030952----a-w-C:\Windows\System32\drivers\aswSnx.sys
2013-06-27 04:55:38108968----a-w-C:\Windows\System32\WindowsAccessBridge-64.dll
2013-06-27 04:55:32972712----a-w-C:\Windows\System32\deployJava1.dll
2013-06-27 04:55:321093032----a-w-C:\Windows\System32\npDeployJava1.dll
2013-06-27 04:54:0196168----a-w-C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-27 04:53:57867240----a-w-C:\Windows\SysWow64\npDeployJava1.dll
2013-06-27 04:53:57789416----a-w-C:\Windows\SysWow64\deployJava1.dll
2013-06-11 23:43:371767936----a-w-C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:002877440----a-w-C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:5861440----a-w-C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58109056----a-w-C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:202241024----a-w-C:\Windows\System32\wininet.dll
2013-06-11 23:25:163958784----a-w-C:\Windows\System32\jscript9.dll
2013-06-11 23:25:1367072----a-w-C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13136704----a-w-C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:4571680----a-w-C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:5889600----a-w-C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-08 04:07:240----a-w-C:\Windows\SysWow64\shoFC21.tmp
2013-06-07 03:22:182706432----a-w-C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:522706432----a-w-C:\Windows\SysWow64\mshtml.tlb
2013-05-31 18:00:00127488----a-w-C:\Windows\System32\ff_vfw.dll
2013-05-29 04:17:250----a-w-C:\Windows\SysWow64\sho57BA.tmp
2013-05-23 01:49:3217720----a-w-C:\Windows\System32\drivers\SmartDefragDriver.sys
2013-05-22 07:20:100----a-w-C:\Windows\SysWow64\sho2C01.tmp
2013-05-16 01:26:0248640----a-w-C:\Windows\System32\wwanprotdim.dll
2013-05-16 01:26:02230400----a-w-C:\Windows\System32\wwansvc.dll
2013-05-16 01:25:28474624----a-w-C:\Windows\apppatch\AcSpecfc.dll
2013-05-16 01:25:28350208----a-w-C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-05-16 01:25:28308736----a-w-C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-05-16 01:25:282176512----a-w-C:\Windows\apppatch\AcGenral.dll
2013-05-16 01:25:28135168----a-w-C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-05-16 01:25:28111104----a-w-C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-05-13 05:51:01184320----a-w-C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:001464320----a-w-C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00139776----a-w-C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:4052224----a-w-C:\Windows\System32\certenc.dll
2013-05-13 04:45:55140288----a-w-C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:551160192----a-w-C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55103936----a-w-C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:551192448----a-w-C:\Windows\System32\certutil.exe
2013-05-13 03:08:10903168----a-w-C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:0643008----a-w-C:\Windows\SysWow64\certenc.dll
.
============= FINISH: 3:33:54.73 ===============
MBAM log:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.08.08.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Scot Grusian :: MAXXIMUS_PRIME [administrator]
8/9/2013 1:58:50 AM
MBAM-log-2013-08-09 (02-21-25).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 258782
Time elapsed: 10 minute(s), 40 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 1
C:\Users\Scot Grusian\AppData\Roaming\dclogs (Stolen.Data) -> No action taken.
Files Detected: 18
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-08-16-5.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-08-21-3.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-08-22-4.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-08-23-5.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-08-24-6.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-08-25-7.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-08-26-1.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-08-28-3.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-08-29-4.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-08-30-5.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-09-01-7.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-09-02-1.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-09-14-6.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-09-15-7.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-09-16-1.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-09-17-2.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-09-18-3.dc (Stolen.Data) -> No action taken.
C:\Users\Scot Grusian\AppData\Roaming\dclogs\2012-09-19-4.dc (Stolen.Data) -> No action taken.
(end)
Hope this helps!