Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 10/09/2014
Scan Time: 6:41:48 PM
Logfile: Malwarebytes.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.10.03
Rootkit Database: v2014.08.21.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Sam
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 399377
Time Elapsed: 10 min, 34 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 1
PUP.Optional.Qone8, HKU\S-1-5-21-3986084605-3247356130-1725618732-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [9603ecdd3d3ea1953f3caca1b25251af],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17280 BrowserJavaVersion: 10.67.2
Run by Sam at 19:06:45 on 2014-09-10
Microsoft Windows 7 Professional 6.1.7601.1.1252.61.1033.18.8191.6676 [GMT 9.5:30]
.
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Atomic Alarm Clock\timeserv.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\hasplms.exe
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\HitmanPro\hmpsched.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\PROGRAM FILES\NVIDIA CORPORATION\RAID\NVRAIDSERVICE.EXE
C:\Program Files (x86)\AVG\AVG2012\avgcfgex.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uSearch Bar = Preserve
mStart Page = www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = www.google.com
mDefault_Search_URL = www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: FdmIeBho.FDMIEBHO: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
uRun: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
uRun: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [AntiLogger] "C:\Program Files (x86)\AntiLogger\AntiLogger.exe" /minimized
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [NWEReboot] <no file>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
SEH: ShellHook Class - {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\Program Files (x86)\MarkAny\ContentSAFER\MACSMANAGER.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = www.google.com
x64-mSearch Page = hxxp://www.google.com
x64-mDefault_Page_URL = www.google.com
x64-mDefault_Search_URL = www.google.com
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: Adblock Pro: {F385C231-605B-4d8f-ACA9-DBFF765BBE17} - C:\Program Files\Adblock Pro\AdblockPro.dll
x64-BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-IE: {E7FD3540-AB30-40f1-91E7-101F733C1FD5} - {7685B225-8229-4321-BA13-A24485B0A760} - C:\Program Files\Adblock Pro\AdblockPro.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]
R0 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-5-21 122584]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-9-28 17720]
R1 AntiLog32;AntiLog32;C:\Windows\System32\drivers\AntiLog64.sys [2012-7-24 49752]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2011-5-23 48992]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-11-8 307040]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-4-11 384800]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-10-24 50976]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2013-11-13 30752]
R1 RawDisk3;RawDisk3;C:\Windows\System32\drivers\rawdsk3.sys [2014-9-7 32912]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-11-2 893216]
R2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2014-7-10 75648]
R2 AtomicAlarmClock;Atomic Alarm Clock Time;C:\Program Files\Atomic Alarm Clock\timeserv.exe [2013-2-9 2062336]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 hasplms;Sentinel HASP License Manager;C:\Windows\System32\hasplms.exe -run --> C:\Windows\System32\hasplms.exe -run [?]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2014-9-3 180136]
R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2014-9-7 4700872]
R2 PDFsFilter;PDFsFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2013-11-13 82160]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-4-9 411936]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-12-10 127328]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]
S2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2012-12-5 2321560]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2013-10-15 5175856]
S2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2014-9-7 127752]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-2 2282272]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-5-21 1809720]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-5-21 860472]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2012-10-3 95232]
S3 cleanhlp;cleanhlp;C:\EEK\bin\cleanhlp64.sys [2014-9-8 57024]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2014-3-16 21712]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2014-9-7 17480]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2014-9-7 9800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-10 111616]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]
S3 LVUVC64;Logitech Webcam 100(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2014-3-5 6379288]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-7-21 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-5-21 63704]
S3 MRV6X64P;Vista 64-bits Native WiFi Driver;C:\Windows\System32\drivers\MRVW13C.sys [2007-5-3 244736]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.sys [2012-11-4 16448]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-13 56832]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-2-26 1255736]
S4 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
S4 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-7-18 762192]
S4 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
.
=============== Created Last 30 ================
.
2014-09-10 08:46:25 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-09-10 08:46:25 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-09-10 08:46:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-09-10 08:46:25 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-09-10 08:46:25 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-09-10 08:09:29 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2014-09-10 08:09:29 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2014-09-10 07:37:09 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-09-10 07:37:09 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-09-10 07:37:00 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-09-10 07:37:00 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-09-08 15:43:56 -------- d-----w- C:\Users\Sam\AppData\Local\CrashDumps
2014-09-08 10:54:17 -------- d-----w- C:\EEK
2014-09-08 09:05:43 36456 ----a-w- C:\Windows\System32\drivers\TrueSight.sys
2014-09-08 09:05:32 -------- d-----w- C:\ProgramData\RogueKiller
2014-09-07 12:00:39 -------- d-----w- C:\Windows\System32\CatRoot2
2014-09-07 11:22:15 -------- d-----w- C:\Users\Sam\AppData\Roaming\AntiLogger
2014-09-07 05:52:28 24136 ----a-w- C:\Windows\System32\fbnative.exe
2014-09-07 05:46:00 9800 ----a-w- C:\Windows\System32\EuGdiDrv.sys
2014-09-07 05:46:00 9160 ----a-w- C:\Windows\SysWow64\EuGdiDrv.sys
2014-09-07 05:46:00 87112 ----a-w- C:\Windows\SysWow64\setupempdrv03.exe
2014-09-07 05:46:00 3382440 ----a-w- C:\Windows\System32\BootMan.exe
2014-09-07 05:46:00 2499752 ----a-w- C:\Windows\SysWow64\BootMan.exe
2014-09-07 05:46:00 19840 ----a-w- C:\Windows\SysWow64\EuEpmGdi.dll
2014-09-07 05:46:00 17480 ----a-w- C:\Windows\System32\epmntdrv.sys
2014-09-07 05:46:00 16256 ----a-w- C:\Windows\System32\EuEpmGdi.dll
2014-09-07 05:46:00 13896 ----a-w- C:\Windows\SysWow64\epmntdrv.sys
2014-09-07 05:46:00 100936 ----a-w- C:\Windows\System32\setupempdrvx64.exe
2014-09-07 02:37:09 32912 ----a-w- C:\Windows\System32\drivers\rawdsk3.sys
2014-09-07 02:37:07 -------- d-----w- C:\logs
2014-09-06 16:41:51 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-09-06 16:41:48 11319192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D03AFC31-F206-4261-98FA-9D8F551501CE}\mpengine.dll
2014-09-06 16:04:10 -------- d-----w- C:\Program Files\HitmanPro
2014-09-06 16:03:39 -------- d-----w- C:\ProgramData\HitmanPro
2014-09-06 15:10:08 -------- d-----w- C:\AdwCleaner
2014-09-06 10:14:29 -------- d-----w- C:\Windows\ERUNT
2014-09-06 08:15:13 74703 ----a-w- C:\Windows\SysWow64\mfc45.dat
2014-09-05 10:41:00 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-09-05 10:41:00 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-09-04 13:37:41 -------- d-----w- C:\Windows\SysWow64\X86
2014-09-04 13:37:41 -------- d-----w- C:\Windows\SysWow64\AMD64
2014-09-04 13:34:28 -------- d-----w- C:\ProgramData\YouiTiubeiAAdBloockee
2014-09-04 13:34:27 -------- d-----w- C:\Program Files (x86)\YouiTiubeiAAdBloockee
2014-09-04 13:27:18 -------- d-----w- C:\ProgramData\207e1cbe898ce19f
2014-09-04 13:27:17 -------- d-----w- C:\Users\Sam\AppData\Local\Comodo
2014-09-03 08:23:46 180136 ----a-w- C:\Windows\System32\drivers\idmwfp.sys
2014-08-28 08:53:05 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-28 08:53:05 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-28 08:53:05 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-23 11:47:59 -------- d-----w- C:\Program Files (x86)\Wi-Fi Password Key
2014-08-13 10:27:19 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2014-08-13 10:27:19 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-08-13 10:27:19 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-08-13 10:27:19 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2014-08-13 10:27:19 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2014-08-13 10:27:19 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2014-08-13 10:27:05 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-13 10:27:05 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-08-13 09:52:51 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
.
==================== Find3M ====================
.
2014-09-10 08:54:54 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-08-24 21:23:42 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-08-18 22:29:49 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-08-18 22:29:35 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53 5833728 ----a-w- C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:08:55 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:03:47 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-08-18 21:57:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17 2104832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-08-18 21:23:16 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13 2310656 ----a-w- C:\Windows\System32\wininet.dll
2014-08-18 21:08:54 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-08-12 14:27:18 57584 ----a-w- C:\Windows\System32\iolobtdfg.exe
2014-08-12 14:27:10 26184 ----a-w- C:\Windows\System32\smrgdf.exe
2014-08-12 14:11:20 2155152 ----a-w- C:\Windows\System32\Incinerator64.dll
2014-08-12 14:11:18 2097984 ----a-w- C:\Windows\SysWow64\Incinerator32.dll
2014-08-11 11:40:06 50976 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-08-06 09:22:42 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-24 17:05:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 14:17:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-07-09 11:43:34 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 11:43:34 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-09 09:18:34 692736 ----a-w- C:\Windows\System32\osk.exe
2014-07-09 09:18:34 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-07-09 09:16:49 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-07-09 09:15:29 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-07-09 09:15:29 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-07-09 09:15:29 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-07-09 09:15:29 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-07-09 09:15:29 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2014-07-09 09:15:29 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-07-09 09:15:29 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-07-09 09:15:29 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-07-09 09:15:29 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-07-09 09:15:29 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-07-09 09:15:29 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-07-09 09:15:29 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-07-09 09:14:22 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-07-09 09:14:22 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
.
============= FINISH: 19:07:18.36 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 16/02/2012 2:40:43 PM
System Uptime: 10/09/2014 6:18:17 PM (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | STRIKER II FORMULA
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2400/266mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 328 GiB total, 60.413 GiB free.
D: is FIXED (NTFS) - 138 GiB total, 96.218 GiB free.
E: is CDROM ()
F: is Removable
G: is CDROM ()
H: is Removable
I: is Removable
J: is Removable
K: is Removable
L: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: NETGEAR WG311v3 54Mbps Wireless PCI Adapter
Device ID: PCI\VEN_11AB&DEV_1FAA&SUBSYS_6B001385&REV_03\4&36AC3632&0&3878
Manufacturer: Marvell
Name: NETGEAR WG311v3 54Mbps Wireless PCI Adapter
PNP Device ID: PCI\VEN_11AB&DEV_1FAA&SUBSYS_6B001385&REV_03\4&36AC3632&0&3878
Service: MRV6X64P
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office Suite Service Pack 3 (SP3)
Adblock Plus for IE (32-bit and 64-bit)
Adblock Pro x64 3.0
Adobe AIR
Adobe Digital Editions 3.0
Adobe Flash Player 14 ActiveX
Adobe Flash Player 14 Plugin
Adobe Reader XI (11.0.08)
Adobe Shockwave Player 12.1
Advanced SystemCare 7
Alcor Micro USB Card Reader
AntiLogger
ASUSUpdate
Atomic Alarm Clock 5.91
AVG 2012
Avogadro
Bootstrapper
CCleaner
Copy Plus
DataNumen CAB Repair v2.0
Daum PotPlayer 1.5.44465
Dodo Wireless Broadband
Driver Booster
EaseUS Partition Master 10.1
GNU Backgammon (MAIN branch, 20121023 code)
GOM Player
Google Chrome
Google Update Helper
Hard Disk Sentinel
HitmanPro 3.7
HP Color LaserJet CP1210 Series
HP Color LaserJet CP1210 Series Toolbox
HP LaserJet Toolbox
HP Update
hppusgCP1215
HPSSupply
Internet Download Manager
IObit Uninstaller
iolo technologies' System Mechanic
Java 7 Update 25 (64-bit)
Java 7 Update 67
Java Auto Updater
Lame ACM MP3 Codec
LightScribe System Software
Logitech Vid
Logitech Webcam Software
Logitech Webcam Software Driver Package
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 2.0.2.1012
MarketResearch
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Minitab 16
Minitab Software Update Manager
Minitab16
MrvlUsgTracking64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NavDesk 7.50
Nero 7 Essentials
Nero Burning Core
Nero Burning ROM
Nero Burning ROM 2014
Nero Burning ROM Help (CHM)
Nero ControlCenter
Nero ControlCenter Help (CHM)
Nero Core Components
Nero CoverDesigner
Nero CoverDesigner Help (CHM)
Nero SharedVideoCodecs
Nero Update
NVIDIA 3D Vision Controller Driver 320.49
NVIDIA 3D Vision Driver 335.23
NVIDIA Control Panel 335.23
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA GeForce Experience 1.5
NVIDIA Graphics Driver 335.23
NVIDIA Install Application
NVIDIA MediaShield
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0604
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 10.4.0
NVIDIA Update Components
PDF Password Remover
PeerBlock 1.2 (r693)
Prerequisite installer
Puran File Recovery 1.2
Samsung Media Studio
Samsung New PC Studio
SAMSUNG USB Driver for Mobile Phones
Screenpresso
Secure Download Manager
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
Smart Defrag 2
SoftOrbits Flash Drive Recovery 2.1
SoftPerfect WiFi Guard version 1.0.0
SoftwareManager
Speccy
Surfing Protection
swMSM
System Requirements Lab for Intel
Tweaking.com - Windows Repair (All in One)
UniPDF 1.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974631)
Update for Microsoft Office Word 2007 Help (KB963665)
Viper Plagiarism Scanner
Visual Studio 2008 x64 Redistributables
VueScan
Wi-Fi Password Key
WinPDFEditor V2.0.5
WinZip 16.5
XviD MPEG-4 Video Codec
.
==== Event Viewer Messages From Past Week ========
.
9/09/2014 5:18:54 PM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
9/09/2014 4:27:42 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.
9/09/2014 4:27:12 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
9/09/2014 4:27:03 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
9/09/2014 4:26:21 PM, Error: volmgr [46] - Crash dump initialization failed!
9/09/2014 2:10:49 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR6.
9/09/2014 1:46:20 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
9/09/2014 1:45:26 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Type with the following error: Access is denied.
9/09/2014 1:45:26 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Description with the following error: Access is denied.
9/09/2014 1:45:25 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
9/09/2014 1:45:24 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for DelayedAutostart with the following error: Access is denied.
9/09/2014 1:45:12 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for DeleteFlag with the following error: Access is denied.
10/09/2014 6:01:44 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070003: Update for Windows 7 for x64-based Systems (KB2985461).
10/09/2014 6:01:44 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070003: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2894844).
10/09/2014 12:24:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
10/09/2014 12:22:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AeLookupSvc service.
10/09/2014 12:22:13 AM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/09/2014 12:20:11 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
10/09/2014 12:19:41 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
10/09/2014 12:10:22 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR7.
.
==== End Of File ===========================
The Qone8 registry key keeps returning.
Have run
Kaspersky TDSSKiller
RKill
Malwarebytes Anti-Malware
RogueKiller
HitmanPro
Emsisoft Emergency Kit
AdwCleane
Junkware Removal Tool
www.malwarebytes.org
Scan Date: 10/09/2014
Scan Time: 6:41:48 PM
Logfile: Malwarebytes.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.10.03
Rootkit Database: v2014.08.21.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Sam
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 399377
Time Elapsed: 10 min, 34 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 1
PUP.Optional.Qone8, HKU\S-1-5-21-3986084605-3247356130-1725618732-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [9603ecdd3d3ea1953f3caca1b25251af],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17280 BrowserJavaVersion: 10.67.2
Run by Sam at 19:06:45 on 2014-09-10
Microsoft Windows 7 Professional 6.1.7601.1.1252.61.1033.18.8191.6676 [GMT 9.5:30]
.
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Atomic Alarm Clock\timeserv.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\hasplms.exe
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\HitmanPro\hmpsched.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\PROGRAM FILES\NVIDIA CORPORATION\RAID\NVRAIDSERVICE.EXE
C:\Program Files (x86)\AVG\AVG2012\avgcfgex.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uSearch Bar = Preserve
mStart Page = www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = www.google.com
mDefault_Search_URL = www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: FdmIeBho.FDMIEBHO: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
uRun: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
uRun: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [AntiLogger] "C:\Program Files (x86)\AntiLogger\AntiLogger.exe" /minimized
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [NWEReboot] <no file>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
SEH: ShellHook Class - {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\Program Files (x86)\MarkAny\ContentSAFER\MACSMANAGER.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = www.google.com
x64-mSearch Page = hxxp://www.google.com
x64-mDefault_Page_URL = www.google.com
x64-mDefault_Search_URL = www.google.com
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: Adblock Pro: {F385C231-605B-4d8f-ACA9-DBFF765BBE17} - C:\Program Files\Adblock Pro\AdblockPro.dll
x64-BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-IE: {E7FD3540-AB30-40f1-91E7-101F733C1FD5} - {7685B225-8229-4321-BA13-A24485B0A760} - C:\Program Files\Adblock Pro\AdblockPro.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]
R0 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-5-21 122584]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-9-28 17720]
R1 AntiLog32;AntiLog32;C:\Windows\System32\drivers\AntiLog64.sys [2012-7-24 49752]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2011-5-23 48992]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-11-8 307040]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-4-11 384800]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-10-24 50976]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2013-11-13 30752]
R1 RawDisk3;RawDisk3;C:\Windows\System32\drivers\rawdsk3.sys [2014-9-7 32912]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-11-2 893216]
R2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2014-7-10 75648]
R2 AtomicAlarmClock;Atomic Alarm Clock Time;C:\Program Files\Atomic Alarm Clock\timeserv.exe [2013-2-9 2062336]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 hasplms;Sentinel HASP License Manager;C:\Windows\System32\hasplms.exe -run --> C:\Windows\System32\hasplms.exe -run [?]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2014-9-3 180136]
R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2014-9-7 4700872]
R2 PDFsFilter;PDFsFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2013-11-13 82160]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-4-9 411936]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-12-10 127328]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]
S2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2012-12-5 2321560]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2013-10-15 5175856]
S2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2014-9-7 127752]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-2 2282272]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-5-21 1809720]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-5-21 860472]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2012-10-3 95232]
S3 cleanhlp;cleanhlp;C:\EEK\bin\cleanhlp64.sys [2014-9-8 57024]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2014-3-16 21712]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2014-9-7 17480]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2014-9-7 9800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-10 111616]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]
S3 LVUVC64;Logitech Webcam 100(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2014-3-5 6379288]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-7-21 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-5-21 63704]
S3 MRV6X64P;Vista 64-bits Native WiFi Driver;C:\Windows\System32\drivers\MRVW13C.sys [2007-5-3 244736]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.sys [2012-11-4 16448]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-13 56832]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-2-26 1255736]
S4 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
S4 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-7-18 762192]
S4 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
.
=============== Created Last 30 ================
.
2014-09-10 08:46:25 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-09-10 08:46:25 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-09-10 08:46:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-09-10 08:46:25 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-09-10 08:46:25 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-09-10 08:09:29 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2014-09-10 08:09:29 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2014-09-10 07:37:09 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-09-10 07:37:09 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-09-10 07:37:00 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-09-10 07:37:00 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-09-08 15:43:56 -------- d-----w- C:\Users\Sam\AppData\Local\CrashDumps
2014-09-08 10:54:17 -------- d-----w- C:\EEK
2014-09-08 09:05:43 36456 ----a-w- C:\Windows\System32\drivers\TrueSight.sys
2014-09-08 09:05:32 -------- d-----w- C:\ProgramData\RogueKiller
2014-09-07 12:00:39 -------- d-----w- C:\Windows\System32\CatRoot2
2014-09-07 11:22:15 -------- d-----w- C:\Users\Sam\AppData\Roaming\AntiLogger
2014-09-07 05:52:28 24136 ----a-w- C:\Windows\System32\fbnative.exe
2014-09-07 05:46:00 9800 ----a-w- C:\Windows\System32\EuGdiDrv.sys
2014-09-07 05:46:00 9160 ----a-w- C:\Windows\SysWow64\EuGdiDrv.sys
2014-09-07 05:46:00 87112 ----a-w- C:\Windows\SysWow64\setupempdrv03.exe
2014-09-07 05:46:00 3382440 ----a-w- C:\Windows\System32\BootMan.exe
2014-09-07 05:46:00 2499752 ----a-w- C:\Windows\SysWow64\BootMan.exe
2014-09-07 05:46:00 19840 ----a-w- C:\Windows\SysWow64\EuEpmGdi.dll
2014-09-07 05:46:00 17480 ----a-w- C:\Windows\System32\epmntdrv.sys
2014-09-07 05:46:00 16256 ----a-w- C:\Windows\System32\EuEpmGdi.dll
2014-09-07 05:46:00 13896 ----a-w- C:\Windows\SysWow64\epmntdrv.sys
2014-09-07 05:46:00 100936 ----a-w- C:\Windows\System32\setupempdrvx64.exe
2014-09-07 02:37:09 32912 ----a-w- C:\Windows\System32\drivers\rawdsk3.sys
2014-09-07 02:37:07 -------- d-----w- C:\logs
2014-09-06 16:41:51 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-09-06 16:41:48 11319192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D03AFC31-F206-4261-98FA-9D8F551501CE}\mpengine.dll
2014-09-06 16:04:10 -------- d-----w- C:\Program Files\HitmanPro
2014-09-06 16:03:39 -------- d-----w- C:\ProgramData\HitmanPro
2014-09-06 15:10:08 -------- d-----w- C:\AdwCleaner
2014-09-06 10:14:29 -------- d-----w- C:\Windows\ERUNT
2014-09-06 08:15:13 74703 ----a-w- C:\Windows\SysWow64\mfc45.dat
2014-09-05 10:41:00 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-09-05 10:41:00 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-09-04 13:37:41 -------- d-----w- C:\Windows\SysWow64\X86
2014-09-04 13:37:41 -------- d-----w- C:\Windows\SysWow64\AMD64
2014-09-04 13:34:28 -------- d-----w- C:\ProgramData\YouiTiubeiAAdBloockee
2014-09-04 13:34:27 -------- d-----w- C:\Program Files (x86)\YouiTiubeiAAdBloockee
2014-09-04 13:27:18 -------- d-----w- C:\ProgramData\207e1cbe898ce19f
2014-09-04 13:27:17 -------- d-----w- C:\Users\Sam\AppData\Local\Comodo
2014-09-03 08:23:46 180136 ----a-w- C:\Windows\System32\drivers\idmwfp.sys
2014-08-28 08:53:05 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-28 08:53:05 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-28 08:53:05 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-23 11:47:59 -------- d-----w- C:\Program Files (x86)\Wi-Fi Password Key
2014-08-13 10:27:19 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2014-08-13 10:27:19 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-08-13 10:27:19 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-08-13 10:27:19 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2014-08-13 10:27:19 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2014-08-13 10:27:19 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2014-08-13 10:27:05 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-13 10:27:05 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-08-13 09:52:51 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
.
==================== Find3M ====================
.
2014-09-10 08:54:54 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-08-24 21:23:42 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-08-18 22:29:49 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-08-18 22:29:35 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53 5833728 ----a-w- C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:08:55 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:03:47 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-08-18 21:57:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17 2104832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-08-18 21:23:16 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13 2310656 ----a-w- C:\Windows\System32\wininet.dll
2014-08-18 21:08:54 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-08-12 14:27:18 57584 ----a-w- C:\Windows\System32\iolobtdfg.exe
2014-08-12 14:27:10 26184 ----a-w- C:\Windows\System32\smrgdf.exe
2014-08-12 14:11:20 2155152 ----a-w- C:\Windows\System32\Incinerator64.dll
2014-08-12 14:11:18 2097984 ----a-w- C:\Windows\SysWow64\Incinerator32.dll
2014-08-11 11:40:06 50976 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-08-06 09:22:42 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-24 17:05:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 14:17:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-07-09 11:43:34 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 11:43:34 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-09 09:18:34 692736 ----a-w- C:\Windows\System32\osk.exe
2014-07-09 09:18:34 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-07-09 09:16:49 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-07-09 09:15:29 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-07-09 09:15:29 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-07-09 09:15:29 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-07-09 09:15:29 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-07-09 09:15:29 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2014-07-09 09:15:29 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-07-09 09:15:29 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-07-09 09:15:29 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-07-09 09:15:29 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-07-09 09:15:29 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-07-09 09:15:29 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-07-09 09:15:29 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-07-09 09:14:22 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-07-09 09:14:22 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
.
============= FINISH: 19:07:18.36 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 16/02/2012 2:40:43 PM
System Uptime: 10/09/2014 6:18:17 PM (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | STRIKER II FORMULA
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2400/266mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 328 GiB total, 60.413 GiB free.
D: is FIXED (NTFS) - 138 GiB total, 96.218 GiB free.
E: is CDROM ()
F: is Removable
G: is CDROM ()
H: is Removable
I: is Removable
J: is Removable
K: is Removable
L: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: NETGEAR WG311v3 54Mbps Wireless PCI Adapter
Device ID: PCI\VEN_11AB&DEV_1FAA&SUBSYS_6B001385&REV_03\4&36AC3632&0&3878
Manufacturer: Marvell
Name: NETGEAR WG311v3 54Mbps Wireless PCI Adapter
PNP Device ID: PCI\VEN_11AB&DEV_1FAA&SUBSYS_6B001385&REV_03\4&36AC3632&0&3878
Service: MRV6X64P
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office Suite Service Pack 3 (SP3)
Adblock Plus for IE (32-bit and 64-bit)
Adblock Pro x64 3.0
Adobe AIR
Adobe Digital Editions 3.0
Adobe Flash Player 14 ActiveX
Adobe Flash Player 14 Plugin
Adobe Reader XI (11.0.08)
Adobe Shockwave Player 12.1
Advanced SystemCare 7
Alcor Micro USB Card Reader
AntiLogger
ASUSUpdate
Atomic Alarm Clock 5.91
AVG 2012
Avogadro
Bootstrapper
CCleaner
Copy Plus
DataNumen CAB Repair v2.0
Daum PotPlayer 1.5.44465
Dodo Wireless Broadband
Driver Booster
EaseUS Partition Master 10.1
GNU Backgammon (MAIN branch, 20121023 code)
GOM Player
Google Chrome
Google Update Helper
Hard Disk Sentinel
HitmanPro 3.7
HP Color LaserJet CP1210 Series
HP Color LaserJet CP1210 Series Toolbox
HP LaserJet Toolbox
HP Update
hppusgCP1215
HPSSupply
Internet Download Manager
IObit Uninstaller
iolo technologies' System Mechanic
Java 7 Update 25 (64-bit)
Java 7 Update 67
Java Auto Updater
Lame ACM MP3 Codec
LightScribe System Software
Logitech Vid
Logitech Webcam Software
Logitech Webcam Software Driver Package
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 2.0.2.1012
MarketResearch
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Minitab 16
Minitab Software Update Manager
Minitab16
MrvlUsgTracking64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NavDesk 7.50
Nero 7 Essentials
Nero Burning Core
Nero Burning ROM
Nero Burning ROM 2014
Nero Burning ROM Help (CHM)
Nero ControlCenter
Nero ControlCenter Help (CHM)
Nero Core Components
Nero CoverDesigner
Nero CoverDesigner Help (CHM)
Nero SharedVideoCodecs
Nero Update
NVIDIA 3D Vision Controller Driver 320.49
NVIDIA 3D Vision Driver 335.23
NVIDIA Control Panel 335.23
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA GeForce Experience 1.5
NVIDIA Graphics Driver 335.23
NVIDIA Install Application
NVIDIA MediaShield
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0604
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 10.4.0
NVIDIA Update Components
PDF Password Remover
PeerBlock 1.2 (r693)
Prerequisite installer
Puran File Recovery 1.2
Samsung Media Studio
Samsung New PC Studio
SAMSUNG USB Driver for Mobile Phones
Screenpresso
Secure Download Manager
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
Smart Defrag 2
SoftOrbits Flash Drive Recovery 2.1
SoftPerfect WiFi Guard version 1.0.0
SoftwareManager
Speccy
Surfing Protection
swMSM
System Requirements Lab for Intel
Tweaking.com - Windows Repair (All in One)
UniPDF 1.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974631)
Update for Microsoft Office Word 2007 Help (KB963665)
Viper Plagiarism Scanner
Visual Studio 2008 x64 Redistributables
VueScan
Wi-Fi Password Key
WinPDFEditor V2.0.5
WinZip 16.5
XviD MPEG-4 Video Codec
.
==== Event Viewer Messages From Past Week ========
.
9/09/2014 5:18:54 PM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
9/09/2014 4:27:42 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.
9/09/2014 4:27:12 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
9/09/2014 4:27:03 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
9/09/2014 4:26:21 PM, Error: volmgr [46] - Crash dump initialization failed!
9/09/2014 2:10:49 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR6.
9/09/2014 1:46:20 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
9/09/2014 1:45:26 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Type with the following error: Access is denied.
9/09/2014 1:45:26 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Description with the following error: Access is denied.
9/09/2014 1:45:25 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
9/09/2014 1:45:24 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for DelayedAutostart with the following error: Access is denied.
9/09/2014 1:45:12 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for DeleteFlag with the following error: Access is denied.
10/09/2014 6:01:44 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070003: Update for Windows 7 for x64-based Systems (KB2985461).
10/09/2014 6:01:44 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070003: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2894844).
10/09/2014 12:24:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
10/09/2014 12:22:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AeLookupSvc service.
10/09/2014 12:22:13 AM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/09/2014 12:20:11 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
10/09/2014 12:19:41 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
10/09/2014 12:10:22 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR7.
.
==== End Of File ===========================
The Qone8 registry key keeps returning.
Have run
Kaspersky TDSSKiller
RKill
Malwarebytes Anti-Malware
RogueKiller
HitmanPro
Emsisoft Emergency Kit
AdwCleane
Junkware Removal Tool
Last edited: