the_doc735

thank you for your information!

What I meant to say is: I mean if you open, run, use and execute an infected program unwittingly for example, will that program install something malicious and will malwarebytes and AVAST get rid of it? many thanks!

I mean if you open, run and, use an infected keygen for example, will it install something malicious and will malwarebytes and AVAST get rid of it? many thanks!

does malwarebytes detect ONLY packaged / downloaded malware OR does it detect what has been unleashed once it has been activated [double clicked/run etc.]?

I could send the logs to a seperate email address if your server is faulty?

The server returned an error during upload?

the update has just changed to 16.08.12 - 17.04.00 hrs [time now 20.54.00 hrs]? I did set the update scheduler to check at 00.50hrs at a 4 hour interval [i.e. inc. 08.50 & 20.50 hrs] - so that's just 4 minutes past the time I set!

I know how to 'zip' but don't know how to attach in this forum?

the update has just changed to 16.08.12 - 17.04.00 hrs [time now 20.54.00 hrs]? this update and the scans I mentioned were automatic on a schedule - NOT MANUAL. YOU SAY THERE IS NO MANUAL UPDATE? - on the update tab you can press a button to 'check for updates' [manually]!

'update' - nothing changed since yesterdays manual update at 18:07:30 hrs? - maybe there was non available at that time? 'scan' - did run at 17.20 hrs !! now lets see if it runs at 1.10hrs - the time I actually want it to trigger?

I've set the 'scan' for 17.20 hrs - let's see?

'update' - nothing changed since yesterdays manual update at 18:07:30 hrs? - maybe there was non available at that time? 'scan' - did run at 13.20 hrs !!

OK - I've scheduled the update for 13.00 hrs and the scan for 13.20 hrs. not altered anything else. cheers! let's see?

off to bed!

there are now 2 logs, created a few minutes ago. I was sat here waiting for windows update to finish and at 00.33.43 hrs [uK] a scan started? I SCHEDULED the scan for 23.45.00 hrs but nothing happened at that time? But just a few minutes ago the scan window popped up all on its own without being scheduled for that time? What is going on? iS IT JUST SCANNING RANDOMLY whenever it feels like it?

in the task manager should I be looking in the applications, processes or services for signs of activity? After entering your lines it did look like your screen shot [above] and I simply changed the time to a few minutes ahead and when it reached the run time it looked as though nothing was happening and no log created? I even unchecked the run silently and looked at the scan page itself but there were no signs of any activity? It worked the first night I installed it and went to the scan window to visibly observe what was going on and I could actually see the progress etc! Now there is nothing [visible]?

OK - 'CHECK RESULTS' file sent to you in a private message. [advanced setup]

http://downloads.malwarebytes.org/file/mbam_check this app won't open or run even as administrator? virus/firewall turned. cheers!

. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 31/07/2012 13:39:08 System Uptime: 15/08/2012 19:09:45 (0 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. | | P31-DS3L Processor: Intel® Pentium® D CPU 3.40GHz | Socket 775 | 3400/200mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 99 GiB total, 71.996 GiB free. D: is FIXED (NTFS) - 99 GiB total, 94.271 GiB free. E: is FIXED (NTFS) - 99 GiB total, 97.633 GiB free. F: is CDROM () G: is CDROM () H: is Removable I: is CDROM (CDFS) J: is Removable K: is CDROM (CDFS) L: is Removable M: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP92: 14/08/2012 01:01:56 - Created by PC Tools Registry Mechanic RP93: 14/08/2012 10:44:21 - Removed 3Connect RP94: 14/08/2012 12:15:58 - Installed 3Connect RP96: 14/08/2012 12:26:14 - Before uninstalling 3Connect RP98: 14/08/2012 12:41:49 - Before uninstalling ZTE_1.2059.0.8 RP99: 14/08/2012 13:13:04 - Installed 3Connect RP100: 14/08/2012 14:05:21 - Windows Update RP102: 15/08/2012 01:02:03 - Created by PC Tools Registry Mechanic RP104: 15/08/2012 11:23:40 - Before uninstalling Malwarebytes Anti-Malware version 1.62.0.1300 RP106: 15/08/2012 12:04:34 - Before uninstalling Malwarebytes Anti-Malware version 1.60.1.1000 . ==== Installed Programs ====================== . 32 Bit HP CIO Components Installer 3Connect 7-Zip 9.20 ACDSee 14 Active@ File Recovery Adobe Acrobat X Pro - English, Français, Deutsch Adobe Flash Player 11 ActiveX Advertising Center Attribute Changer 7.0 AVG 2012 BufferChm C4400 CCleaner Copy Destinations DeviceDiscovery Diskeeper 2011 DocProc Effective File Search 6.8 EVEREST Ultimate Edition v5.50 Family Tree Maker 2012 Google Chrome GPBaseService2 Hard Disk Sentinel PRO HP Customer Participation Program 13.0 HP Imaging Device Functions 13.0 HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 HP Photosmart Essential 3.5 HP Smart Web Printing 4.51 HP Solution Center 13.0 HP Update HPPhotoGadget HPPhotoSmartDiscLabelContent1 HPPhotosmartEssential HPProductAssistant HPSSupply IconDeveloper IconDeveloper Professional IconPackager KeePass Password Safe 2.19 Malwarebytes Anti-Malware version 1.62.0.1300 MarketResearch MAXA Cookie Manager Standard 5.3 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 9 Essentials Nero ControlCenter Nero Installer Nero Online Upgrade Nero StartSmart Nero StartSmart OEM neroxml NVIDIA Display Control Panel NVIDIA Drivers OCR Software by I.R.I.S. 13.0 Paint.NET v3.5.10 Paragon Partition Manager™ 11 SE Personal PC Tools Registry Mechanic 11.0 PS_AIO_03_C4400_Software_Min PVSonyDll Reg Organizer version 5.46 Right Click Enhancer 1.7 RoboForm 7-7-6 (All Users) RoboTask Scan Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Shop for HP Supplies SmartWebPrinting Snagit 11 SolutionCenter Status The Ultimate Troubleshooter Toolbox TrayApp TweakNow PowerPack 2012 UltraISO Premium V9.52 UnloadSupport Unlocker 1.9.1 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VC 9.0 Runtime WebReg WindowBlinds Windows Media Encoder 9 Series WordWeb Pro Your Uninstaller! 7 ZoneAlarm Firewall ZoneAlarm Free ZoneAlarm Security ZoneAlarm Toolbar ZTE_1.2059.0.8 . ==== Event Viewer Messages From Past Week ======== . 15/08/2012 12:10:43, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s). 14/08/2012 17:28:57, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft Software Shadow Copy Provider service to connect. 14/08/2012 17:28:57, Error: Service Control Manager [7000] - The Microsoft Software Shadow Copy Provider service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 14/08/2012 17:26:41, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service swprv with arguments "" in order to run the server: {65EE1DBA-8FF4-4A58-AC1C-3470EE2F376A} 14/08/2012 16:34:30, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Adobe Flash Player Update Service service to connect. 14/08/2012 16:34:30, Error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 14/08/2012 16:32:37, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the WMI Performance Adapter service to connect. 14/08/2012 16:32:37, Error: Service Control Manager [7000] - The WMI Performance Adapter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 14/08/2012 12:41:13, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect. 14/08/2012 12:41:13, Error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 14/08/2012 12:38:28, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. 14/08/2012 12:33:24, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {0B5A2C52-3EB9-470A-96E2-6C6D4570E40F} 14/08/2012 10:46:40, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 14/08/2012 10:46:40, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. 14/08/2012 00:11:34, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000, 0x00000002, 0x00000001, 0x82ac50af). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 081412-21481-01. 13/08/2012 20:40:04, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect. 13/08/2012 20:40:04, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 13/08/2012 20:40:04, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED} 13/08/2012 19:18:27, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. 13/08/2012 14:42:25, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{36b71ec7-db0a-11e1-b456-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{84205C6E-7FA5-4563-BC08-0E30B2CB00C4}' was corrupted and it has been recovered. Some data might have been lost. 11/08/2012 10:26:06, Error: Microsoft-Windows-Application-Experience [205] - The Program Compatibility Assistant service failed to perform the phase two initialization. 10/08/2012 13:57:23, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} 08/08/2012 22:58:39, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2. 08/08/2012 12:06:39, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: The pipe has been ended. . ==== End Of File ===========================

. DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 Run by honeywin at 19:13:00 on 2012-08-15 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.2046.1193 [GMT 1:00] . AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ZoneAlarm Free Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WBVista.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\WordWeb\wweb32.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Windows\PromptService.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files\MAXA Cookie Manager\Cookie.exe C:\Program Files\RoboTask\RoboTask.exe C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe C:\Program Files\KeePass Password Safe 2\KeePass.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.bing.com/?PC=BNSR uSearch Bar = Preserve BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\12.1.0.21\AVG Secure Search_toolbar.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\12.1.0.21\AVG Secure Search_toolbar.dll TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll {e7df6bff-55a5-4eb7-a673-4ed3e9456d39} EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [MSCS] c:\program files\maxa cookie manager\Cookie.exe /autorun uRun: [RoboTask] "c:\program files\robotask\RoboTask.exe" uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe" uRun: [KeePass Password Safe 2] "c:\program files\keepass password safe 2\KeePass.exe" uRun: [Google Update] "c:\users\honeywin\appdata\local\google\update\GoogleUpdate.exe" /c mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe" mRun: [<NO NAME>] mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [WordWeb] "c:\program files\wordweb\wweb32.exe" -startup mRun: [vProt] "c:\program files\avg secure search\vprot.exe" mRun: [PromptService] c:\windows\PromptService.exe mRun: [KeePass 2 PreLoad] "c:\program files\keepass password safe 2\KeePass.exe" --preload mRun: [iSW] mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [ACSW14EN] "c:\program files\acd systems\acdsee\14.0\ACDSeeInTouch2.exe" /pid ACSW14EN mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 10.0\acrobat\Acrotray.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\roboform.dll IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\roboform.dll IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll Trusted Zone: rapidshare.com Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\12.1.5\ViProtocol.dll SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - c:\program files\stardock\object desktop\iconpackager\iprepair.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952] R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [2012-8-3 40560] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248] R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-7-31 27496] R1 WinFPdrv;WinFPdrv;c:\windows\system32\WinFPdrv.sys [2012-8-2 27536] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288] R2 BecHelperService;BecHelperService;c:\program files\3 mobile broadband\3connect\BecHelperService.exe [2012-8-14 1737464] R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2011-11-3 27016] R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2011-11-3 497280] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-8-15 655944] R2 vToolbarUpdater12.1.5;vToolbarUpdater12.1.5;c:\program files\common files\avg secure search\vtoolbarupdater\12.1.5\ToolbarUpdater.exe [2012-7-31 830048] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232] R3 DKRtWrt;DKRtWrt;c:\windows\system32\drivers\DKRtWrt.sys [2012-7-31 38608] R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\drivers\KMWDFILTER.sys [2009-4-29 25088] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-8-15 22344] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-7-4 5160568] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-8-13 250056] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464] S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2012-8-14 9216] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184] S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 25600] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224] S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-7-31 1343400] S4 PCToolsSSDMonitorSvc;PCToolsSSDMonitorSvc;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2012-8-1 793048] . =============== Created Last 30 ================ . 2012-08-15 11:24:05 -------- d-----w- c:\users\honeywin\appdata\roaming\Malwarebytes 2012-08-15 11:23:43 -------- d-----w- c:\programdata\Malwarebytes 2012-08-15 11:23:42 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-15 11:23:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-08-14 13:06:14 -------- d-----w- c:\programdata\NVIDIA Corporation 2012-08-14 13:06:08 -------- d-----w- c:\program files\NVIDIA Corporation 2012-08-14 12:14:09 -------- d-----w- c:\users\honeywin\appdata\roaming\Birdstep Technology 2012-08-14 12:13:53 -------- d-----w- c:\programdata\Birdstep Technology 2012-08-14 12:13:34 105088 ----a-w- c:\windows\system32\drivers\ZTEusbser6k.sys 2012-08-14 12:13:33 9216 ----a-w- c:\windows\system32\drivers\massfilter.sys 2012-08-14 12:13:33 105088 ----a-w- c:\windows\system32\drivers\ZTEusbnmea.sys 2012-08-14 12:13:33 105088 ----a-w- c:\windows\system32\drivers\ZTEusbmdm6k.sys 2012-08-14 12:13:30 -------- d-----w- c:\program files\ZTE_1.2059.0.8 2012-08-14 12:13:26 10240 ----a-w- c:\windows\system32\drivers\mdvrmng.sys 2012-08-14 12:13:25 -------- d-----w- c:\program files\3 Mobile Broadband 2012-08-13 15:29:01 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-09 17:42:32 -------- d-----w- c:\users\honeywin\appdata\roaming\ChemTable Software 2012-08-09 17:42:13 -------- d-----w- c:\program files\Reg Organizer 2012-08-09 17:41:41 -------- d-----w- c:\users\honeywin\appdata\local\ChemTable Software 2012-08-07 18:11:33 -------- d-----w- c:\users\honeywin\appdata\roaming\HpUpdate 2012-08-07 18:11:29 -------- d-----w- c:\windows\Hewlett-Packard 2012-08-04 19:57:16 57904 ----a-w- c:\windows\system32\wbload.dll 2012-08-04 19:57:15 42672 ----a-w- c:\windows\system32\wbsys.dll 2012-08-04 15:42:00 -------- d-----w- c:\program files\RBSoft 2012-08-04 15:42:00 -------- d-----w- c:\program files\common files\RBSoft 2012-08-04 15:39:22 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-04 15:11:08 -------- d-----w- c:\windows\pss 2012-08-04 14:06:14 -------- d-----w- c:\users\honeywin\appdata\local\Google 2012-08-04 14:05:56 -------- d-----w- c:\users\honeywin\appdata\local\Deployment 2012-08-04 14:05:56 -------- d-----w- c:\users\honeywin\appdata\local\Apps 2012-08-03 17:26:27 -------- d-----w- c:\program files\RSDownloader 2.3 2012-08-03 17:03:03 -------- d-----w- c:\users\honeywin\appdata\local\MyDownloader 2012-08-03 16:56:30 -------- d-----w- C:\Downloads 2012-08-03 16:52:53 -------- d-----w- c:\program files\vSoft 2012-08-03 14:45:48 -------- d-----w- c:\programdata\explauncher 2012-08-03 14:45:45 -------- d-----w- c:\programdata\launcher 2012-08-03 14:39:52 40560 ----a-w- c:\windows\system32\drivers\hotcore3.sys 2012-08-03 14:39:32 -------- d-----w- c:\program files\Paragon Software 2012-08-03 14:26:27 326656 ----a-w- c:\windows\system32\temp.00B 2012-08-03 14:26:26 598288 ----a-w- c:\windows\system32\temp.006 2012-08-03 14:26:26 17920 ----a-w- c:\windows\system32\temp.009 2012-08-03 14:26:26 164112 ----a-w- c:\windows\system32\temp.007 2012-08-03 14:26:26 147728 ----a-w- c:\windows\system32\temp.008 2012-08-03 14:26:26 1388544 ----a-w- c:\windows\system32\temp.00A 2012-08-03 13:52:58 -------- d--h--w- c:\windows\PIF 2012-08-03 13:16:09 -------- d-----w- c:\users\honeywin\appdata\roaming\MAXACookie 2012-08-02 22:20:31 -------- d-----w- c:\programdata\RoboTask 2012-08-02 22:13:38 -------- d-----w- c:\users\honeywin\appdata\local\RoboTask 2012-08-02 22:13:37 -------- d-----w- c:\program files\RoboTask 2012-08-02 21:52:08 -------- d-----w- c:\program files\Siber Systems 2012-08-02 18:57:42 -------- d-----w- c:\users\honeywin\appdata\local\CrashDumps 2012-08-02 18:51:57 98304 ----a-w- c:\windows\Secure.dll 2012-08-02 18:51:57 266240 ----a-w- c:\windows\PromptService.exe 2012-08-02 18:51:03 -------- d-----w- c:\program files\Folder Protect 2012-08-02 18:44:44 -------- d-----w- c:\users\honeywin\appdata\local\assembly 2012-08-02 18:43:56 -------- d-----w- c:\users\honeywin\appdata\local\TechSmith 2012-08-02 18:29:30 -------- d-----w- c:\program files\LSoft Technologies 2012-08-02 18:24:31 -------- d-----w- c:\program files\UltraISO 2012-08-02 18:24:31 -------- d-----w- c:\program files\common files\EZB Systems 2012-08-02 18:21:28 -------- d-----w- c:\users\honeywin\appdata\roaming\TweakNow PowerPack 2012 2012-08-02 18:21:28 -------- d-----w- c:\program files\TweakNow PowerPack 2012 2012-08-02 18:15:45 -------- d-----w- c:\users\honeywin\appdata\roaming\KeePass 2012-08-02 18:14:43 -------- d-----w- c:\program files\KeePass Password Safe 2 2012-08-02 15:41:05 -------- d-----w- c:\users\honeywin\appdata\local\Stardock 2012-08-02 15:24:21 -------- d-----w- c:\users\honeywin\appdata\local\Stardock_Corporation 2012-08-02 15:22:14 -------- d--h--w- c:\programdata\{F66F5828-6EF5-4CEE-93A1-CB534D874C67} 2012-08-02 14:18:39 -------- d-----w- c:\programdata\Stardock 2012-08-02 14:18:31 -------- dc-h--w- c:\programdata\{9C3F823B-4738-4CAF-A6B2-69E87FB636C0} 2012-08-02 00:24:28 -------- d-----w- c:\program files\Stardock 2012-08-01 22:18:43 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2 2012-08-01 22:00:31 -------- d-----w- c:\users\honeywin\appdata\local\WindowsUpdate 2012-08-01 21:10:19 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll 2012-08-01 21:10:18 31640 ----a-w- c:\windows\system32\msonpmon.dll 2012-08-01 21:05:36 -------- d-----w- c:\windows\PCHEALTH 2012-08-01 21:03:25 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2012-08-01 21:02:32 -------- d-----w- c:\users\honeywin\appdata\local\Microsoft Help 2012-08-01 19:16:52 -------- d-----w- c:\users\honeywin\appdata\local\IsolatedStorage 2012-08-01 19:15:52 -------- d-----w- c:\users\honeywin\appdata\local\Ancestry.com 2012-08-01 19:14:29 -------- d-----w- c:\program files\Family Tree Maker 2012 2012-08-01 19:14:29 -------- d-----w- c:\program files\BCL Technologies 2012-08-01 19:14:11 -------- d-----w- C:\IExp5.tmp 2012-08-01 19:14:06 -------- d-----w- c:\windows\RegisteredPackages 2012-08-01 19:14:06 -------- d-----w- C:\IExp4.tmp 2012-08-01 19:14:05 -------- d--h--w- c:\windows\msdownld.tmp 2012-08-01 19:13:56 -------- d-----w- c:\program files\Windows Media Components 2012-08-01 18:53:49 -------- d--h--w- c:\programdata\{D2044A97-3875-40E7-8161-DA975C6BA7CF} 2012-08-01 18:53:42 -------- d-----w- c:\users\honeywin\appdata\local\PackageAware 2012-08-01 17:38:14 -------- d-----w- c:\program files\Lavalys 2012-08-01 17:07:38 880640 ----a-w- c:\windows\system32\UniBox10.ocx 2012-08-01 17:07:38 658432 ----a-w- c:\windows\system32\MSCOMCT2.OCX 2012-08-01 17:07:38 512472 ----a-w- c:\windows\system32\msxml.dll 2012-08-01 17:07:38 37336 ----a-w- c:\windows\system32\CleanMFT32.exe 2012-08-01 17:07:38 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx 2012-08-01 17:07:38 1101824 ----a-w- c:\windows\system32\UniBox210.ocx 2012-08-01 17:07:33 -------- d-----w- c:\program files\PC Tools 2012-08-01 17:07:33 -------- d-----w- c:\program files\common files\PC Tools 2012-08-01 17:06:11 -------- d-----w- c:\programdata\PC Tools 2012-08-01 17:06:09 -------- d-----w- c:\users\honeywin\appdata\roaming\Product_RM 2012-08-01 16:57:18 -------- d-----w- c:\users\honeywin\appdata\roaming\Hard Disk Sentinel 2012-08-01 16:56:10 -------- d-----w- c:\program files\Hard Disk Sentinel 2012-08-01 15:08:08 155984 ------w- c:\windows\system32\comdlg32.OCX 2012-08-01 15:08:08 127808 ----a-w- c:\windows\system32\Mswinsck.OCX 2012-08-01 15:08:08 -------- d-----w- c:\program files\MAXA Cookie Manager 2012-07-31 22:05:23 -------- d-----w- c:\users\honeywin\appdata\roaming\ACD Systems 2012-07-31 22:05:23 -------- d-----w- c:\users\honeywin\appdata\local\ACD Systems 2012-07-31 22:04:22 -------- d-----w- c:\programdata\ACD Systems 2012-07-31 22:04:17 -------- d-----w- c:\program files\common files\ACD Systems 2012-07-31 22:04:17 -------- d-----w- c:\program files\ACD Systems 2012-07-31 22:03:30 -------- d-----w- c:\users\honeywin\appdata\local\Downloaded Installations 2012-07-31 22:02:02 -------- d-----w- c:\program files\Unlocker 2012-07-31 22:00:31 -------- d-----w- c:\program files\Attribute Changer 2012-07-31 21:55:42 -------- d-----w- c:\program files\efs 2012-07-31 21:20:22 -------- d-----w- c:\windows\Panther 2012-07-31 20:54:57 -------- d-----w- c:\program files\Paint.NET 2012-07-31 20:47:41 -------- d-----w- c:\users\honeywin\appdata\local\Paint.NET 2012-07-31 20:43:07 -------- d-----w- c:\users\honeywin\appdata\roaming\WordWeb 2012-07-31 20:42:21 2611976 ------w- c:\windows\system32\wweb32.dll 2012-07-31 20:42:19 -------- d-----w- c:\program files\WordWeb 2012-07-31 20:39:09 -------- d-----w- c:\program files\DAMN NFO Viewer 2012-07-31 20:35:31 -------- d-----w- c:\program files\Nero 2012-07-31 20:35:18 -------- d-----w- c:\programdata\Nero 2012-07-31 20:26:18 -------- d-----w- c:\users\honeywin\appdata\roaming\URSoft 2012-07-31 20:26:13 -------- d-----w- c:\program files\Your Uninstaller! 7 2012-07-31 20:19:53 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2012-07-31 20:17:49 -------- d-----w- c:\users\honeywin\appdata\local\Adobe 2012-07-31 19:52:57 31232 ----a-w- c:\windows\system32\prevhost.exe 2012-07-31 19:51:12 870912 ----a-w- c:\windows\system32\XpsPrint.dll 2012-07-31 19:31:01 -------- d-----w- c:\program files\MSXML 4.0 2012-07-31 19:24:34 -------- d-----w- c:\windows\system32\Wat 2012-07-31 18:54:06 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-07-31 18:52:45 1328128 ----a-w- c:\windows\system32\quartz.dll 2012-07-31 18:13:28 5120 ----a-w- c:\windows\system32\wmi.dll 2012-07-31 18:13:28 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-07-31 18:13:28 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-07-31 18:13:28 159232 ----a-w- c:\windows\system32\imagehlp.dll 2012-07-31 18:13:21 293376 ----a-w- c:\windows\system32\browserchoice.exe 2012-07-31 18:11:55 2048 ----a-w- c:\windows\system32\tzres.dll 2012-07-31 18:08:07 94208 ----a-w- c:\program files\common files\system\ole db\msdaosp.dll 2012-07-31 18:08:07 86016 ----a-w- c:\windows\system32\odbccu32.dll 2012-07-31 18:08:07 81920 ----a-w- c:\windows\system32\odbccr32.dll 2012-07-31 18:08:07 319488 ----a-w- c:\windows\system32\odbcjt32.dll 2012-07-31 18:08:07 122880 ----a-w- c:\windows\system32\odbccp32.dll 2012-07-31 18:08:06 163840 ----a-w- c:\windows\system32\odbctrac.dll 2012-07-31 18:07:54 690688 ----a-w- c:\windows\system32\msvcrt.dll 2012-07-31 18:00:23 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-07-31 18:00:10 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-07-31 18:00:02 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-07-31 18:00:02 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-07-31 16:51:18 -------- d-----w- c:\programdata\WEBREG 2012-07-31 16:47:04 -------- d-----w- c:\program files\common files\HP 2012-07-31 16:46:55 -------- d-----w- c:\program files\common files\Hewlett-Packard 2012-07-31 16:46:01 -------- d-----w- c:\program files\HP 2012-07-31 16:43:37 452408 ----a-w- c:\windows\system32\hpzids01.dll 2012-07-31 16:43:36 970752 ----a-w- c:\windows\system32\hpotiop6.dll 2012-07-31 16:43:36 729088 ----a-w- c:\windows\system32\hpowiax8.dll 2012-07-31 16:43:36 372736 ----a-w- c:\windows\system32\hppldcoi.dll 2012-07-31 16:43:36 303104 ----a-w- c:\windows\system32\hpovst14.dll 2012-07-31 16:28:32 38608 ----a-w- c:\windows\system32\drivers\DKRtWrt.sys 2012-07-31 16:28:29 -------- d-----w- c:\programdata\Diskeeper Corporation 2012-07-31 16:28:29 -------- d-----w- c:\program files\common files\Diskeeper Corporation 2012-07-31 16:28:28 -------- d-----w- c:\program files\Windows Home Server 2012-07-31 16:28:28 -------- d-----w- c:\program files\Diskeeper Corporation 2012-07-31 16:15:42 -------- d-----w- c:\program files\CCleaner 2012-07-31 15:46:18 -------- d-----w- c:\users\honeywin\appdata\roaming\CheckPoint 2012-07-31 15:46:07 -------- d-----w- c:\programdata\CheckPoint 2012-07-31 15:41:37 -------- d-----w- c:\program files\CheckPoint 2012-07-31 14:58:17 -------- d-----w- c:\users\honeywin\appdata\roaming\AVG2012 2012-07-31 14:57:19 -------- d-----w- c:\users\honeywin\appdata\local\AVG Secure Search 2012-07-31 14:57:13 -------- d-----w- c:\programdata\AVG Secure Search 2012-07-31 14:57:01 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2012-07-31 14:56:59 -------- d-----w- c:\program files\common files\AVG Secure Search 2012-07-31 14:56:59 -------- d-----w- c:\program files\AVG Secure Search 2012-07-31 14:55:04 -------- d-----w- c:\windows\system32\drivers\AVG 2012-07-31 14:55:04 -------- d-----w- c:\programdata\AVG2012 2012-07-31 14:54:39 -------- d-----w- c:\program files\AVG 2012-07-31 14:35:05 -------- d--h--w- c:\programdata\Common Files 2012-07-31 14:34:40 -------- d-----w- c:\programdata\MFAData 2012-07-31 14:05:44 6891424 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{7b009bb0-d01b-465b-9a12-59d67b1cf222}\mpengine.dll 2012-07-31 14:05:44 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-07-31 13:39:08 749568 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iKernel.dll 2012-07-31 13:39:08 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\ctor.dll 2012-07-31 13:39:08 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\DotNetInstaller.exe 2012-07-31 13:39:08 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll 2012-07-31 13:39:08 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iscript.dll 2012-07-31 13:39:08 180224 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iuser.dll 2012-07-31 13:39:07 192644 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iGdi.dll 2012-07-31 13:39:06 323716 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\setup.dll 2012-07-31 12:56:56 -------- d-sh--w- c:\windows\Installer 2012-07-31 12:24:48 280064 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpzppw71.dll . ==================== Find3M ==================== . 2012-06-06 05:05:52 1390080 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- c:\windows\system32\cdosys.dll 2012-06-02 04:45:04 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 04:45:03 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 04:40:59 369336 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 04:40:39 225280 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- c:\windows\system32\ncrypt.dll . ============= FINISH: 19:14:12.37 ===============

when do you want me to run the DDS please? just before a scheduled scan?

i.e. there's nothing to take a screen shot of!

UNFORTUNATELY NOTHING IS GOING ON! I am sitting looking at my desktop with no apps running [except background tasks] and when the clock changes to the scan begin time, nothing happens at all; i.e. no warning, no messages, no errors, no pop ups, no apps, no utilities, nothing at all?

STILL NO SCHEDULED SCAN?

scheduled scan not working? [pro] how to fix? many thanks!