[pandora's box unleashed!]

Yes, Malwarebytes Anti-Malware has an excellent scanning engine and it should indeed detect the nastiness that a dropper/Trojan etc. installs on your system such as the startup entries in the registry, the files it installs, any drivers the malware installs etc.

In fact, our Researchers install live malware as part of their analysis in order to see how and where malware installs itself. They take that knowledge and enhance our Quick Scan with it (which is the default scan type) so that Malwarebytes Anti-Malware focuses on the locations where the infections are known to install and hide, thus making the Quick Scan incredibly efficient.

thank you for your information!

[pandora's box unleashed!]

Your AV would be the first line of defense to detect the file; MBAM would detect it on execution only if it gets past your AV.

If that doesn't answer your question, then we'll need to wait for someone more expert to explain it further.

Thanks!

daledoc1

PS If you are using keygens, cracks or other illegal/pirated software, then it's likely only a matter of time before you are infected, as no security program can possibly provide 100% protection against today's ever evolving threats, not even MBAM.

What I meant to say is:

I mean if you open, run, use and execute an infected program unwittingly for example, will that program install something malicious and will malwarebytes and AVAST get rid of it?

many thanks!

[pandora's box unleashed!]

Hi, the_doc735:

Does this answer your question?

HTH,

daledoc1

I mean if you open, run and, use an infected keygen for example, will it install something malicious and will malwarebytes and AVAST get rid of it?

many thanks!

[pandora's box unleashed!]

does malwarebytes detect ONLY packaged / downloaded malware OR does it detect what has been unleashed once it has been activated [double clicked/run etc.]?

[scheduled scan not working?]

I could send the logs to a seperate email address if your server is faulty?

[scheduled scan not working?]

The server returned an error during upload?

[scheduled scan not working?]

the update has just changed to 16.08.12 - 17.04.00 hrs [time now 20.54.00 hrs]?

I did set the update scheduler to check at 00.50hrs at a 4 hour interval [i.e. inc. 08.50 & 20.50 hrs] - so that's just 4 minutes past the time I set!

[scheduled scan not working?]

I know how to 'zip' but don't know how to attach in this forum?

[scheduled scan not working?]

the update has just changed to 16.08.12 - 17.04.00 hrs [time now 20.54.00 hrs]? this update and the scans I mentioned were automatic on a schedule - NOT MANUAL.

YOU SAY THERE IS NO MANUAL UPDATE? - on the update tab you can press a button to 'check for updates' [manually]!

[scheduled scan not working?]

'update' - nothing changed since yesterdays manual update at 18:07:30 hrs? - maybe there was non available at that time?

'scan' - did run at 17.20 hrs !!

now lets see if it runs at 1.10hrs - the time I actually want it to trigger?

[scheduled scan not working?]

I've set the 'scan' for 17.20 hrs - let's see?

[scheduled scan not working?]

'update' - nothing changed since yesterdays manual update at 18:07:30 hrs? - maybe there was non available at that time?

'scan' - did run at 13.20 hrs !!

[scheduled scan not working?]

OK - I've scheduled the update for 13.00 hrs and the scan for 13.20 hrs. not altered anything else.

cheers!

let's see?

[scheduled scan not working?]

off to bed!

[scheduled scan not working?]

there are now 2 logs, created a few minutes ago.

I was sat here waiting for windows update to finish and at 00.33.43 hrs [uK] a scan started? I SCHEDULED the scan for 23.45.00 hrs but nothing happened at that time? But just a few minutes ago the scan window popped up all on its own without being scheduled for that time? What is going on? iS IT JUST SCANNING RANDOMLY whenever it feels like it?

[scheduled scan not working?]

in the task manager should I be looking in the applications, processes or services for signs of activity?

After entering your lines it did look like your screen shot [above] and I simply changed the time to a few minutes ahead and when it reached the run time it looked as though nothing was happening and no log created? I even unchecked the run silently and looked at the scan page itself but there were no signs of any activity? It worked the first night I installed it and went to the scan window to visibly observe what was going on and I could actually see the progress etc! Now there is nothing [visible]?

[scheduled scan not working?]

OK - 'CHECK RESULTS' file sent to you in a private message. [advanced setup]

[scheduled scan not working?]

http://downloads.malwarebytes.org/file/mbam_check

this app won't open or run even as administrator?

virus/firewall turned.

cheers!

[scheduled scan not working?]

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 31/07/2012 13:39:08

System Uptime: 15/08/2012 19:09:45 (0 hours ago)

.

Motherboard: Gigabyte Technology Co., Ltd. | | P31-DS3L

Processor: Intel® Pentium® D CPU 3.40GHz | Socket 775 | 3400/200mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 99 GiB total, 71.996 GiB free.

D: is FIXED (NTFS) - 99 GiB total, 94.271 GiB free.

E: is FIXED (NTFS) - 99 GiB total, 97.633 GiB free.

F: is CDROM ()

G: is CDROM ()

H: is Removable

I: is CDROM (CDFS)

J: is Removable

K: is CDROM (CDFS)

L: is Removable

M: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP92: 14/08/2012 01:01:56 - Created by PC Tools Registry Mechanic

RP93: 14/08/2012 10:44:21 - Removed 3Connect

RP94: 14/08/2012 12:15:58 - Installed 3Connect

RP96: 14/08/2012 12:26:14 - Before uninstalling 3Connect

RP98: 14/08/2012 12:41:49 - Before uninstalling ZTE_1.2059.0.8

RP99: 14/08/2012 13:13:04 - Installed 3Connect

RP100: 14/08/2012 14:05:21 - Windows Update

RP102: 15/08/2012 01:02:03 - Created by PC Tools Registry Mechanic

RP104: 15/08/2012 11:23:40 - Before uninstalling Malwarebytes Anti-Malware version 1.62.0.1300

RP106: 15/08/2012 12:04:34 - Before uninstalling Malwarebytes Anti-Malware version 1.60.1.1000

.

==== Installed Programs ======================

.

32 Bit HP CIO Components Installer

3Connect

7-Zip 9.20

ACDSee 14

Active@ File Recovery

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe Flash Player 11 ActiveX

Advertising Center

Attribute Changer 7.0

AVG 2012

BufferChm

C4400

CCleaner

Copy

Destinations

DeviceDiscovery

Diskeeper 2011

DocProc

Effective File Search 6.8

EVEREST Ultimate Edition v5.50

Family Tree Maker 2012

Google Chrome

GPBaseService2

Hard Disk Sentinel PRO

HP Customer Participation Program 13.0

HP Imaging Device Functions 13.0

HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3

HP Photosmart Essential 3.5

HP Smart Web Printing 4.51

HP Solution Center 13.0

HP Update

HPPhotoGadget

HPPhotoSmartDiscLabelContent1

HPPhotosmartEssential

HPProductAssistant

HPSSupply

IconDeveloper

IconDeveloper Professional

IconPackager

KeePass Password Safe 2.19

Malwarebytes Anti-Malware version 1.62.0.1300

MarketResearch

MAXA Cookie Manager Standard 5.3

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 9 Essentials

Nero ControlCenter

Nero Installer

Nero Online Upgrade

Nero StartSmart

Nero StartSmart OEM

neroxml

NVIDIA Display Control Panel

NVIDIA Drivers

OCR Software by I.R.I.S. 13.0

Paint.NET v3.5.10

Paragon Partition Manager™ 11 SE Personal

PC Tools Registry Mechanic 11.0

PS_AIO_03_C4400_Software_Min

PVSonyDll

Reg Organizer version 5.46

Right Click Enhancer 1.7

RoboForm 7-7-6 (All Users)

RoboTask

Scan

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Shop for HP Supplies

SmartWebPrinting

Snagit 11

SolutionCenter

Status

The Ultimate Troubleshooter

Toolbox

TrayApp

TweakNow PowerPack 2012

UltraISO Premium V9.52

UnloadSupport

Unlocker 1.9.1

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VC 9.0 Runtime

WebReg

WindowBlinds

Windows Media Encoder 9 Series

WordWeb Pro

Your Uninstaller! 7

ZoneAlarm Firewall

ZoneAlarm Free

ZoneAlarm Security

ZoneAlarm Toolbar

ZTE_1.2059.0.8

.

==== Event Viewer Messages From Past Week ========

.

15/08/2012 12:10:43, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).

14/08/2012 17:28:57, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft Software Shadow Copy Provider service to connect.

14/08/2012 17:28:57, Error: Service Control Manager [7000] - The Microsoft Software Shadow Copy Provider service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

14/08/2012 17:26:41, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service swprv with arguments "" in order to run the server: {65EE1DBA-8FF4-4A58-AC1C-3470EE2F376A}

14/08/2012 16:34:30, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Adobe Flash Player Update Service service to connect.

14/08/2012 16:34:30, Error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

14/08/2012 16:32:37, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the WMI Performance Adapter service to connect.

14/08/2012 16:32:37, Error: Service Control Manager [7000] - The WMI Performance Adapter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

14/08/2012 12:41:13, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.

14/08/2012 12:41:13, Error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

14/08/2012 12:38:28, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

14/08/2012 12:33:24, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {0B5A2C52-3EB9-470A-96E2-6C6D4570E40F}

14/08/2012 10:46:40, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

14/08/2012 10:46:40, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.

14/08/2012 00:11:34, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000, 0x00000002, 0x00000001, 0x82ac50af). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 081412-21481-01.

13/08/2012 20:40:04, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.

13/08/2012 20:40:04, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

13/08/2012 20:40:04, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

13/08/2012 19:18:27, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.

13/08/2012 14:42:25, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{36b71ec7-db0a-11e1-b456-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{84205C6E-7FA5-4563-BC08-0E30B2CB00C4}' was corrupted and it has been recovered. Some data might have been lost.

11/08/2012 10:26:06, Error: Microsoft-Windows-Application-Experience [205] - The Program Compatibility Assistant service failed to perform the phase two initialization.

10/08/2012 13:57:23, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

08/08/2012 22:58:39, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.

08/08/2012 12:06:39, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: The pipe has been ended.

.

==== End Of File ===========================

[scheduled scan not working?]

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421

Run by honeywin at 19:13:00 on 2012-08-15

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.2046.1193 [GMT 1:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: ZoneAlarm Free Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe

C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WBVista.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\WordWeb\wweb32.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\Windows\PromptService.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe

C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Program Files\MAXA Cookie Manager\Cookie.exe

C:\Program Files\RoboTask\RoboTask.exe

C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe

C:\Program Files\KeePass Password Safe 2\KeePass.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.bing.com/?PC=BNSR

uSearch Bar = Preserve

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll

BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll

BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\12.1.0.21\AVG Secure Search_toolbar.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\12.1.0.21\AVG Secure Search_toolbar.dll

TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [MSCS] c:\program files\maxa cookie manager\Cookie.exe /autorun

uRun: [RoboTask] "c:\program files\robotask\RoboTask.exe"

uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"

uRun: [KeePass Password Safe 2] "c:\program files\keepass password safe 2\KeePass.exe"

uRun: [Google Update] "c:\users\honeywin\appdata\local\google\update\GoogleUpdate.exe" /c

mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"

mRun: [<NO NAME>]

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [WordWeb] "c:\program files\wordweb\wweb32.exe" -startup

mRun: [vProt] "c:\program files\avg secure search\vprot.exe"

mRun: [PromptService] c:\windows\PromptService.exe

mRun: [KeePass 2 PreLoad] "c:\program files\keepass password safe 2\KeePass.exe" --preload

mRun: [iSW]

mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe

mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [ACSW14EN] "c:\program files\acd systems\acdsee\14.0\ACDSeeInTouch2.exe" /pid ACSW14EN

mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 10.0\acrobat\Acrotray.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\roboform.dll

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\roboform.dll

IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll

IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

Trusted Zone: rapidshare.com

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\12.1.5\ViProtocol.dll

SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - c:\program files\stardock\object desktop\iconpackager\iprepair.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]

R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [2012-8-3 40560]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]

R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-7-31 27496]

R1 WinFPdrv;WinFPdrv;c:\windows\system32\WinFPdrv.sys [2012-8-2 27536]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]

R2 BecHelperService;BecHelperService;c:\program files\3 mobile broadband\3connect\BecHelperService.exe [2012-8-14 1737464]

R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2011-11-3 27016]

R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2011-11-3 497280]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-8-15 655944]

R2 vToolbarUpdater12.1.5;vToolbarUpdater12.1.5;c:\program files\common files\avg secure search\vtoolbarupdater\12.1.5\ToolbarUpdater.exe [2012-7-31 830048]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]

R3 DKRtWrt;DKRtWrt;c:\windows\system32\drivers\DKRtWrt.sys [2012-7-31 38608]

R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\drivers\KMWDFILTER.sys [2009-4-29 25088]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-8-15 22344]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-7-4 5160568]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-8-13 250056]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]

S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2012-8-14 9216]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]

S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184]

S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 25600]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]

S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]

S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-7-31 1343400]

S4 PCToolsSSDMonitorSvc;PCToolsSSDMonitorSvc;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2012-8-1 793048]

.

=============== Created Last 30 ================

.

2012-08-15 11:24:05 -------- d-----w- c:\users\honeywin\appdata\roaming\Malwarebytes

2012-08-15 11:23:43 -------- d-----w- c:\programdata\Malwarebytes

2012-08-15 11:23:42 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-15 11:23:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-08-14 13:06:14 -------- d-----w- c:\programdata\NVIDIA Corporation

2012-08-14 13:06:08 -------- d-----w- c:\program files\NVIDIA Corporation

2012-08-14 12:14:09 -------- d-----w- c:\users\honeywin\appdata\roaming\Birdstep Technology

2012-08-14 12:13:53 -------- d-----w- c:\programdata\Birdstep Technology

2012-08-14 12:13:34 105088 ----a-w- c:\windows\system32\drivers\ZTEusbser6k.sys

2012-08-14 12:13:33 9216 ----a-w- c:\windows\system32\drivers\massfilter.sys

2012-08-14 12:13:33 105088 ----a-w- c:\windows\system32\drivers\ZTEusbnmea.sys

2012-08-14 12:13:33 105088 ----a-w- c:\windows\system32\drivers\ZTEusbmdm6k.sys

2012-08-14 12:13:30 -------- d-----w- c:\program files\ZTE_1.2059.0.8

2012-08-14 12:13:26 10240 ----a-w- c:\windows\system32\drivers\mdvrmng.sys

2012-08-14 12:13:25 -------- d-----w- c:\program files\3 Mobile Broadband

2012-08-13 15:29:01 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-08-09 17:42:32 -------- d-----w- c:\users\honeywin\appdata\roaming\ChemTable Software

2012-08-09 17:42:13 -------- d-----w- c:\program files\Reg Organizer

2012-08-09 17:41:41 -------- d-----w- c:\users\honeywin\appdata\local\ChemTable Software

2012-08-07 18:11:33 -------- d-----w- c:\users\honeywin\appdata\roaming\HpUpdate

2012-08-07 18:11:29 -------- d-----w- c:\windows\Hewlett-Packard

2012-08-04 19:57:16 57904 ----a-w- c:\windows\system32\wbload.dll

2012-08-04 19:57:15 42672 ----a-w- c:\windows\system32\wbsys.dll

2012-08-04 15:42:00 -------- d-----w- c:\program files\RBSoft

2012-08-04 15:42:00 -------- d-----w- c:\program files\common files\RBSoft

2012-08-04 15:39:22 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-08-04 15:11:08 -------- d-----w- c:\windows\pss

2012-08-04 14:06:14 -------- d-----w- c:\users\honeywin\appdata\local\Google

2012-08-04 14:05:56 -------- d-----w- c:\users\honeywin\appdata\local\Deployment

2012-08-04 14:05:56 -------- d-----w- c:\users\honeywin\appdata\local\Apps

2012-08-03 17:26:27 -------- d-----w- c:\program files\RSDownloader 2.3

2012-08-03 17:03:03 -------- d-----w- c:\users\honeywin\appdata\local\MyDownloader

2012-08-03 16:56:30 -------- d-----w- C:\Downloads

2012-08-03 16:52:53 -------- d-----w- c:\program files\vSoft

2012-08-03 14:45:48 -------- d-----w- c:\programdata\explauncher

2012-08-03 14:45:45 -------- d-----w- c:\programdata\launcher

2012-08-03 14:39:52 40560 ----a-w- c:\windows\system32\drivers\hotcore3.sys

2012-08-03 14:39:32 -------- d-----w- c:\program files\Paragon Software

2012-08-03 14:26:27 326656 ----a-w- c:\windows\system32\temp.00B

2012-08-03 14:26:26 598288 ----a-w- c:\windows\system32\temp.006

2012-08-03 14:26:26 17920 ----a-w- c:\windows\system32\temp.009

2012-08-03 14:26:26 164112 ----a-w- c:\windows\system32\temp.007

2012-08-03 14:26:26 147728 ----a-w- c:\windows\system32\temp.008

2012-08-03 14:26:26 1388544 ----a-w- c:\windows\system32\temp.00A

2012-08-03 13:52:58 -------- d--h--w- c:\windows\PIF

2012-08-03 13:16:09 -------- d-----w- c:\users\honeywin\appdata\roaming\MAXACookie

2012-08-02 22:20:31 -------- d-----w- c:\programdata\RoboTask

2012-08-02 22:13:38 -------- d-----w- c:\users\honeywin\appdata\local\RoboTask

2012-08-02 22:13:37 -------- d-----w- c:\program files\RoboTask

2012-08-02 21:52:08 -------- d-----w- c:\program files\Siber Systems

2012-08-02 18:57:42 -------- d-----w- c:\users\honeywin\appdata\local\CrashDumps

2012-08-02 18:51:57 98304 ----a-w- c:\windows\Secure.dll

2012-08-02 18:51:57 266240 ----a-w- c:\windows\PromptService.exe

2012-08-02 18:51:03 -------- d-----w- c:\program files\Folder Protect

2012-08-02 18:44:44 -------- d-----w- c:\users\honeywin\appdata\local\assembly

2012-08-02 18:43:56 -------- d-----w- c:\users\honeywin\appdata\local\TechSmith

2012-08-02 18:29:30 -------- d-----w- c:\program files\LSoft Technologies

2012-08-02 18:24:31 -------- d-----w- c:\program files\UltraISO

2012-08-02 18:24:31 -------- d-----w- c:\program files\common files\EZB Systems

2012-08-02 18:21:28 -------- d-----w- c:\users\honeywin\appdata\roaming\TweakNow PowerPack 2012

2012-08-02 18:21:28 -------- d-----w- c:\program files\TweakNow PowerPack 2012

2012-08-02 18:15:45 -------- d-----w- c:\users\honeywin\appdata\roaming\KeePass

2012-08-02 18:14:43 -------- d-----w- c:\program files\KeePass Password Safe 2

2012-08-02 15:41:05 -------- d-----w- c:\users\honeywin\appdata\local\Stardock

2012-08-02 15:24:21 -------- d-----w- c:\users\honeywin\appdata\local\Stardock_Corporation

2012-08-02 15:22:14 -------- d--h--w- c:\programdata\{F66F5828-6EF5-4CEE-93A1-CB534D874C67}

2012-08-02 14:18:39 -------- d-----w- c:\programdata\Stardock

2012-08-02 14:18:31 -------- dc-h--w- c:\programdata\{9C3F823B-4738-4CAF-A6B2-69E87FB636C0}

2012-08-02 00:24:28 -------- d-----w- c:\program files\Stardock

2012-08-01 22:18:43 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2

2012-08-01 22:00:31 -------- d-----w- c:\users\honeywin\appdata\local\WindowsUpdate

2012-08-01 21:10:19 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll

2012-08-01 21:10:18 31640 ----a-w- c:\windows\system32\msonpmon.dll

2012-08-01 21:05:36 -------- d-----w- c:\windows\PCHEALTH

2012-08-01 21:03:25 -------- d-----w- c:\program files\Microsoft Visual Studio 8

2012-08-01 21:02:32 -------- d-----w- c:\users\honeywin\appdata\local\Microsoft Help

2012-08-01 19:16:52 -------- d-----w- c:\users\honeywin\appdata\local\IsolatedStorage

2012-08-01 19:15:52 -------- d-----w- c:\users\honeywin\appdata\local\Ancestry.com

2012-08-01 19:14:29 -------- d-----w- c:\program files\Family Tree Maker 2012

2012-08-01 19:14:29 -------- d-----w- c:\program files\BCL Technologies

2012-08-01 19:14:11 -------- d-----w- C:\IExp5.tmp

2012-08-01 19:14:06 -------- d-----w- c:\windows\RegisteredPackages

2012-08-01 19:14:06 -------- d-----w- C:\IExp4.tmp

2012-08-01 19:14:05 -------- d--h--w- c:\windows\msdownld.tmp

2012-08-01 19:13:56 -------- d-----w- c:\program files\Windows Media Components

2012-08-01 18:53:49 -------- d--h--w- c:\programdata\{D2044A97-3875-40E7-8161-DA975C6BA7CF}

2012-08-01 18:53:42 -------- d-----w- c:\users\honeywin\appdata\local\PackageAware

2012-08-01 17:38:14 -------- d-----w- c:\program files\Lavalys

2012-08-01 17:07:38 880640 ----a-w- c:\windows\system32\UniBox10.ocx

2012-08-01 17:07:38 658432 ----a-w- c:\windows\system32\MSCOMCT2.OCX

2012-08-01 17:07:38 512472 ----a-w- c:\windows\system32\msxml.dll

2012-08-01 17:07:38 37336 ----a-w- c:\windows\system32\CleanMFT32.exe

2012-08-01 17:07:38 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx

2012-08-01 17:07:38 1101824 ----a-w- c:\windows\system32\UniBox210.ocx

2012-08-01 17:07:33 -------- d-----w- c:\program files\PC Tools

2012-08-01 17:07:33 -------- d-----w- c:\program files\common files\PC Tools

2012-08-01 17:06:11 -------- d-----w- c:\programdata\PC Tools

2012-08-01 17:06:09 -------- d-----w- c:\users\honeywin\appdata\roaming\Product_RM

2012-08-01 16:57:18 -------- d-----w- c:\users\honeywin\appdata\roaming\Hard Disk Sentinel

2012-08-01 16:56:10 -------- d-----w- c:\program files\Hard Disk Sentinel

2012-08-01 15:08:08 155984 ------w- c:\windows\system32\comdlg32.OCX

2012-08-01 15:08:08 127808 ----a-w- c:\windows\system32\Mswinsck.OCX

2012-08-01 15:08:08 -------- d-----w- c:\program files\MAXA Cookie Manager

2012-07-31 22:05:23 -------- d-----w- c:\users\honeywin\appdata\roaming\ACD Systems

2012-07-31 22:05:23 -------- d-----w- c:\users\honeywin\appdata\local\ACD Systems

2012-07-31 22:04:22 -------- d-----w- c:\programdata\ACD Systems

2012-07-31 22:04:17 -------- d-----w- c:\program files\common files\ACD Systems

2012-07-31 22:04:17 -------- d-----w- c:\program files\ACD Systems

2012-07-31 22:03:30 -------- d-----w- c:\users\honeywin\appdata\local\Downloaded Installations

2012-07-31 22:02:02 -------- d-----w- c:\program files\Unlocker

2012-07-31 22:00:31 -------- d-----w- c:\program files\Attribute Changer

2012-07-31 21:55:42 -------- d-----w- c:\program files\efs

2012-07-31 21:20:22 -------- d-----w- c:\windows\Panther

2012-07-31 20:54:57 -------- d-----w- c:\program files\Paint.NET

2012-07-31 20:47:41 -------- d-----w- c:\users\honeywin\appdata\local\Paint.NET

2012-07-31 20:43:07 -------- d-----w- c:\users\honeywin\appdata\roaming\WordWeb

2012-07-31 20:42:21 2611976 ------w- c:\windows\system32\wweb32.dll

2012-07-31 20:42:19 -------- d-----w- c:\program files\WordWeb

2012-07-31 20:39:09 -------- d-----w- c:\program files\DAMN NFO Viewer

2012-07-31 20:35:31 -------- d-----w- c:\program files\Nero

2012-07-31 20:35:18 -------- d-----w- c:\programdata\Nero

2012-07-31 20:26:18 -------- d-----w- c:\users\honeywin\appdata\roaming\URSoft

2012-07-31 20:26:13 -------- d-----w- c:\program files\Your Uninstaller! 7

2012-07-31 20:19:53 -------- d-----w- c:\programdata\regid.1986-12.com.adobe

2012-07-31 20:17:49 -------- d-----w- c:\users\honeywin\appdata\local\Adobe

2012-07-31 19:52:57 31232 ----a-w- c:\windows\system32\prevhost.exe

2012-07-31 19:51:12 870912 ----a-w- c:\windows\system32\XpsPrint.dll

2012-07-31 19:31:01 -------- d-----w- c:\program files\MSXML 4.0

2012-07-31 19:24:34 -------- d-----w- c:\windows\system32\Wat

2012-07-31 18:54:06 2345984 ----a-w- c:\windows\system32\win32k.sys

2012-07-31 18:52:45 1328128 ----a-w- c:\windows\system32\quartz.dll

2012-07-31 18:13:28 5120 ----a-w- c:\windows\system32\wmi.dll

2012-07-31 18:13:28 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-07-31 18:13:28 172544 ----a-w- c:\windows\system32\wintrust.dll

2012-07-31 18:13:28 159232 ----a-w- c:\windows\system32\imagehlp.dll

2012-07-31 18:13:21 293376 ----a-w- c:\windows\system32\browserchoice.exe

2012-07-31 18:11:55 2048 ----a-w- c:\windows\system32\tzres.dll

2012-07-31 18:08:07 94208 ----a-w- c:\program files\common files\system\ole db\msdaosp.dll

2012-07-31 18:08:07 86016 ----a-w- c:\windows\system32\odbccu32.dll

2012-07-31 18:08:07 81920 ----a-w- c:\windows\system32\odbccr32.dll

2012-07-31 18:08:07 319488 ----a-w- c:\windows\system32\odbcjt32.dll

2012-07-31 18:08:07 122880 ----a-w- c:\windows\system32\odbccp32.dll

2012-07-31 18:08:06 163840 ----a-w- c:\windows\system32\odbctrac.dll

2012-07-31 18:07:54 690688 ----a-w- c:\windows\system32\msvcrt.dll

2012-07-31 18:00:23 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-07-31 18:00:10 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-07-31 18:00:02 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-07-31 18:00:02 171904 ----a-w- c:\windows\system32\wuwebv.dll

2012-07-31 16:51:18 -------- d-----w- c:\programdata\WEBREG

2012-07-31 16:47:04 -------- d-----w- c:\program files\common files\HP

2012-07-31 16:46:55 -------- d-----w- c:\program files\common files\Hewlett-Packard

2012-07-31 16:46:01 -------- d-----w- c:\program files\HP

2012-07-31 16:43:37 452408 ----a-w- c:\windows\system32\hpzids01.dll

2012-07-31 16:43:36 970752 ----a-w- c:\windows\system32\hpotiop6.dll

2012-07-31 16:43:36 729088 ----a-w- c:\windows\system32\hpowiax8.dll

2012-07-31 16:43:36 372736 ----a-w- c:\windows\system32\hppldcoi.dll

2012-07-31 16:43:36 303104 ----a-w- c:\windows\system32\hpovst14.dll

2012-07-31 16:28:32 38608 ----a-w- c:\windows\system32\drivers\DKRtWrt.sys

2012-07-31 16:28:29 -------- d-----w- c:\programdata\Diskeeper Corporation

2012-07-31 16:28:29 -------- d-----w- c:\program files\common files\Diskeeper Corporation

2012-07-31 16:28:28 -------- d-----w- c:\program files\Windows Home Server

2012-07-31 16:28:28 -------- d-----w- c:\program files\Diskeeper Corporation

2012-07-31 16:15:42 -------- d-----w- c:\program files\CCleaner

2012-07-31 15:46:18 -------- d-----w- c:\users\honeywin\appdata\roaming\CheckPoint

2012-07-31 15:46:07 -------- d-----w- c:\programdata\CheckPoint

2012-07-31 15:41:37 -------- d-----w- c:\program files\CheckPoint

2012-07-31 14:58:17 -------- d-----w- c:\users\honeywin\appdata\roaming\AVG2012

2012-07-31 14:57:19 -------- d-----w- c:\users\honeywin\appdata\local\AVG Secure Search

2012-07-31 14:57:13 -------- d-----w- c:\programdata\AVG Secure Search

2012-07-31 14:57:01 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

2012-07-31 14:56:59 -------- d-----w- c:\program files\common files\AVG Secure Search

2012-07-31 14:56:59 -------- d-----w- c:\program files\AVG Secure Search

2012-07-31 14:55:04 -------- d-----w- c:\windows\system32\drivers\AVG

2012-07-31 14:55:04 -------- d-----w- c:\programdata\AVG2012

2012-07-31 14:54:39 -------- d-----w- c:\program files\AVG

2012-07-31 14:35:05 -------- d--h--w- c:\programdata\Common Files

2012-07-31 14:34:40 -------- d-----w- c:\programdata\MFAData

2012-07-31 14:05:44 6891424 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{7b009bb0-d01b-465b-9a12-59d67b1cf222}\mpengine.dll

2012-07-31 14:05:44 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-07-31 13:39:08 749568 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iKernel.dll

2012-07-31 13:39:08 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\ctor.dll

2012-07-31 13:39:08 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\DotNetInstaller.exe

2012-07-31 13:39:08 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll

2012-07-31 13:39:08 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iscript.dll

2012-07-31 13:39:08 180224 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iuser.dll

2012-07-31 13:39:07 192644 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iGdi.dll

2012-07-31 13:39:06 323716 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\setup.dll

2012-07-31 12:56:56 -------- d-sh--w- c:\windows\Installer

2012-07-31 12:24:48 280064 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpzppw71.dll

.

==================== Find3M ====================

.

2012-06-06 05:05:52 1390080 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 05:05:52 1236992 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 05:03:06 805376 ----a-w- c:\windows\system32\cdosys.dll

2012-06-02 04:45:04 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 04:45:03 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 04:40:59 369336 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 04:40:39 225280 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 04:39:10 219136 ----a-w- c:\windows\system32\ncrypt.dll

.

============= FINISH: 19:14:12.37 ===============

[scheduled scan not working?]

when do you want me to run the DDS please?

just before a scheduled scan?

[scheduled scan not working?]

i.e. there's nothing to take a screen shot of!

[scheduled scan not working?]

UNFORTUNATELY NOTHING IS GOING ON!

I am sitting looking at my desktop with no apps running [except background tasks] and when the clock changes to the scan begin time, nothing happens at all; i.e. no warning, no messages, no errors, no pop ups, no apps, no utilities, nothing at all?

[scheduled scan not working?]

STILL NO SCHEDULED SCAN?

[scheduled scan not working?]

scheduled scan not working? [pro]

how to fix?

many thanks!