Internet + Cloud Care issue (3rd party firewall/internet conection lost)

QubicComputers · February 2, 2013

Ok, from now on I'm comming here first:

I'm using Cloud Care as a anti-virus/internet filtering program

This issue started a couple days ago, first problem being that Cloud Care complained that it's services weren't running, effectively disabling the internet. I tried restarting, which got rid of that issue for a little while, but every few times I would try to load a page it would try to load for about 10 to 15 seconds and then come up with a Cloud Care error stating that the page was blocked because of a third party firewall or a lost internet connection. It is not the internet connection, because sometimes I can refresh the page and it will load instantly. Also, a few other programs have been acting oddly, locking up at weird times. I said I would come here first because after trying Malwarebytes I also tried several other programs on my own, and I don't have enough experience to solve these kinds of problems on my own, so I'll come here first if anything like this happens again. One more thing you might want to know, although it is likely completely irrelevant, is that I have been messing around with SDL_net, I tried downloading the newest version, but it didn't work. I searched around and found a lower version which did work, although some of the files are newer than the newest version...

Thanks for any help,

QubicComputers

Here are the DDS files:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1

Run by Shawn at 15:23:58 on 2013-02-02

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8175.5979 [GMT -8:00]

.

AV: CloudCare *Disabled/Updated* {BABEE769-087B-572E-AD62-21FF46C86F61}

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

SP: CloudCare AntiSpyware *Disabled/Updated* {01DF068D-2E41-58A0-97D2-1A8D3D4F25DC}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\system32\atieclxx.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Bsecure\InetCtrl.exe

C:\Program Files (x86)\Bsecure\BsecAV.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe

C:\Program Files (x86)\PDF Complete\pdfsvc.exe

C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

C:\Program Files\Macrium\Reflect\ReflectService.exe

C:\Program Files (x86)\Photodex\ProShow\ScsiAccess.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Bsecure\BSecAMX.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\SysWOW64\vmnat.exe

C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe

C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Windows\SysWOW64\vmnetdhcp.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Bsecure\BsecTray.exe

C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local;192.168.*.*

mSearchAssistant = hxxp://start.facemoods.com/?a=fmtgl&s={searchTerms}&f=4

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

mRun: [CloudCare] C:\Program Files (x86)\Bsecure\BsecTray.exe

mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

StartupFolder: C:\Users\SHAWN~1.MIC\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EGGTIM~1.LNK - C:\Program Files (x86)\Qubic Programs\Egg Timer\Egg Timer.exe

StartupFolder: C:\Users\Shawn.Michael-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\note.txt

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

LSP: %ProgramFiles%\Bsecure\InetCtrl57.dll

LSP: %SystemRoot%\system32\vsocklib.dll

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: DhcpNameServer = 192.168.0.1 205.171.3.25

TCP: Interfaces\{A35758A6-7465-4C0F-997C-3651CED8C8D2} : DhcpNameServer = 192.168.0.1 205.171.3.25

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: SDWinLogon - SDWinLogon.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

BHO-X64: Canon Easy-WebPrint EX BHO - No File

BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

TB-X64: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun-x64: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

mRun-x64: [CloudCare] C:\Program Files (x86)\Bsecure\BsecTray.exe

mRun-x64: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun-x64: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Shawn.Michael-HP\AppData\Roaming\Mozilla\Firefox\Profiles\dbh3faig.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\nphdplg.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll

.

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]

R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]

R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-1-5 89600]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-1-28 44808]

R2 Bsecure;CloudCare;C:\Program Files (x86)\Bsecure\InetCtrl.exe [2011-8-13 66344]

R2 BsecureAV;CloudCare AntiVirus;C:\Program Files (x86)\Bsecure\BsecAV.exe [2011-8-13 161776]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-29 398184]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-29 682344]

R2 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2012-7-17 116632]

R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-1-5 1119768]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]

R2 ReflectService.exe;Macrium Reflect Image Mounting Service;C:\Program Files\Macrium\Reflect\ReflectService.exe [2011-11-9 301720]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-2-2 1103392]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-2-2 1369624]

R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-2-2 168384]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-1-5 2655768]

R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-29 846448]

R2 vmware-converter-agent;VMware vCenter Converter Standalone Agent;C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [2011-8-19 423536]

R2 vmware-converter-server;VMware vCenter Converter Standalone Server;C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [2011-8-19 423536]

R2 vmware-converter-worker;VMware vCenter Converter Standalone Worker;C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [2011-8-19 423536]

R3 BSecACFltr;BSecACFltr;C:\Windows\System32\drivers\BSecACFltr.sys [2013-2-1 21624]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 MEIx64;Intel® Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]

R3 WSDScan;WSD Scan Support via UMB;C:\Windows\system32\DRIVERS\WSDScan.sys --> C:\Windows\system32\DRIVERS\WSDScan.sys [?]

S2 CLKMSVC10_C6F09094;CyberLink Product - 2011/01/05 19:22:36;C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2011-1-5 245232]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-6 136176]

S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-2-21 1258856]

S2 VMwareHostd;VMware Workstation Server;C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-1-18 11839488]

S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-6 136176]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-9-20 30785672]

S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\system32\DRIVERS\motccgp.sys --> C:\Windows\system32\DRIVERS\motccgp.sys [?]

S3 motccgpfl;MotCcgpFlService;C:\Windows\system32\DRIVERS\motccgpfl.sys --> C:\Windows\system32\DRIVERS\motccgpfl.sys [?]

S3 motport;Motorola USB Diagnostic Port;C:\Windows\system32\DRIVERS\motport.sys --> C:\Windows\system32\DRIVERS\motport.sys [?]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 prwntdrv;prwntdrv;C:\Windows\System32\prwntdrv.sys [2012-10-14 13704]

S3 pwdrvio;pwdrvio;\??\C:\Windows\system32\pwdrvio.sys --> C:\Windows\system32\pwdrvio.sys [?]

S3 pwdspio;pwdspio;\??\C:\Windows\system32\pwdspio.sys --> C:\Windows\system32\pwdspio.sys [?]

S3 SIVDRIVER;SIV Kernel Driver;\??\C:\Windows\system32\Drivers\SIVX64.sys --> C:\Windows\system32\Drivers\SIVX64.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBTINSP;TI-Nspire™ Handheld or TI Network Bridge Device Driver;C:\Windows\system32\DRIVERS\tinspusb.sys --> C:\Windows\system32\DRIVERS\tinspusb.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2012-11-2 65657]

.

=============== Created Last 30 ================

.

2074-05-19 00:44:52 607296 ----a-w- C:\Program Files (x86)\Microsoft Games\Age of Empires III Ancient\deformerdllyD.dll

2040-08-24 20:34:18 -------- d-----w- C:\Users\Shawn.Michael-HP\AppData\Roaming\WinBatch

2013-02-02 19:10:25 17272 ----a-w- C:\Windows\System32\sdnclean64.exe

2013-02-02 19:10:21 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-02-02 01:53:30 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2013-02-01 20:05:27 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Microsoft Shared

2013-02-01 20:05:26 58432 ----a-w- C:\Windows\System32\drivers\BsecFltr.sys

2013-02-01 20:05:26 49088 ----a-w- C:\Windows\SysWow64\drivers\BsecFltr.sys

2013-02-01 20:05:26 22832 ----a-w- C:\Windows\System32\drivers\BSecACFltr.sys

2013-02-01 20:05:26 21624 ----a-w- C:\Windows\SysWow64\drivers\BSecACFltr.sys

2013-02-01 19:56:34 -------- d-----w- C:\Users\Shawn.Michael-HP\AppData\Roaming\Intuit

2013-02-01 14:15:44 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4C93BF7D-D194-42F6-B0EE-52A28CE1CAAF}\mpengine.dll

2013-01-31 04:28:57 -------- d-----w- C:\Users\Shawn.Michael-HP\HG

2013-01-31 04:21:22 -------- d-----w- C:\Program Files (x86)\Mercurial

2013-01-29 23:36:50 -------- d-----w- C:\Program Files (x86)\Royal Defense

2013-01-29 20:43:58 -------- d-----w- C:\Users\Shawn.Michael-HP\AppData\Local\Programs

2013-01-29 20:38:09 -------- d-----w- C:\Users\Shawn.Michael-HP\AppData\Roaming\Malwarebytes

2013-01-29 20:38:04 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-01-29 20:38:04 -------- d-----w- C:\ProgramData\Malwarebytes

2013-01-29 20:38:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-01-29 01:49:43 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-01-29 01:49:43 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2013-01-29 01:49:42 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2013-01-29 01:49:13 41224 ----a-w- C:\Windows\avastSS.scr

2013-01-29 01:49:06 -------- d-----w- C:\ProgramData\AVAST Software

2013-01-29 01:49:06 -------- d-----w- C:\Program Files\AVAST Software

2013-01-28 04:33:52 0 ----a-w- C:\Windows\SysWow64\sho50B7.tmp

2013-01-27 23:39:34 -------- d-----w- C:\Program Files (x86)\Narbacular Drop

2013-01-19 20:25:15 -------- d-----w- C:\Users\Shawn.Michael-HP\AppData\Local\{A8CD06DA-879C-43D3-91C9-0AA78E6A65E3}

2013-01-18 14:25:58 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-01-15 23:25:39 -------- d-----w- C:\Users\Shawn.Michael-HP\AppData\Local\{14CC761C-ECD5-4CEB-AF27-82BCB59EE592}

2013-01-15 14:29:46 -------- d-----w- C:\Include

2013-01-15 14:24:52 -------- d-----w- C:\Users\Shawn.Michael-HP\Tutorial Projects

2013-01-15 14:21:36 -------- d-----w- C:\Users\Shawn.Michael-HP\AppData\Roaming\CodeBlocks

2013-01-15 14:20:57 -------- d-----w- C:\Program Files (x86)\CodeBlocks

2013-01-09 23:39:00 -------- d-----w- C:\Users\Shawn.Michael-HP\AppData\Roaming\5.MineCraft - Flans - 1.4.7

2013-01-09 15:07:52 68608 ----a-w- C:\Windows\System32\taskhost.exe

2013-01-09 15:07:52 3149824 ----a-w- C:\Windows\System32\win32k.sys

2013-01-06 03:09:36 -------- d-----w- C:\Users\Shawn.Michael-HP\AppData\Roaming\5.MineCraft - Flans

.

==================== Find3M ====================

.

2013-01-17 09:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe

2013-01-12 15:34:18 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-01-12 15:34:18 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-12-19 21:33:10 859072 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-12-19 21:33:10 779704 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll

2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll

2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll

2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll

2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll

2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll

2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs

2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs

2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs

2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs

2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs

2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs

2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs

2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs

2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs

2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs

2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs

2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs

2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs

2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs

2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll

2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll

2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll

2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll

2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe

2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe

2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll

2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll

2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll

2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll

2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-11-08 19:29:12 1402312 ----a-w- C:\Windows\SysWow64\msxml4.dll

.

============= FINISH: 15:25:01.72 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 8/13/2011 2:31:01 AM

System Uptime: 2/2/2013 2:54:31 PM (1 hours ago)

.

Motherboard: PEGATRON CORPORATION | | 2AB6

Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz | CPU 1 | 3101/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 1850 GiB total, 1275.844 GiB free.

D: is FIXED (NTFS) - 13 GiB total, 1.593 GiB free.

E: is CDROM (CDFS)

H: is Removable

I: is Removable

J: is Removable

K: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP299: 2/2/2013 2:50:42 PM - S

.

==== Installed Programs ======================

.

"Minimal SYStem 1.0.11"

0xCELERATOR version 1.0

Abyss

Active@ Partition Recovery

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.5)

Adobe Shockwave Player 11.6

Agatha Christie - Peril at End House

Age of Empires III

Age of Empires III - The Asian Dynasties

Age of Empires III - The WarChiefs

Alice Greenfingers 1.06

Ancient Rome

Android SDK Tools

AnswerWorks 5.0 English Runtime

Aphotic Ascent

Apple Application Support

Apple Software Update

Atheros Client Installation Program

Attack of the 50ft Robot!

Audiokinetic Wwise v2011.2.2 build 4007

avast! Free Antivirus

Base Invaders Version 1.3

Bejeweled 2 Deluxe

Big Fish Games: Game Manager

Blackhawk Striker 2

Blank

Blasterball 3

Bontago

Bossinabox 1.0

Bounce Symphony

Build-a-lot 2

Cake Mania

Canon Easy-WebPrint EX

Canon G.726 WMP-Decoder

Canon IJ Network Scan Utility

Canon IJ Network Tool

Canon Inkjet Printer/Scanner/Fax Extended Survey Program

Canon MovieEdit Task for ZoomBrowser EX

Canon MP Navigator EX 3.0

Canon MP560 series User Registration

Canon RAW Image Task for ZoomBrowser EX

Canon Utilities CameraWindow

Canon Utilities CameraWindow DC

Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX

Canon Utilities Easy-PhotoPrint EX

Canon Utilities My Printer

Canon Utilities MyCamera

Canon Utilities MyCamera DC

Canon Utilities PhotoStitch

Canon Utilities RemoteCapture DC

Canon Utilities RemoteCapture Task for ZoomBrowser EX

Canon Utilities Solution Menu

Canon Utilities ZoomBrowser EX

Canon ZoomBrowser EX Memory Card Utility

Capitalism II Demo

Chocolatier: Decadence by Design

Chuzzle Deluxe

CloudCare

CodeBlocks

Coffee Tycoon (remove only)

Connectivity Library and TI-Nspire™ handheld drivers

Continuum Passage

Coreship v1.0

Coupon Printer for Windows

Crazy Machines Elements - DEMO

Crystalline 1.0

CyberLink DVD Suite Deluxe

D3DX10

Data Doctor Recovery Pen Drive (Demo)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Demolition, Inc. Demo

Diner Dash 2 Restaurant Rescue

Dora's World Adventure

Dreamside Maroon 1.0282.333

Duality 1.0

DVD Menu Pack for HP MediaSmart Video

EASEUS Partition Recovery 5.0.1

Egg Timer

Egg Timer Setup

Egg Timer version 1.0

Escape Rosecliff Island

Escape the Museum

Farm Frenzy

FATE

FileZilla Client 3.5.3

Final Drive Nitro

Garnet OS Development Suite

Gear Full Circle 10/31/2010 Build

GIMP 2.6.11

Glitch 1.3

Google Drive

Google Earth Plug-in

Google Update Helper

Grid Version 1.01g

Hack Attack 1.0

Heroes of Hellas 2 - Olympia

Hewlett-Packard ACLM.NET v1.1.2.0

HP Customer Experience Enhancements

HP Games

HP MediaSmart DVD

HP MediaSmart Music

HP MediaSmart Photo

HP MediaSmart Video

HP MediaSmart/TouchSmart Netflix

HP Odometer

HP Setup

HP Setup Manager

HP Support Assistant

HP Support Information

HP Update

Hulu Desktop

IDT Audio

Inno Setup version 5.5.0

Intel® Management Engine Components

Intel® Rapid Storage Technology

Java 7 Update 11

Java Auto Updater

Java™ 6 Update 31

JavaFX 2.1.1

Jewel Quest Solitaire 2

Junk Mail filter update

Kore Industries : Textures Pack

LabelPrint

Labyrinth version 0.9

LAME v3.98.3 for Audacity

Leshy Version 1.21

Life Quest®

LightScribe System Software

LogMeIn Hamachi

Magic DVD Ripper V5.4.2

Malwarebytes Anti-Malware version 1.70.0.1100

Marble Mayhem! 1.0

Mercurial 2.5.0 (x86)

Microsoft Office 2010

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Starter 2010 - English

Microsoft Office Word MUI (English) 2010

Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit

Microsoft Rise Of Nations

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft WSE 3.0 Runtime

MinGW-Get version 0.4-alpha-1

MiniTool Partition Wizard Home Edition 7.0

Momenta

Motorola Device Manager

Motorola Device Software Update

Mozilla Firefox 17.0.1 (x86 en-US)

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

MSXML4 Parser

Myr Gold Build

Mystery P.I. - The London Caper

Myszere 1.0

Narbacular Drop version 1.4

Nitronic Rush (2012-06-19) version 20120619.0

Nous Ver: 1.04

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

OneClickdigital Media Manager

OpenAL

Orblitz

PDF Complete Special Edition

Penguins!

Perspective 1.0

PHM Registry Editor

Photodex Presenter

PhotoNow!

Plants vs. Zombies

PlayReady PC Runtime x86

PMB

Poker Superstars III

Polar Bowler

Polar Golfer

Pong

Portal

portal-theme-v10-by-vitor-santo.themepack

Portal 2

Portal 2 Authoring Tools - Beta

Power2Go

PressReader

Project Albatross

ProShow

PTGui Pro Trial 9.1.3b

Quicken 2010

QuickTime

Recovery Manager

Rise of Nations Thrones and Patriots Trial Version

Royal Defense

Sansa Updater

SeaMonkey (1.1.11)

SeaMonkey (2.9.1)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Solace - February 2011

Source SDK

Source SDK Base 2007

SPORE™

Spybot - Search & Destroy

Steam

swMSM

Synaesthete (v1.0)

Tag - v1.1

TI-Nspire Student Software

TI-Nspire™ Computer Link Software

tools-freebsd

tools-linux

tools-netware

tools-solaris

tools-windows

tools-winPre2k

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Update Installer for WildTangent Games App

VeNix 1.0

Virtual Families

Virtual Villagers 4 - The Tree of Life

VMware vCenter Converter Standalone

VMware Workstation

Void 1.0

Westward II: Heroes of the Frontier

Wheel of Fortune 2

WildTangent Games App (HP Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Mobile Developer Power Toys

WinRAR 4.01 (32-bit)

YAGARTO 4.6.2

Yahoo! Detect

Zinio Reader 4

Zoo Tycoon 2 - Zookeeper Collection

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

2/2/2013 8:34:43 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

2/2/2013 8:34:43 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2/2/2013 8:34:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

2/2/2013 8:34:06 AM, Error: Service Control Manager [7024] - The VMware Workstation Server service terminated with service-specific error %%-1.

2/2/2013 2:58:43 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

2/2/2013 2:58:43 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.

2/2/2013 2:56:42 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

2/2/2013 2:56:25 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VMware Authorization Service service to connect.

2/2/2013 2:56:25 PM, Error: Service Control Manager [7001] - The VMware Workstation Server service depends on the VMware Authorization Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.

2/2/2013 2:56:25 PM, Error: Service Control Manager [7000] - The VMware Authorization Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2/1/2013 4:14:46 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.

2/1/2013 4:04:42 PM, Error: Microsoft-Windows-WMPNSS-Service [14365] - Proximity detection failed due to unknown error '0x80004004'. The best proximity time detected was -1 milliseconds.

2/1/2013 12:25:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Client Services service to connect.

2/1/2013 1:52:17 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

1/31/2013 2:52:20 PM, Error: Service Control Manager [7034] - The CloudCare AntiVirus service terminated unexpectedly. It has done this 1 time(s).

1/31/2013 2:51:56 PM, Error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).

1/31/2013 2:51:44 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

1/29/2013 7:22:41 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VMware vCenter Converter Standalone Agent service to connect.

1/29/2013 7:22:41 AM, Error: Service Control Manager [7000] - The VMware vCenter Converter Standalone Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

1/29/2013 7:21:31 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000800, 0x0000000000000002, 0x0000000000000000, 0xfffff800030cefaa). A dump was saved in: C:\Windows\Minidump\012913-21044-01.dmp. Report Id: 012913-21044-01.

1/29/2013 7:15:57 AM, Error: Service Control Manager [7022] - The Intel® Management and Security Application User Notification Service service hung on starting.

1/29/2013 6:12:54 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.

1/29/2013 6:12:54 AM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

1/29/2013 1:42:45 PM, Error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).

1/29/2013 1:42:32 PM, Error: Service Control Manager [7034] - The PDF Document Manager service terminated unexpectedly. It has done this 1 time(s).

1/29/2013 1:42:28 PM, Error: Service Control Manager [7034] - The LogMeIn Hamachi Tunneling Engine service terminated unexpectedly. It has done this 1 time(s).

1/29/2013 1:19:45 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

1/28/2013 5:16:21 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

1/28/2013 5:15:59 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

1/28/2013 5:14:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

1/28/2013 5:14:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

1/28/2013 5:14:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

1/28/2013 5:14:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

1/28/2013 5:14:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

1/28/2013 5:14:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

1/28/2013 5:14:21 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vmm vwififlt Wanarpv6 WfpLwf ws2ifsl

1/28/2013 5:14:21 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

1/28/2013 5:14:21 PM, Error: Service Control Manager [7001] - The VMware Workstation Server service depends on the Workstation service which failed to start because of the following error: The dependency service or group failed to start.

1/28/2013 5:14:21 PM, Error: Service Control Manager [7001] - The VMware vCenter Converter Standalone Server service depends on the Workstation service which failed to start because of the following error: The dependency service or group failed to start.

1/28/2013 5:14:21 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

1/28/2013 5:14:21 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

1/28/2013 5:14:21 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

1/28/2013 5:14:21 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

1/28/2013 5:14:21 PM, Error: Service Control Manager [7001] - The PST Service service depends on the Workstation service which failed to start because of the following error: The dependency service or group failed to start.

1/28/2013 5:14:21 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

1/28/2013 5:14:21 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

1/28/2013 5:14:21 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

1/28/2013 5:14:21 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

1/28/2013 5:14:21 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

1/28/2013 5:14:21 PM, Error: Service Control Manager [7001] - The CloudCare service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

1/28/2013 5:14:21 PM, Error: Service Control Manager [7001] - The CloudCare AntiVirus service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

1/28/2013 5:14:21 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.

1/28/2013 5:10:53 PM, Error: Service Control Manager [7031] - The PST Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.

1/28/2013 11:47:36 AM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.

1/28/2013 11:47:30 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Application Virtualization Client service to connect.

1/28/2013 11:47:30 AM, Error: Service Control Manager [7000] - The Application Virtualization Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================

TheDarkKnight · February 3, 2013

:welcome: I am TheDarkKnight and will be assisting you. Please ask questions if anything is unclear.

OK security programs first. You are running two antivirus programs:

avast!
CloudCare

Running more than one antivirus program can cause conflicts and actually reduce your security. I strongly recommend removing one of those antivirus programs. avast! is a very good free antivirus program, so unless you really like CloudCare I recommend removing it. Alternatively you can disable one and just use it occasionally for offline scanning.

You also have quite a few security programs running. Spybot is outdated, Windows Defender is considered okay, and then your two antivirus programs both offer other capabilities as well. I recommend removing Spybot, disabling Windows Defender and removing one of your antivirus programs. If you run avast! or CloudCare with MBAM you will have a very good security setup.

=====

Your logs show signs of an IP address which could be causing issues, as well as browser changes I doubt you authorised.

Please follow these instructions to run ComboFix.exe. Please visit this webpage for download links and instructions for running this tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix (CF).

Please go here to see a list of programs that need to be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall.**

**Note 2: If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.**

Please include the C:\ComboFix.txt in your next reply for further review.

=====

Also, please download AdwCleaner by Xplode onto your Desktop.

Double click on AdwCleaner.exe to run the tool.
Click on Search.
A logfile will automatically open after the scan has finished.
Please post the content of that logfile in your reply.
You can find the logfile at C:\AdwCleaner[R1].txt as well.

=====

In your reply please provide the contents of the following:

ComboFix.txt.
AdwCleaner[R1].txt.

Do you need any help removing your security programs? How is the computer running?

QubicComputers · February 3, 2013

Problem: I uninstalled avast! and Spybots and ran ComboFix. I have to keep Cloud Care (Bsecure) because my family uses it for website filtering. After I ran ComboFix the computer restarted and the log appeared, but there was no internet. I performed a system restore to get the internet back (which it did), so avast! and Spybots are back and ComboFix changes have likley reverted. I have not run AdwCleaner yet, I need your advice on how to proceed based on this information.

Here is the ComboFix log I got:

ComboFix 13-02-03.03 - Shawn 02/03/2013 13:48:50.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8175.5849 [GMT -8:00]

Running from: c:\users\Shawn.Michael-HP\Desktop\ComboFix.exe

AV: CloudCare *Disabled/Updated* {BABEE769-087B-572E-AD62-21FF46C86F61}

SP: CloudCare AntiSpyware *Disabled/Updated* {01DF068D-2E41-58A0-97D2-1A8D3D4F25DC}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\a

c:\a\Import.vmdk

c:\a\Import.vmsd

c:\a\Import.vmx

c:\a\Import.vmxf

C:\Install.exe

C:\Thumbs.db

c:\users\Michael\mp560swin102ea24.exe

c:\users\Michael\mp560swin105ea24.exe

c:\users\Patrick\AppData\Local\Microsoft\Windows\Temporary Internet Files\tbinst

c:\users\Patrick\AppData\Roaming\0ad

c:\users\Patrick\AppData\Roaming\0ad\cache\temp.0adsave

c:\users\Patrick\AppData\Roaming\0ad\config\user.cfg

c:\users\Patrick\AppData\Roaming\0ad\data\saves\quicksave-0001.0adsave

c:\users\Patrick\AppData\Roaming\0ad\data\saves\quicksave-0002.0adsave

c:\users\Patrick\AppData\Roaming\0ad\data\saves\quicksave-0003.0adsave

c:\users\Patrick\AppData\Roaming\0ad\data\saves\quicksave-0004.0adsave

c:\users\Patrick\AppData\Roaming\0ad\data\saves\quicksave-0005.0adsave

c:\users\Patrick\AppData\Roaming\0ad\data\saves\quicksave-0006.0adsave

c:\users\Patrick\AppData\Roaming\0ad\data\saves\quicksave-0007.0adsave

c:\users\Patrick\AppData\Roaming\0ad\data\saves\quicksave-0008.0adsave

c:\users\Patrick\AppData\Roaming\0ad\data\saves\quicksave-0009.0adsave

c:\users\Patrick\AppData\Roaming\0ad\data\saves\quicksave-0010.0adsave

c:\users\Patrick\AppData\Roaming\0ad\data\saves\quicksave-0011.0adsave

c:\users\Patrick\AppData\Roaming\0ad\data\saves\quicksave-0012.0adsave

c:\users\Patrick\AppData\Roaming\0ad\logs\interestinglog.html

c:\users\Patrick\AppData\Roaming\0ad\logs\mainlog.html

c:\users\Patrick\AppData\Roaming\0ad\logs\sim_log\1044-1\commands.txt

c:\users\Patrick\AppData\Roaming\0ad\logs\sim_log\1044\commands.txt

c:\users\Patrick\AppData\Roaming\0ad\logs\sim_log\1944\commands.txt

c:\users\Patrick\AppData\Roaming\0ad\logs\sim_log\3088\commands.txt

c:\users\Patrick\AppData\Roaming\0ad\logs\sim_log\4076-1\commands.txt

c:\users\Patrick\AppData\Roaming\0ad\logs\sim_log\4076\commands.txt

c:\users\Patrick\AppData\Roaming\0ad\logs\sim_log\460-1\commands.txt

c:\users\Patrick\AppData\Roaming\0ad\logs\sim_log\460-2\commands.txt

c:\users\Patrick\AppData\Roaming\0ad\logs\sim_log\460\commands.txt

c:\users\Patrick\AppData\Roaming\0ad\logs\sim_log\4992-1\commands.txt

c:\users\Patrick\AppData\Roaming\0ad\logs\sim_log\4992\commands.txt

c:\users\Patrick\AppData\Roaming\0ad\logs\sim_log\6840\commands.txt

c:\users\Patrick\AppData\Roaming\0ad\logs\sim_log\7192\commands.txt

c:\users\Patrick\AppData\Roaming\0ad\logs\system_info.txt

c:\users\Shawn.Michael-HP\AppData\Roaming\0ad

c:\users\Shawn.Michael-HP\AppData\Roaming\0ad\cache\temp.0adsave

c:\users\Shawn.Michael-HP\AppData\Roaming\0ad\config\user.cfg

c:\users\Shawn.Michael-HP\AppData\Roaming\0ad\data\saves\quicksave-0001.0adsave

c:\users\Shawn.Michael-HP\AppData\Roaming\0ad\data\saves\quicksave-0002.0adsave

c:\users\Shawn.Michael-HP\AppData\Roaming\0ad\data\saves\quicksave-0003.0adsave

c:\users\Shawn.Michael-HP\AppData\Roaming\0ad\data\saves\quicksave-0004.0adsave

c:\users\Shawn.Michael-HP\AppData\Roaming\0ad\data\saves\quicksave-0005.0adsave

c:\users\Shawn.Michael-HP\AppData\Roaming\0ad\logs\interestinglog.html

c:\users\Shawn.Michael-HP\AppData\Roaming\0ad\logs\mainlog.html

c:\users\Shawn.Michael-HP\AppData\Roaming\0ad\logs\sim_log\2452\commands.txt

c:\users\Shawn.Michael-HP\AppData\Roaming\0ad\logs\system_info.txt

c:\users\Shawn.Michael-HP\Documents\~WRL0005.tmp

.

((((((((((((((((((((((((( Files Created from 2013-01-03 to 2013-02-03 )))))))))))))))))))))))))))))))

.

2074-05-19 00:44 . 2008-03-21 21:46 607296 ----a-w- c:\program files (x86)\Microsoft Games\Age of Empires III Ancient\deformerdllyD.dll

2040-08-24 20:34 . 2040-08-24 20:34 -------- d-----w- c:\users\Shawn.Michael-HP\AppData\Roaming\WinBatch

2013-02-03 21:59 . 2013-02-03 21:59 -------- d-----w- c:\users\SHAWN~1~MIC\AppData\Local\temp

2013-02-03 21:59 . 2013-02-03 21:59 -------- d-----w- c:\users\Shawn\AppData\Local\temp

2013-02-03 21:59 . 2013-02-03 21:59 -------- d-----w- c:\users\Patrick\AppData\Local\temp

2013-02-03 21:59 . 2013-02-03 21:59 -------- d-----w- c:\users\Michael\AppData\Local\temp

2013-02-03 21:59 . 2013-02-03 21:59 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2013-02-03 21:59 . 2013-02-03 21:59 -------- d-----w- c:\users\Lisa\AppData\Local\temp

2013-02-03 21:59 . 2013-02-03 21:59 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-02-03 20:51 . 2013-02-03 20:51 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4C93BF7D-D194-42F6-B0EE-52A28CE1CAAF}\offreg.dll

2013-02-02 01:53 . 2013-02-02 19:54 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2013-02-02 01:49 . 2013-02-02 01:49 -------- d-----w- c:\users\Lisa\AppData\Roaming\digipen

2013-02-02 01:49 . 2013-02-02 01:49 -------- d-----w- c:\users\Lisa\AppData\Local\digipen

2013-02-02 00:06 . 2013-02-02 00:06 -------- d-----w- c:\users\Lisa\AppData\Local\MagicSoftware

2013-02-02 00:01 . 2013-02-02 00:01 -------- d-----w- c:\users\Lisa\AppData\Roaming\Sony Corporation

2013-02-01 20:05 . 2013-02-01 20:05 -------- d-----w- c:\program files (x86)\Common Files\Windows Microsoft Shared

2013-02-01 20:05 . 2010-04-26 19:23 49088 ----a-w- c:\windows\SysWow64\drivers\BsecFltr.sys

2013-02-01 20:05 . 2010-04-26 19:23 58432 ----a-w- c:\windows\system32\drivers\BsecFltr.sys

2013-02-01 20:05 . 2010-02-05 17:40 21624 ----a-w- c:\windows\SysWow64\drivers\BSecACFltr.sys

2013-02-01 20:05 . 2010-02-03 17:57 22832 ----a-w- c:\windows\system32\drivers\BSecACFltr.sys

2013-02-01 19:56 . 2013-02-01 19:56 -------- d-----w- c:\users\Shawn.Michael-HP\AppData\Roaming\Intuit

2013-02-01 14:15 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4C93BF7D-D194-42F6-B0EE-52A28CE1CAAF}\mpengine.dll

2013-01-31 04:28 . 2013-01-31 04:37 -------- d-----w- c:\users\Shawn.Michael-HP\HG

2013-01-31 04:21 . 2013-01-31 04:21 -------- d-----w- c:\program files (x86)\Mercurial

2013-01-29 23:38 . 2013-01-29 23:38 -------- d-----w- c:\users\Patrick\AppData\Roaming\Game

2013-01-29 23:36 . 2013-01-29 23:36 -------- d-----w- c:\program files (x86)\Royal Defense

2013-01-29 20:43 . 2013-01-29 20:43 -------- d-----w- c:\users\Shawn.Michael-HP\AppData\Local\Programs

2013-01-29 20:38 . 2013-01-29 20:38 -------- d-----w- c:\users\Shawn.Michael-HP\AppData\Roaming\Malwarebytes

2013-01-29 20:38 . 2013-01-29 21:13 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2013-01-29 20:38 . 2013-01-29 20:38 -------- d-----w- c:\programdata\Malwarebytes

2013-01-29 20:38 . 2012-12-15 00:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-01-29 01:49 . 2012-10-30 23:50 285328 ----a-w- c:\windows\system32\aswBoot.exe

2013-01-29 01:49 . 2013-02-03 21:36 -------- d-----w- c:\programdata\AVAST Software

2013-01-29 01:49 . 2013-01-29 01:49 -------- d-----w- c:\program files\AVAST Software

2013-01-28 04:33 . 2013-01-28 04:33 0 ----a-w- c:\windows\SysWow64\sho50B7.tmp

2013-01-27 23:39 . 2013-01-27 23:53 -------- d-----w- c:\program files (x86)\Narbacular Drop

2013-01-25 18:18 . 2013-01-25 18:18 -------- d-----w- c:\users\Michael\AppData\Roaming\Sony Corporation

2013-01-18 14:25 . 2013-01-12 11:30 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-01-17 16:00 . 2013-01-17 16:00 -------- d-----w- c:\users\Lisa\AppData\Roaming\Motorola Mobility

2013-01-15 14:29 . 2013-01-28 22:42 -------- d-----w- C:\Include

2013-01-15 14:24 . 2013-01-29 15:13 -------- d-----w- c:\users\Shawn.Michael-HP\Tutorial Projects

2013-01-15 14:21 . 2013-02-02 01:44 -------- d-----w- c:\users\Shawn.Michael-HP\AppData\Roaming\CodeBlocks

2013-01-15 14:20 . 2013-01-15 14:21 -------- d-----w- c:\program files (x86)\CodeBlocks

2013-01-09 23:39 . 2013-01-10 00:05 -------- d-----w- c:\users\Shawn.Michael-HP\AppData\Roaming\5.MineCraft - Flans - 1.4.7

2013-01-09 15:07 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys

2013-01-09 15:07 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe

2013-01-06 03:09 . 2013-01-09 00:14 -------- d-----w- c:\users\Shawn.Michael-HP\AppData\Roaming\5.MineCraft - Flans

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-01-17 09:28 . 2011-08-13 21:46 273840 ------w- c:\windows\system32\MpSigStub.exe

2013-01-12 15:34 . 2012-04-01 03:11 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-01-12 15:34 . 2011-08-23 18:06 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-01-10 04:37 . 2011-08-14 14:52 67599240 ----a-w- c:\windows\system32\MRT.exe

2012-12-19 21:33 . 2012-07-14 00:14 859072 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-12-19 21:33 . 2012-01-16 20:19 779704 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-12-16 17:11 . 2012-12-21 16:12 46080 ----a-w- c:\windows\system32\atmlib.dll

2012-12-16 14:45 . 2012-12-21 16:12 367616 ----a-w- c:\windows\system32\atmfd.dll

2012-12-16 14:13 . 2012-12-21 16:12 295424 ----a-w- c:\windows\SysWow64\atmfd.dll

2012-12-16 14:13 . 2012-12-21 16:12 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2012-11-30 04:45 . 2013-01-09 15:08 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-11-14 07:06 . 2012-12-13 23:18 17811968 ----a-w- c:\windows\system32\mshtml.dll

2012-11-14 06:32 . 2012-12-13 23:18 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-11-14 06:11 . 2012-12-13 23:18 2312704 ----a-w- c:\windows\system32\jscript9.dll

2012-11-14 06:04 . 2012-12-13 23:18 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-11-14 06:04 . 2012-12-13 23:18 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-11-14 06:02 . 2012-12-13 23:18 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-14 06:02 . 2012-12-13 23:18 237056 ----a-w- c:\windows\system32\url.dll

2012-11-14 05:59 . 2012-12-13 23:18 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-11-14 05:58 . 2012-12-13 23:18 816640 ----a-w- c:\windows\system32\jscript.dll

2012-11-14 05:57 . 2012-12-13 23:18 599040 ----a-w- c:\windows\system32\vbscript.dll

2012-11-14 05:57 . 2012-12-13 23:18 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-11-14 05:55 . 2012-12-13 23:18 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-11-14 05:55 . 2012-12-13 23:18 729088 ----a-w- c:\windows\system32\msfeeds.dll

2012-11-14 05:53 . 2012-12-13 23:18 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-11-14 05:52 . 2012-12-13 23:18 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-11-14 05:46 . 2012-12-13 23:18 248320 ----a-w- c:\windows\system32\ieui.dll

2012-11-14 02:09 . 2012-12-13 23:18 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-11-14 01:58 . 2012-12-13 23:18 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-11-14 01:57 . 2012-12-13 23:18 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-11-14 01:49 . 2012-12-13 23:18 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-11-14 01:48 . 2012-12-13 23:18 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-11-14 01:44 . 2012-12-13 23:18 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-11-09 05:45 . 2012-12-13 23:22 2048 ----a-w- c:\windows\system32\tzres.dll

2012-11-09 04:42 . 2012-12-13 23:22 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-11-08 19:29 . 2012-11-08 19:29 1402312 ----a-w- c:\windows\SysWow64\msxml4.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-12-03 1354736]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600]

"CloudCare"="c:\program files (x86)\Bsecure\BsecTray.exe" [2011-06-25 96040]

"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2009-05-20 136544]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-11-13 421736]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-27 648032]

.

c:\users\Shawn.Michael-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Egg Timer.exe - Shortcut.lnk - c:\program files (x86)\Qubic Programs\Egg Timer\Egg Timer.exe [2012-7-31 56832]

note.txt [2013-1-3 1759]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer2"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\prwntdrv]

@=""

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]

"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

.

R2 CLKMSVC10_C6F09094;CyberLink Product - 2011/01/05 19:22;c:\program files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2010-11-26 245232]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]

R2 Motorola Device Manager;Motorola Device Manager Service;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2012-07-17 116632]

R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]

R2 vmware-converter-agent;VMware vCenter Converter Standalone Agent;c:\program files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [2011-08-20 423536]

R2 vmware-converter-server;VMware vCenter Converter Standalone Server;c:\program files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [2011-08-20 423536]

R2 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-01-18 11839488]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]

R3 bmdrvr;Modified Clusters Tracking Driver;SysWOW64\drivers\bmdrvr.sys [x]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2012-06-11 22016]

R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2012-01-25 9728]

R3 motport;Motorola USB Diagnostic Port;c:\windows\system32\DRIVERS\motport.sys [2012-06-08 31232]

R3 prwntdrv;prwntdrv;c:\windows\system32\prwntdrv.sys [2010-08-26 16776]

R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-09-03 19936]

R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-09-03 13280]

R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]

R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

R3 SIVDRIVER;SIV Kernel Driver;c:\windows\system32\Drivers\SIVX64.sys [2008-06-14 57312]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBTINSP;TI-Nspire Handheld or TI Network Bridge Device Driver;c:\windows\system32\DRIVERS\tinspusb.sys [2010-03-30 142848]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-14 1255736]

R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]

R4 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2011-09-02 65657]

S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [2011-08-08 116336]

S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-23 203264]

S2 Bsecure;CloudCare;c:\program files (x86)\Bsecure\InetCtrl.exe [2011-06-25 66344]

S2 BsecureAV;CloudCare AntiVirus;c:\program files (x86)\Bsecure\BsecAV.exe [2011-06-25 161776]

S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-11 2465712]

S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-15 398184]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-15 682344]

S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2010-09-28 1119768]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]

S2 ReflectService.exe;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2011-11-09 301720]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]

S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-08-30 846448]

S2 vmware-converter-worker;VMware vCenter Converter Standalone Worker;c:\program files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [2011-08-20 423536]

S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi10-shared.sys [x]

S3 BSecACFltr;BSecACFltr;c:\windows\system32\DRIVERS\BSecACFltr.sys [2010-02-03 22832]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-15 24176]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - BsecureFilter

*Deregistered* - CLKMDRV10_C6F09094

.

Contents of the 'Scheduled Tasks' folder

.

2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-07 03:52]

.

2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-07 03:52]

.

2013-02-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-853655980-1941484234-785684605-1003Core.job

- c:\users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-14 17:18]

.

2013-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-853655980-1941484234-785684605-1003UA.job

- c:\users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-14 17:18]

.

2013-01-11 c:\windows\Tasks\HPCeeScheduleForMICHAEL-HP$.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]

.

2013-01-25 c:\windows\Tasks\HPCeeScheduleForMichael.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]

.

2013-02-01 c:\windows\Tasks\HPCeeScheduleForPatrick.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]

.

2013-01-28 c:\windows\Tasks\HPCeeScheduleForShawn.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]

2012-12-18 03:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]

2012-12-18 03:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]

2012-12-18 03:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]

2012-12-18 03:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-26 2184520]

"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-17 767312]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-06-24 1128448]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local;192.168.*.*

mSearchAssistant = hxxp://start.facemoods.com/?a=fmtgl&s={searchTerms}&f=4

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

LSP: %SystemRoot%\system32\vsocklib.dll

TCP: DhcpNameServer = 192.168.0.1 205.171.3.25

FF - ProfilePath - c:\users\Shawn.Michael-HP\AppData\Roaming\Mozilla\Firefox\Profiles\dbh3faig.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - ExtSQL: 2013-01-29 06:12; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF

.

- - - - ORPHANS REMOVED - - - -

.

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe

AddRemove-Sansa Updater - c:\users\Shawn.Michael-HP\AppData\Roaming\SanDisk\Sansa Updater\SansaUpdaterInstall.exe

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]

"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-853655980-1941484234-785684605-1005\Software\SecuROM\License information*]

"datasecu"=hex:a9,1f,74,79,ab,40,60,ea,06,fd,68,99,75,08,36,4f,5f,b8,9a,73,62,

da,5c,9a,f4,0d,34,f1,29,03,75,72,56,46,8e,b5,07,33,00,d3,5b,06,55,e0,ac,99,\

"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]

"v5Licence0"="15-3BWD-J5JA-Q87W-PSPD-EG7V-PAWT3ZW"

"Activated"="Y"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\Photodex\ProShow\ScsiAccess.exe

c:\windows\SysWOW64\vmnat.exe

c:\windows\SysWOW64\vmnetdhcp.exe

c:\program files (x86)\Bsecure\BSecAMX.exe

c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

.

**************************************************************************

.

Completion time: 2013-02-03 14:11:52 - machine was rebooted

ComboFix-quarantined-files.txt 2013-02-03 22:11

.

Pre-Run: 1,370,269,532,160 bytes free

Post-Run: 1,372,376,158,208 bytes free

.

- - End Of File - - 7BC28FC259F6FA27B580E010DB173862

QubicComputers · February 3, 2013

I forgot to disable Cloud Care, would that cause the issue?

TheDarkKnight · February 4, 2013

Good afternoon QubicComputers,

Please try disabling CloudCare and then running ComboFix. Does the internet still get disabled?

QubicComputers · February 5, 2013

Internet still was disabled. Ran ComboFix and AdwCleaner this morning. Internet was disabled again (said something about service not running, ran troubleshooter, then it said could not automatically find proxy settings). For some reason I thought running ComboFix again would help, it didn't. (I would guess that was a really bad idea, and sorry if that is true ). Had to do a system restore again, so avast! and Spybots are back again. Forgot to move the previous log before running the 2nd ComboFix but here is today's 2nd ComboFix log and AdwCleaner log:

ComboFix 13-02-03.03 - Shawn 02/04/2013 15:21:10.2.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8175.6391 [GMT -8:00]

Running from: C:\Users\Shawn.Michael-HP\Desktop\ComboFix.exe

AV: CloudCare *Disabled/Updated* {BABEE769-087B-572E-AD62-21FF46C86F61}

SP: CloudCare AntiSpyware *Disabled/Updated* {01DF068D-2E41-58A0-97D2-1A8D3D4F25DC}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

((((((((((((((((((((((((( Files Created from 2013-01-04 to 2013-02-04 )))))))))))))))))))))))))))))))

2074-05-19 00:44:52 . 2008-03-21 21:46:13 607296 ----a-w- C:\Program Files (x86)\Microsoft Games\Age of Empires III Ancient\deformerdllyD.dll

2040-08-24 20:34:18 . 2040-08-24 20:34:18 -------- d-----w- C:\Users\Shawn.Michael-HP\AppData\Roaming\WinBatch

2013-02-04 23:30:18 . 2013-02-04 23:30:18 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp

2013-02-04 23:30:18 . 2013-02-04 23:30:18 -------- d-----w- C:\Users\SHAWN~1~MIC\AppData\Local\temp

2013-02-04 23:30:18 . 2013-02-04 23:30:18 -------- d-----w- C:\Users\Shawn\AppData\Local\temp

2013-02-04 23:30:18 . 2013-02-04 23:30:18 -------- d-----w- C:\Users\Patrick\AppData\Local\temp

2013-02-04 23:30:18 . 2013-02-04 23:30:18 -------- d-----w- C:\Users\Michael\AppData\Local\temp

2013-02-04 23:30:18 . 2013-02-04 23:30:18 -------- d-----w- C:\Users\Lisa\AppData\Local\temp

2013-02-04 23:30:18 . 2013-02-04 23:30:18 -------- d-----w- C:\Users\Default\AppData\Local\temp

2013-02-02 19:10:25 . 2009-01-25 20:14:02 17272 ----a-w- C:\Windows\system32\sdnclean64.exe

2013-02-02 19:10:21 . 2013-02-04 15:03:47 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-02-02 01:53:30 . 2013-02-03 22:35:51 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2013-02-02 01:49:27 . 2013-02-02 01:49:27 -------- d-----w- C:\Users\Lisa\AppData\Roaming\digipen

2013-02-02 01:49:27 . 2013-02-02 01:49:27 -------- d-----w- C:\Users\Lisa\AppData\Local\digipen

2013-02-02 00:06:53 . 2013-02-02 00:06:53 -------- d-----w- C:\Users\Lisa\AppData\Local\MagicSoftware

2013-02-02 00:01:58 . 2013-02-02 00:01:58 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Sony Corporation

2013-02-01 20:05:27 . 2013-02-01 20:05:27 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Microsoft Shared

2013-02-01 20:05:26 . 2010-04-26 19:23:50 49088 ----a-w- C:\Windows\SysWow64\drivers\BsecFltr.sys

2013-02-01 20:05:26 . 2010-04-26 19:23:30 58432 ----a-w- C:\Windows\system32\drivers\BsecFltr.sys

2013-02-01 20:05:26 . 2010-02-05 17:40:12 21624 ----a-w- C:\Windows\SysWow64\drivers\BSecACFltr.sys

2013-02-01 20:05:26 . 2010-02-03 17:57:21 22832 ----a-w- C:\Windows\system32\drivers\BSecACFltr.sys

2013-02-01 19:56:34 . 2013-02-01 19:56:34 -------- d-----w- C:\Users\Shawn.Michael-HP\AppData\Roaming\Intuit

2013-02-01 14:15:44 . 2013-01-08 05:32:08 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4C93BF7D-D194-42F6-B0EE-52A28CE1CAAF}\mpengine.dll

2013-01-31 04:28:57 . 2013-01-31 04:37:15 -------- d-----w- C:\Users\Shawn.Michael-HP\HG

2013-01-31 04:21:22 . 2013-01-31 04:21:28 -------- d-----w- C:\Program Files (x86)\Mercurial

2013-01-29 23:38:38 . 2013-01-29 23:38:38 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Game

2013-01-29 23:36:50 . 2013-01-29 23:36:58 -------- d-----w- C:\Program Files (x86)\Royal Defense

2013-01-29 20:43:58 . 2013-01-29 20:43:58 -------- d-----w- C:\Users\Shawn.Michael-HP\AppData\Local\Programs

2013-01-29 20:38:09 . 2013-01-29 20:38:09 -------- d-----w- C:\Users\Shawn.Michael-HP\AppData\Roaming\Malwarebytes

2013-01-29 20:38:04 . 2013-01-29 21:13:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-01-29 20:38:04 . 2013-01-29 20:38:04 -------- d-----w- C:\ProgramData\Malwarebytes

2013-01-29 20:38:04 . 2012-12-15 00:49:28 24176 ----a-w- C:\Windows\system32\drivers\mbam.sys

2013-01-29 01:49:42 . 2012-10-30 23:50:30 285328 ----a-w- C:\Windows\system32\aswBoot.exe

2013-01-29 01:49:06 . 2013-02-04 14:38:01 -------- d-----w- C:\ProgramData\AVAST Software

2013-01-29 01:49:06 . 2013-02-03 22:35:42 -------- d-----w- C:\Program Files\AVAST Software

2013-01-28 04:33:52 . 2013-01-28 04:33:52 0 ----a-w- C:\Windows\SysWow64\sho50B7.tmp

2013-01-27 23:39:34 . 2013-01-27 23:53:43 -------- d-----w- C:\Program Files (x86)\Narbacular Drop

2013-01-25 18:18:12 . 2013-01-25 18:18:12 -------- d-----w- C:\Users\Michael\AppData\Roaming\Sony Corporation

2013-01-18 14:25:58 . 2013-01-12 11:30:18 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-01-17 16:00:44 . 2013-01-17 16:00:44 -------- d-----w- C:\Users\Lisa\AppData\Roaming\Motorola Mobility

2013-01-15 14:29:46 . 2013-01-28 22:42:56 -------- d-----w- C:\Include

2013-01-15 14:24:52 . 2013-01-29 15:13:09 -------- d-----w- C:\Users\Shawn.Michael-HP\Tutorial Projects

2013-01-15 14:21:36 . 2013-02-02 01:44:43 -------- d-----w- C:\Users\Shawn.Michael-HP\AppData\Roaming\CodeBlocks

2013-01-15 14:20:57 . 2013-01-15 14:21:33 -------- d-----w- C:\Program Files (x86)\CodeBlocks

2013-01-09 23:39:00 . 2013-01-10 00:05:29 -------- d-----w- C:\Users\Shawn.Michael-HP\AppData\Roaming\5.MineCraft - Flans - 1.4.7

2013-01-09 15:07:52 . 2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\system32\win32k.sys

2013-01-09 15:07:52 . 2012-11-23 03:13:57 68608 ----a-w- C:\Windows\system32\taskhost.exe

2013-01-06 03:09:36 . 2013-01-09 00:14:23 -------- d-----w- C:\Users\Shawn.Michael-HP\AppData\Roaming\5.MineCraft - Flans