A couple of websites not loading - unsure Virus/Malware?

StixUK · April 10, 2013

Hello,

I recently had a Trojan removed by you guys last week. But one thing has been nagging me for a few weeks.

Facebook will not load on this computer and my wife complained that George (Asda Clothing) website won't work either.

We have connected via the same home network onto these 2 website through 2 x android phones and another Windows 8 laptop, so I am more than certain it is an issue related solely to this computer and thinking is something to do with my recent infection.

MalwareBytes Quick Scan revealed nothing.

DDS and Attach Logs provided:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 30/12/2011 21:42:57

System Uptime: 10/04/2013 00:28:06 (1 hours ago)

.

Motherboard: Acer | | IPISB-AG

Processor: Intel® Pentium® CPU G620 @ 2.60GHz | CPU 1 | 2600/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 458 GiB total, 385.206 GiB free.

D: is FIXED (NTFS) - 458 GiB total, 430.753 GiB free.

E: is CDROM ()

F: is Removable

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Realtek PCIe GBE Family Controller

Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_80001025&REV_06\03000000684CE00000

Manufacturer: Realtek

Name: Realtek PCIe GBE Family Controller

PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_80001025&REV_06\03000000684CE00000

Service: RTL8167

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft Virtual WiFi Miniport Adapter

Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&26B89B3D&0&01

Manufacturer: Microsoft

Name: Microsoft Virtual WiFi Miniport Adapter

PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&26B89B3D&0&01

Service: vwifimp

.

==== System Restore Points ===================

.

RP148: 06/04/2013 16:59:40 - Installed MSXML 4.0 SP3 Parser

RP149: 06/04/2013 17:15:02 - Device Driver Package Install: COMODO Network Service

RP150: 07/04/2013 11:32:49 - Windows Modules Installer

RP151: 07/04/2013 11:40:11 - Windows Update

RP152: 07/04/2013 12:02:04 - Windows Update

RP153: 08/04/2013 11:30:02 - Removed Norton Online Backup

.

==== Installed Programs ======================

.

???? ??? Windows Live

???? Windows Live

????? Windows Live

?????? ??????? ?? Windows Live

???????? ?????????? Windows Live

?????????? Windows Live

??????????? ?? Windows Live

1.3M WebCam

Acer Crystal Eye Webcam Video Class Camera

Acer eRecovery Management

Acer ScreenSaver

Acer TouchPortal

Acer Updater

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.4)

Adobe Shockwave Player 12.0

Apple Application Support

Apple Software Update

AVG 2013

AviSynth 2.5

Blue Coat K9 Web Protection

BUFFALO LinkStation(LS-VL Series) Setup Guide

BUFFALO NAS Navigator2

BUFFALO Network-USB Navigator

BUFFALO TurboCopy

BUFFALO TurboPC for FLASH/HDD

clear.fi

clear.fi Client

Comodo Dragon

COMODO Internet Security

Cooliris for Internet Explorer

D3DX10

DAEMON Tools Lite

Debut Video Capture Software

DivX Setup

Dolby Home Theater v4

Download Navigator

DVD Decrypter (Remove Only)

DVDFab 8.0.0.5 (25/08/2010)

eBay Worldwide

Elevated Installer

Epson Connect Guide

Epson Connect Printer Setup

Epson E-Web Print

Epson Event Manager

Epson FAX Utility

Epson Network Guide WF-2530 Series

Epson PC-FAX Driver

EPSON Remote Print Uninstall

EPSON Scan

Epson User's Guide WF-2530 Series

EPSON WF-2530 Series Printer Uninstall

EpsonNet Print

ERUNT 1.1j

ESET Online Scanner v3

Etron USB3.0 Host Controller

Facebook Messenger 2.1.4814.0

Football Manager 2010

Fotogalerija Windows Live

Freemake Video Converter version 4.0.0

Galeria de Fotografias do Windows Live

Galeria fotografii uslugi Windows Live

Galeria fotogràfica del Windows Live

Galerie de photos Windows Live

Galerie foto Windows Live

Galería fotográfica de Windows Live

Garmin City Navigator Europe NT 2013.10 Update

Garmin Express

Garmin Express Tray

Garmin Update Service

GeekBuddy

Google Chrome Frame

Google Update Helper

Hotkey Utility

Identity Card

ImgBurn

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

ITE Infrared Transceiver

Java 6 Update 43

Junk Mail filter update

K-Lite Codec Pack 9.3.0 (Basic)

MakeMKV v1.8.0

Malwarebytes Anti-Malware version 1.75.0.1300

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Access database engine 2010 (English)

Microsoft Application Error Reporting

Microsoft AutoRoute 2011

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Primary Interoperability Assemblies 2005

Microsoft Silverlight

Microsoft SkyDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Touch Pack for Windows 7

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft XNA Framework Redistributable 3.0

MS Access 97 SP2

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2758694)

MyWinLocker

MyWinLocker 4

MyWinLocker Suite

Nero Control Center 10

Nero ControlCenter 10 Help (CHM)

Nero Core Components 10

Nero DiscSpeed 10

Nero DiscSpeed 10 Help (CHM)

Nero Express 10

Nero Express 10 Help (CHM)

Nero Multimedia Suite 10 Essentials

Nero StartSmart 10

Nero StartSmart 10 Help (CHM)

Nero Update

OpenOffice.org 3.4.1

PDFBinder

Plex

Poczta uslugi Windows Live

Podstawowe programy Windows Live

Pošta Windows Live

QuickTime

Raccolta foto di Windows Live

Rapport

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Realtek PCIE Card Reader

S?????? f?t???af??? t?? Windows Live

Secunia PSI (3.0.0.6005)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Shockwave

Shredder

Sky Poker

Skype™ 6.3

Spybot - Search & Destroy

Steam

swMSM

TouchSettings

Ubisoft Game Launcher

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

VC80CRTRedist - 8.0.50727.6195

Virtual Earth 3D (Beta)

Visual Studio 2008 x64 Redistributables

Visual Studio 2010 x64 Redistributables

Vuze Remote Toolbar

Welcome Center

Windows Live

Windows Live ???

Windows Live ????

Windows Live Communications Platform

Windows Live Essentials

Windows Live Fotótár

Windows Live Fotogalerie

Windows Live Fotogalleri

Windows Live Fotogaléria

Windows Live Fotograf Galerisi

Windows Live Galeria de Fotos

Windows Live Galerija fotografija

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Temel Parçalar

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Liven asennustyökalu

Windows Liven sähköposti

Windows Liven valokuvavalikoima

WinRAR 4.10 beta 5 (64-bit)

WorkMobile

.

==== Event Viewer Messages From Past Week ========

.

10/04/2013 00:28:39, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: CFRMD

10/04/2013 00:17:11, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

09/04/2013 12:26:08, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {47135EEA-06B6-4452-8787-4A187C64A47E} and APPID {9037E3CF-1794-4AF6-9C8D-92838D7A23DB} to the user HockadayFamily\Guest SID (S-1-5-21-1422416387-2922628184-2253746073-501) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

09/04/2013 12:24:38, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user HockadayFamily\Guest SID (S-1-5-21-1422416387-2922628184-2253746073-501) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

09/04/2013 12:23:45, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {B77C4C36-0154-4C52-AB49-FAA03837E47F} and APPID {EA022610-0748-4C24-B229-6C507EBDFDBB} to the user HockadayFamily\Hockaday Family SID (S-1-5-21-1422416387-2922628184-2253746073-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

09/04/2013 12:23:00, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user HockadayFamily\Hockaday Family SID (S-1-5-21-1422416387-2922628184-2253746073-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

09/04/2013 12:23:00, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user HockadayFamily\Hockaday Family SID (S-1-5-21-1422416387-2922628184-2253746073-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

09/04/2013 12:03:58, Error: Service Control Manager [7022] - The Intel® Management and Security Application User Notification Service service hung on starting.

09/04/2013 11:51:01, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.

09/04/2013 11:51:01, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error: An instance of the service is already running.

09/04/2013 11:51:01, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.

09/04/2013 11:51:01, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error: An instance of the service is already running.

09/04/2013 11:50:01, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Shell Hardware Detection service, but this action failed with the following error: An instance of the service is already running.

09/04/2013 11:50:01, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.

09/04/2013 11:49:01, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

09/04/2013 11:49:01, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

09/04/2013 11:49:01, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

09/04/2013 11:49:01, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

09/04/2013 11:49:01, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

09/04/2013 11:49:01, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

09/04/2013 11:49:01, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

09/04/2013 11:49:01, Error: Service Control Manager [7031] - The Secondary Logon service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

09/04/2013 11:49:01, Error: Service Control Manager [7031] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

09/04/2013 11:49:01, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

09/04/2013 11:49:01, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

09/04/2013 11:49:01, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

09/04/2013 11:49:01, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

09/04/2013 11:46:31, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AVGIDSDriver Avgldx64 Avgtdia CFRMD cmdGuard cmdHlp DfsC discache inspect mwlPSDFilter mwlPSDNServ mwlPSDVDisk NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl

09/04/2013 11:46:31, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

09/04/2013 11:46:31, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

09/04/2013 11:46:31, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

09/04/2013 11:46:31, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

09/04/2013 11:46:31, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

09/04/2013 11:46:31, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

09/04/2013 11:46:31, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

09/04/2013 11:46:31, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

09/04/2013 11:46:31, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

09/04/2013 11:46:31, Error: Service Control Manager [7001] - The Epson Scanner Service service depends on the Windows Image Acquisition (WIA) service which failed to start because of the following error: The dependency service or group failed to start.

09/04/2013 11:46:31, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

09/04/2013 11:46:31, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

09/04/2013 11:46:31, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.

09/04/2013 11:46:31, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.

08/04/2013 20:35:20, Error: Service Control Manager [7034] - The Application Virtualization Client service terminated unexpectedly. It has done this 1 time(s).

08/04/2013 11:33:33, Error: Service Control Manager [7001] - The Windows Audio service depends on the Windows Audio Endpoint Builder service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/04/2013 12:10:12, Error: Service Control Manager [7043] - The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.

07/04/2013 11:45:14, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.

06/04/2013 09:43:51, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

06/04/2013 09:43:26, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

03/04/2013 11:47:53, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running.

03/04/2013 11:45:53, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).

03/04/2013 11:45:53, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

03/04/2013 11:45:53, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

03/04/2013 11:45:53, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

03/04/2013 11:45:53, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

03/04/2013 11:45:53, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

03/04/2013 03:54:32, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

03/04/2013 03:54:32, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

03/04/2013 02:41:13, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891

03/04/2013 02:41:13, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891

03/04/2013 02:39:18, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

03/04/2013 02:39:18, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

03/04/2013 02:39:17, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

.

==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16470

Run by Hockaday Family at 1:04:31 on 2013-04-10

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2976.1118 [GMT 1:00]

.

AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

SP: COMODO Antivirus *Disabled/Outdated* {FEEA52D5-051E-08DD-07EF-2F009097607D}

SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe

C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

C:\Program Files (x86)\Secunia\PSI\PSIA.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe

C:\Windows\system32\EscSvc64.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\taskhost.exe

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ITE\ITE Infrared Transceiver\CIRAP.exe

C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe

C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Users\Hockaday Family\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

C:\Program Files (x86)\Acer\Acer TouchPortal\THIDTray.exe

C:\Windows\System32\spool\drivers\x64\3\E_YATIIVE.EXE

C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe

C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe

C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\COMODO\COMODO Internet Security\cis.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Acer\Acer TouchPortal\TouchPortal.exe

C:\Program Files (x86)\Acer\Acer TouchPortal\WidgetWindow.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Secunia\PSI\sua.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files\EgisTec IPS\PMMUpdate.exe

C:\Program Files\EgisTec IPS\EgisUpdate.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.co.uk/

mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} -

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.0.0.2\AVG Secure Search_toolbar.dll

BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} -

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: Cooliris Plug-In for Internet Explorer: {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - c:\Program Files (x86)\PicLensIE\cooliris.dll

BHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\npchrome_frame.dll

TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.0.0.2\AVG Secure Search_toolbar.dll

TB: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll

EB: E-Web Print: {A60C1DC7-64B3-4AD9-8E67-035D11B8B2B0} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [skyDrive] "C:\Users\Hockaday Family\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background

uRun: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\x64\3\E_YATIIVE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-2530 Series" /EF "HKCU"

mRun: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

mRun: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart

mRun: [TouchPortalV3Launcher] C:\Program Files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe na

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"

mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"

mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid}

StartupFolder: C:\Users\HOCKAD~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {3437D640-C91A-458f-89F5-B9095EA4C28B} - {04F93351-81D2-4484-9982-0D55DEFFFAE6} - c:\Program Files (x86)\PicLensIE\cooliris.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: {0A43D7AC-D6C1-4622-B309-BF975F427C0E} - hxxps://internetbankingplus1.firstdirect.com/ibplus/frontdoorFD.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} - hxxp://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_43-windows-i586.cab

DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} - hxxp://zone.msn.com/bingame/zpagames/zpa_hrtz.cab99160.cab

DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab

DPF: {CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_43-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_43-windows-i586.cab

TCP: NameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{2DB28FE1-FD82-4058-A234-A18534AA8E49} : NameServer = 8.26.56.26,156.154.70.22

TCP: Interfaces\{2DB28FE1-FD82-4058-A234-A18534AA8E49} : DHCPNameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{2DB28FE1-FD82-4058-A234-A18534AA8E49}\4514C4B44514C4B4D2640353544383 : NameServer = 8.26.56.26,156.154.70.22

TCP: Interfaces\{2DB28FE1-FD82-4058-A234-A18534AA8E49}\4514C4B44514C4B4D2640353544383 : DHCPNameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{2DB28FE1-FD82-4058-A234-A18534AA8E49}\45865684F636B6E4564777F627B6 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{2DB28FE1-FD82-4058-A234-A18534AA8E49}\84F434B4144414956414D494C495F5E4564777F627B6 : DHCPNameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{2DB28FE1-FD82-4058-A234-A18534AA8E49}\E4544574541425 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{735EEFB0-AA04-4325-A8FA-900DC5D8B50E} : NameServer = 8.26.56.26,156.154.70.22

TCP: Interfaces\{735EEFB0-AA04-4325-A8FA-900DC5D8B50E} : DHCPNameServer = 192.168.1.1 192.168.1.1

Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\npchrome_frame.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.0.0\ViProtocol.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: SDWinLogon - SDWinLogon.dll

SSODL: WebCheck - <orphaned>

x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-Run: [TouchORB] C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe

x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4

x64-Run: [TouchPortalV3Launcher] C:\Program Files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe na

x64-Run: [PLFSetL] C:\Windows\\PLFSetL.exe

x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - <orphaned>

x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]

R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]

R0 bftpdskc64;BUFFALO TurboPC Cache Filter;C:\Windows\System32\drivers\bftpdskc64.sys [2013-1-26 72016]

R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-2-27 246072]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-2-14 239416]

R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-12-27 39768]

R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2013-1-16 23176]

R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2013-1-16 699880]

R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2013-1-16 48360]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-7-19 283200]

R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2011-8-26 22648]

R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2011-8-26 20520]

R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2011-8-26 62776]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-2-19 282624]

R2 bckd;bckd;C:\Windows\System32\drivers\bckd.sys [2013-3-1 127216]

R2 bckwfs;Blue Coat K9 Web Protection;C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2013-3-1 2649840]

R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2013-3-29 70352]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-3-28 2074768]

R2 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2013-3-4 135824]

R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-3-20 186200]

R2 GeekBuddyRSP;GeekBuddyRSP Service;C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-3-13 1851088]

R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-8-26 1817088]

R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-8-26 244624]

R2 NasPmService;NAS PM Service;C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe -Service_Execute -dcyc=297 -dto=3 -dluc=0 -dmin=1 -dmax=2 -dflc=0 -apc=0 -log=0 -pm=1 -pall=1 -phttp=0 -pbc=0 -ppro=0 -pcyc=292 -pmin=1 -pmax=2 -pflc=0 --> C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe -Service_Execute -dcyc=297 -dto=3 -dluc=0 -dmin=1 -dmax=2 -dflc=0 -apc=0 -log=0 -pm=1 -pall=1 -phttp=0 -pbc=0 -ppro=0 -pcyc=292 -pmin=1 -pmax=2 -pflc=0 [?]

R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-4-6 1103392]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-4-6 1369624]

R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-4-6 168384]

R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-2-7 1223704]

R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-2-7 660504]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 sxuptp;SXUPTP Driver;C:\Windows\System32\drivers\sxuptp.sys [2013-2-6 297088]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-9-22 2656280]

R2 vToolbarUpdater15.0.0;vToolbarUpdater15.0.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [2013-3-29 990896]

R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-6-30 54784]

R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-6-30 77696]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-8-26 317440]

R3 ITECIRfilter;ITECIR Filter Driver;C:\Windows\System32\drivers\ITECIRfilter.sys [2011-9-22 28264]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2013-2-25 2426672]

R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-2-7 18456]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-8-26 333928]

R3 rtsuvc;Realtek USB 2.0 PC Camera;C:\Windows\System32\drivers\rtsuvc.sys [2011-9-22 8204904]

R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-2-28 4937264]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2011-5-13 36328]

S3 bftpusbx64;BUFFALO TurboPC USB Filter;C:\Windows\System32\drivers\bftpusbx64.sys [2010-10-21 20608]

S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-1-24 158928]

S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-6-21 173424]

S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.4.0;C:\Windows\System32\drivers\libusb0.sys [2011-12-20 29184]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-7 19456]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-26 539240]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-4-7 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-4-7 30208]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-31 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]

.

=============== Created Last 30 ================

.

2013-04-09 10:56:01 -------- d-----w- C:\Program Files\Blue Coat K9 Web Protection

2013-04-08 10:31:18 -------- d-----w- C:\Windows\pss

2013-04-07 11:10:46 0 ----a-w- C:\Windows\SysWow64\shoEFE.tmp

2013-04-07 10:18:59 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2013-04-07 10:18:59 458712 ----a-w- C:\Windows\System32\drivers\cng.sys

2013-04-07 10:18:59 340992 ----a-w- C:\Windows\System32\schannel.dll

2013-04-07 10:18:59 247808 ----a-w- C:\Windows\SysWow64\schannel.dll

2013-04-07 10:18:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2013-04-07 10:18:59 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2013-04-07 10:18:59 1448448 ----a-w- C:\Windows\System32\lsasrv.dll

2013-04-07 10:18:50 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2013-04-07 10:18:50 366592 ----a-w- C:\Windows\System32\qdvd.dll

2013-04-07 10:09:07 477616 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll

2013-04-07 09:09:50 -------- d-----w- C:\Program Files (x86)\Common Files\COMODO

2013-04-06 16:14:49 -------- d-s---w- C:\ProgramData\Shared Space

2013-04-06 16:12:35 -------- d-----w- C:\Program Files\COMODO

2013-04-06 16:12:26 -------- d-----w- C:\ProgramData\COMODO

2013-04-06 16:12:06 -------- d-----w- C:\Users\Hockaday Family\AppData\Local\Comodo

2013-04-06 16:12:00 56072 ----a-w- C:\Windows\System32\certsentry.dll

2013-04-06 16:12:00 47368 ----a-w- C:\Windows\SysWow64\certsentry.dll

2013-04-06 16:11:51 -------- d-----w- C:\Program Files (x86)\Comodo

2013-04-06 16:11:49 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll

2013-04-06 16:11:45 -------- d-----w- C:\ProgramData\Comodo Downloader

2013-04-06 16:05:10 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2013-04-06 16:04:59 17272 ----a-w- C:\Windows\System32\sdnclean64.exe

2013-04-06 16:04:55 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-04-06 16:01:58 -------- d-----w- C:\Windows\SysWow64\Adobe

2013-04-06 15:55:38 -------- d-----r- C:\Program Files (x86)\Skype

2013-04-06 15:48:31 -------- d-----w- C:\Users\Hockaday Family\AppData\Local\Secunia PSI

2013-04-06 15:48:07 -------- d-----w- C:\Program Files (x86)\Secunia

2013-04-06 15:20:18 -------- d-sh--w- C:\$RECYCLE.BIN

2013-04-05 21:55:10 -------- d-----w- C:\Program Files (x86)\ESET

2013-04-05 20:59:53 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C52EE6B0-2987-47A4-B96A-F164B84506F7}\mpengine.dll

2013-03-27 09:37:32 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin7.dll

2013-03-27 09:37:32 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin6.dll

2013-03-27 09:37:32 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll

2013-03-27 09:37:32 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll

2013-03-27 09:37:32 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll

2013-03-27 09:37:32 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll

2013-03-27 09:37:32 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll

2013-03-23 00:50:42 -------- d-----w- C:\Users\Hockaday Family\AppData\Roaming\DVDFab

2013-03-23 00:13:55 82816 ----a-w- C:\Windows\System32\drivers\pcouffin.sys

2013-03-23 00:13:55 82816 ----a-w- C:\Users\Hockaday Family\AppData\Roaming\pcouffin.sys

2013-03-23 00:13:31 -------- d-----w- C:\Program Files (x86)\DVDFab 8

2013-03-23 00:08:12 -------- d-----w- C:\Users\Hockaday Family\.MakeMKV

2013-03-23 00:07:49 -------- d-----w- C:\Program Files (x86)\MakeMKV

2013-03-22 07:41:17 -------- d--h--w- C:\SkyDriveTemp

2013-03-20 22:29:12 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys

2013-03-20 13:32:11 -------- d-----w- C:\ProgramData\Package Cache

2013-03-18 01:17:34 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5

2013-03-17 22:58:02 -------- d-----w- C:\Users\Hockaday Family\AppData\Roaming\All Free DVD to AVI Converter

2013-03-17 22:57:55 344064 ----a-w- C:\Windows\SysWow64\msvcr70.dll

2013-03-17 12:38:37 -------- d-----w- C:\Users\Hockaday Family\AppData\Roaming\HandBrake

2013-03-17 05:36:40 -------- d-----w- C:\Program Files (x86)\DVD Decrypter

2013-03-17 02:42:32 -------- d-----w- C:\Users\Hockaday Family\AppData\Roaming\tiger-k

2013-03-17 02:42:32 -------- d-----w- C:\Users\Hockaday Family\AppData\Roaming\Leawo

2013-03-17 02:42:32 -------- d-----w- C:\ProgramData\Leawo

2013-03-17 02:40:00 139264 ----a-w- C:\Windows\SysWow64\xvid.ax

2013-03-17 02:39:59 606208 ----a-w- C:\Windows\SysWow64\xvidcore.dll

2013-03-17 00:36:24 -------- d-----w- C:\Users\Hockaday Family\AppData\Roaming\avidemux

.

==================== Find3M ====================

.

2013-04-07 10:08:57 473520 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-04-04 13:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-03-29 11:06:09 39768 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2013-03-13 11:54:25 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-03-13 11:54:25 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-03-12 00:10:56 282744 ------w- C:\Windows\System32\MpSigStub.exe

2013-03-01 11:21:40 127216 ----a-w- C:\Windows\System32\drivers\bckd.sys

2013-02-26 23:40:46 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys

2013-02-25 09:12:04 334000 ----a-w- C:\Windows\System32\RaCoInstx.dll

2013-02-25 09:12:04 2426672 ----a-w- C:\Windows\System32\drivers\netr28x.sys

2013-02-14 03:52:46 239416 ----a-w- C:\Windows\System32\drivers\avgtdia.sys

2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-02-08 04:37:56 116536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys

2013-02-08 04:37:54 311096 ----a-w- C:\Windows\System32\drivers\avgloga.sys

2013-02-08 04:37:50 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys

2013-02-08 04:37:42 206136 ----a-w- C:\Windows\System32\drivers\avgldx64.sys

2013-02-08 04:37:40 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys

2013-02-07 12:15:22 18456 ----a-w- C:\Windows\System32\drivers\psi_mf_amd64.sys

2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll

2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll

2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-01-24 21:43:04 43216 ----a-w- C:\Windows\System32\cmdcsr.dll

2013-01-24 21:43:02 461384 ----a-w- C:\Windows\System32\guard64.dll

2013-01-24 21:43:02 354752 ----a-w- C:\Windows\SysWow64\guard32.dll

2013-01-24 21:42:54 45776 ----a-w- C:\Windows\System32\cmdkbd64.dll

2013-01-24 21:42:54 326352 ----a-w- C:\Windows\System32\cmdvrt64.dll

2013-01-24 21:42:50 40656 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll

2013-01-24 21:42:50 263888 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll

2013-01-16 18:51:46 699880 ----a-w- C:\Windows\System32\drivers\cmdguard.sys

2013-01-16 18:51:46 48360 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys

2013-01-16 18:51:44 23176 ----a-w- C:\Windows\System32\drivers\cmderd.sys

2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll

2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll

2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll

2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll

2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll

2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll

2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll

2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll

2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll

2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll

2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll

2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll

2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll

2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll

2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll

2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll

2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll

2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll

2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll

2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll

2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll

2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll

2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll

2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll

2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll

2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll

2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll

2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll

2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll

2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll

2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll

.

============= FINISH: 1:05:42.15 ===============

Tomk1 · April 10, 2013

Hi StixUK,

Sorry to hear of your continuing problems.

A couple things...

You have already picked of some adware since the last time I saw you. It appears that someone has been using Vuze P2P software. This is a great way to get infected.

You have a host of services that are being blocked and erroring out. It appears that a family filter has been installed. Could this be blocking access to the sites in question? I have never used any of the web nanny programs but it appears it has done some blocking (I don't know if it is to the sites in question).

Someone has done some manipulating in MSCONFIG. Perhaps this was done by the nanny program?

Let's start this way:

Download RogueKiller and save it to your desktop.
Quit all other programs
Start RogueKiller.exe
Wait until the Prescan has finished ...
Click on Scan
Wait for the end of the scan
A report will be created on your desktop.
Click on the Delete button
Next click on the ShortcutsFix
another report will be created on your desktop.

Please post: All RKreport.txt text files located on your desktop.

StixUK · April 11, 2013

I haven't had Vuze installed since the first contact with yourselves and it was uninstalled on that day.

I have downloaded K9 Web Protection to stop my kids getting onto any dodgy websites but this is NOT blocking Facebook as I had uninstalled K9 to check and Facebook still didn't load???

Regards

Mike

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Hockaday Family [Admin rights]

Mode : Scan -- Date : 04/11/2013 03:04:51

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{2DB28FE1-FD82-4058-A234-A18534AA8E49} : NameServer (8.26.56.26,156.154.70.22) -> FOUND

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{735EEFB0-AA04-4325-A8FA-900DC5D8B50E} : NameServer (8.26.56.26,156.154.70.22) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{2DB28FE1-FD82-4058-A234-A18534AA8E49} : NameServer (8.26.56.26,156.154.70.22) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{735EEFB0-AA04-4325-A8FA-900DC5D8B50E} : NameServer (8.26.56.26,156.154.70.22) -> FOUND

[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD10EADX-22TDHB0 ATA Device (TurboPC) +++++

--- User ---

[MBR] b8edd27abbe8c05009f53688d2fb7e36

[bSP] 19e44b78fccf4b1a396a67d3ba282bd4 : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 469203 Mo

3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 992591872 | Size: 469204 Mo

User = LL1 ... OK!

User = LL2 ... OK!

+++++ PhysicalDrive1: SD Card +++++

--- User ---

[MBR] 3aa9ddfca72963c0ef19b1a361227bb7

[bSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code

Partition table:

0 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 253 | Size: 1927 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

Finished : << RKreport[1]_S_04112013_02d0304.txt >>

RKreport[1]_S_04112013_02d0304.txt

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Hockaday Family [Admin rights]

Mode : Remove -- Date : 04/11/2013 03:05:35

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{2DB28FE1-FD82-4058-A234-A18534AA8E49} : NameServer (8.26.56.26,156.154.70.22) -> NOT REMOVED, USE DNSFIX

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{735EEFB0-AA04-4325-A8FA-900DC5D8B50E} : NameServer (8.26.56.26,156.154.70.22) -> NOT REMOVED, USE DNSFIX

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{2DB28FE1-FD82-4058-A234-A18534AA8E49} : NameServer (8.26.56.26,156.154.70.22) -> NOT REMOVED, USE DNSFIX

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{735EEFB0-AA04-4325-A8FA-900DC5D8B50E} : NameServer (8.26.56.26,156.154.70.22) -> NOT REMOVED, USE DNSFIX

[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> DELETED

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD10EADX-22TDHB0 ATA Device (TurboPC) +++++

--- User ---

[MBR] b8edd27abbe8c05009f53688d2fb7e36

[bSP] 19e44b78fccf4b1a396a67d3ba282bd4 : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 469203 Mo

3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 992591872 | Size: 469204 Mo

User = LL1 ... OK!

User = LL2 ... OK!

+++++ PhysicalDrive1: SD Card +++++

--- User ---

[MBR] 3aa9ddfca72963c0ef19b1a361227bb7

[bSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code

Partition table:

0 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 253 | Size: 1927 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

Finished : << RKreport[2]_D_04112013_02d0305.txt >>

RKreport[1]_S_04112013_02d0304.txt ; RKreport[2]_D_04112013_02d0305.txt

Tomk1 · April 11, 2013

Download ComboFix:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link --> http://forums.whatthetech.com/How_Disable_your_Security_Programs_t96260.html
Double click on ComboFix.exe & follow the prompts.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Notes:

1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.

2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

3. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

StixUK · April 12, 2013

Sorry here was the 3rd page of the RK report the other day....

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Hockaday Family [Admin rights]

Mode : Shortcuts HJfix -- Date : 04/11/2013 03:06:53

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤

Desktop: Success 1 / Fail 0

Quick launch: Success 1 / Fail 0

Programs: Success 11 / Fail 0

Start menu: Success 1 / Fail 0

User folder: Success 879 / Fail 0

My documents: Success 2 / Fail 2

My favorites: Success 0 / Fail 0

My pictures: Success 0 / Fail 0

My music: Success 60 / Fail 0

My videos: Success 0 / Fail 0

Local drives: Success 161 / Fail 0

Backup: [NOT FOUND]

Drives:

[C:] \Device\HarddiskVolume3 -- 0x3 --> Restored

[D:] \Device\HarddiskVolume4 -- 0x3 --> Restored

[E:] \Device\CdRom0 -- 0x5 --> Skipped

[F:] \Device\HarddiskVolume5 -- 0x2 --> Restored

[G:] \Device\CdRom1 -- 0x5 --> Skipped

[Q:] \Device\SftVol -- 0x3 --> Restored

Finished : << RKreport[3]_SC_04112013_02d0306.txt >>

RKreport[1]_S_04112013_02d0304.txt ; RKreport[2]_D_04112013_02d0305.txt ; RKreport[3]_SC_04112013_02d0306.txt

StixUK · April 13, 2013

combofix log as requested.

ComboFix 13-04-12.02 - Hockaday Family 13/04/2013 1:18.4.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2976.1161 [GMT 1:00]

Running from: c:\users\Hockaday Family\Desktop\ComboFix.exe

AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}

SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: COMODO Antivirus *Disabled/Outdated* {FEEA52D5-051E-08DD-07EF-2F009097607D}

SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\wininit.ini

.

((((((((((((((((((((((((( Files Created from 2013-03-13 to 2013-04-13 )))))))))))))))))))))))))))))))

.

2013-04-10 21:55 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys

2013-04-10 21:55 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys

2013-04-10 21:55 . 2013-03-02 06:04 1655656 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-04-10 07:16 . 2013-04-10 07:16 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C52EE6B0-2987-47A4-B96A-F164B84506F7}\offreg.dll

2013-04-09 10:56 . 2013-04-09 11:03 -------- d-----w- c:\program files\Blue Coat K9 Web Protection

2013-04-07 11:10 . 2013-04-07 11:10 0 ----a-w- c:\windows\SysWow64\shoEFE.tmp

2013-04-07 10:18 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2013-04-07 10:18 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys

2013-04-07 10:18 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll

2013-04-07 10:18 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll

2013-04-07 10:18 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll

2013-04-07 10:18 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2013-04-07 10:18 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

2013-04-07 10:18 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll

2013-04-07 10:18 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll

2013-04-07 10:09 . 2013-04-07 10:08 477616 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

2013-04-07 09:09 . 2013-04-07 09:09 -------- d-----w- c:\program files (x86)\Common Files\COMODO

2013-04-06 16:14 . 2013-04-06 16:15 -------- d-s---w- c:\programdata\Shared Space

2013-04-06 16:12 . 2013-04-06 16:12 -------- d-----w- c:\program files\COMODO

2013-04-06 16:12 . 2013-04-06 16:13 -------- d-----w- c:\programdata\COMODO

2013-04-06 16:12 . 2013-04-06 16:12 -------- d-----w- c:\users\Hockaday Family\AppData\Local\Comodo

2013-04-06 16:12 . 2013-04-06 16:13 56072 ----a-w- c:\windows\system32\certsentry.dll

2013-04-06 16:12 . 2013-04-06 16:13 47368 ----a-w- c:\windows\SysWow64\certsentry.dll

2013-04-06 16:11 . 2013-04-06 16:13 -------- d-----w- c:\program files (x86)\Comodo

2013-04-06 16:11 . 2013-04-06 16:11 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll

2013-04-06 16:11 . 2013-04-06 16:11 -------- d-----w- c:\programdata\Comodo Downloader

2013-04-06 16:05 . 2013-04-10 00:47 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2013-04-06 16:04 . 2009-01-25 11:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe

2013-04-06 16:04 . 2013-04-13 00:06 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2

2013-04-06 16:01 . 2013-04-06 16:01 -------- d-----w- c:\windows\SysWow64\Adobe

2013-04-06 15:55 . 2013-04-06 15:55 -------- d-----w- c:\program files (x86)\Common Files\Skype

2013-04-06 15:55 . 2013-04-06 15:55 -------- d-----r- c:\program files (x86)\Skype

2013-04-06 15:48 . 2013-04-06 15:48 -------- d-----w- c:\users\Hockaday Family\AppData\Local\Secunia PSI

2013-04-06 15:48 . 2013-04-06 15:48 -------- d-----w- c:\program files (x86)\Secunia

2013-04-06 15:28 . 2013-04-06 15:28 -------- d-----w- c:\program files (x86)\ERUNT

2013-04-05 21:55 . 2013-04-05 21:55 -------- d-----w- c:\program files (x86)\ESET

2013-04-05 20:59 . 2013-03-19 04:50 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C52EE6B0-2987-47A4-B96A-F164B84506F7}\mpengine.dll

2013-03-27 16:55 . 2013-04-13 00:06 -------- d-----w- c:\users\Guest

2013-03-27 09:37 . 2013-03-27 09:37 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll

2013-03-27 09:37 . 2013-03-27 09:37 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll

2013-03-27 09:37 . 2013-03-27 09:37 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll

2013-03-27 09:37 . 2013-03-27 09:37 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll

2013-03-27 09:37 . 2013-03-27 09:37 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll

2013-03-27 09:37 . 2013-03-27 09:37 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll

2013-03-27 09:37 . 2013-03-27 09:37 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll

2013-03-27 09:37 . 2013-03-27 09:37 -------- d-----w- c:\program files (x86)\QuickTime

2013-03-27 09:37 . 2013-03-27 09:37 -------- d-----w- c:\programdata\Apple Computer

2013-03-27 09:35 . 2013-03-27 09:35 -------- d-----w- c:\program files (x86)\Common Files\Apple

2013-03-27 09:35 . 2013-03-27 09:35 -------- d-----w- c:\program files (x86)\Apple Software Update

2013-03-23 00:50 . 2013-03-23 00:50 -------- d-----w- c:\users\Hockaday Family\AppData\Roaming\DVDFab

2013-03-23 00:13 . 2013-03-23 00:13 82816 ----a-w- c:\windows\system32\drivers\pcouffin.sys

2013-03-23 00:13 . 2013-03-23 00:13 82816 ----a-w- c:\users\Hockaday Family\AppData\Roaming\pcouffin.sys

2013-03-23 00:13 . 2013-03-23 00:16 -------- d-----w- c:\users\Hockaday Family\AppData\Roaming\Vso

2013-03-23 00:13 . 2013-03-23 00:13 -------- d-----w- c:\program files (x86)\DVDFab 8

2013-03-23 00:08 . 2013-03-23 00:08 -------- d-----w- c:\users\Hockaday Family\.MakeMKV

2013-03-23 00:07 . 2013-03-23 00:07 -------- d-----w- c:\program files (x86)\MakeMKV

2013-03-22 07:41 . 2013-03-22 07:41 -------- d-----w- C:\SkyDriveTemp

2013-03-20 22:29 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-03-20 13:32 . 2013-04-06 15:52 -------- d-----w- c:\programdata\Package Cache

2013-03-18 01:19 . 2013-03-18 01:19 -------- d-----w- c:\users\Hockaday Family\AppData\Roaming\Media Player Classic

2013-03-18 01:17 . 2013-03-18 01:17 -------- d-----w- c:\program files (x86)\AviSynth 2.5

2013-03-18 01:17 . 2013-03-20 12:54 -------- d-----w- c:\program files (x86)\Gabest

2013-03-17 22:58 . 2013-03-17 22:58 -------- d-----w- c:\users\Hockaday Family\AppData\Roaming\All Free DVD to AVI Converter

2013-03-17 22:57 . 2002-01-05 16:37 344064 ----a-w- c:\windows\SysWow64\msvcr70.dll

2013-03-17 12:38 . 2013-03-18 00:39 -------- d-----w- c:\users\Hockaday Family\AppData\Roaming\HandBrake

2013-03-17 05:36 . 2013-03-17 05:36 -------- d-----w- c:\program files (x86)\DVD Decrypter

2013-03-17 02:42 . 2013-03-17 02:43 -------- d-----w- c:\users\Hockaday Family\AppData\Roaming\tiger-k

2013-03-17 02:42 . 2013-03-17 02:42 -------- d-----w- c:\users\Hockaday Family\AppData\Roaming\Leawo

2013-03-17 02:42 . 2013-03-17 02:42 -------- d-----w- c:\programdata\Leawo

2013-03-17 02:40 . 2012-01-09 11:34 139264 ----a-w- c:\windows\SysWow64\xvid.ax

2013-03-17 02:39 . 2012-01-09 11:34 606208 ----a-w- c:\windows\SysWow64\xvidcore.dll

2013-03-17 00:36 . 2013-03-17 02:27 -------- d-----w- c:\users\Hockaday Family\AppData\Roaming\avidemux

2013-03-16 21:15 . 2013-03-25 00:43 -------- d-----w- c:\users\Hockaday Family\AppData\Roaming\dvdcss

2013-03-15 02:42 . 2013-02-17 01:40 28672 ----a-w- c:\windows\system32\IEUDINIT.EXE

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-04-10 22:08 . 2012-04-16 20:22 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-04-10 22:08 . 2012-01-19 00:43 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-04-10 21:58 . 2012-01-02 19:00 72702784 ----a-w- c:\windows\system32\MRT.exe

2013-04-07 10:08 . 2012-01-02 22:31 473520 ----a-w- c:\windows\SysWow64\deployJava1.dll

2013-04-04 13:50 . 2013-01-25 11:28 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-29 11:06 . 2012-12-27 22:21 39768 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2013-03-12 00:10 . 2010-11-21 03:27 282744 ------w- c:\windows\system32\MpSigStub.exe

2013-03-01 11:21 . 2013-03-01 11:21 127216 ----a-w- c:\windows\system32\drivers\bckd.sys

2013-02-26 23:40 . 2013-02-26 23:40 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys

2013-02-25 09:12 . 2013-02-25 09:12 334000 ----a-w- c:\windows\system32\RaCoInstx.dll

2013-02-25 09:12 . 2013-02-25 09:12 2426672 ----a-w- c:\windows\system32\drivers\netr28x.sys

2013-02-16 23:51 . 2013-02-16 23:51 895088 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2013-02-16 23:51 . 2013-02-16 23:51 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2013-02-16 23:51 . 2013-02-16 23:51 710992 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2013-02-14 03:52 . 2013-02-14 03:52 239416 ----a-w- c:\windows\system32\drivers\avgtdia.sys

2013-02-12 05:45 . 2013-03-13 11:56 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2013-02-12 05:45 . 2013-03-13 11:56 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2013-02-12 05:45 . 2013-03-13 11:56 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll

2013-02-12 05:45 . 2013-03-13 11:56 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll

2013-02-12 04:48 . 2013-03-13 11:56 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll

2013-02-12 04:48 . 2013-03-13 11:56 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll

2013-02-08 04:37 . 2013-02-08 04:37 116536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys

2013-02-08 04:37 . 2013-02-08 04:37 311096 ----a-w- c:\windows\system32\drivers\avgloga.sys

2013-02-08 04:37 . 2013-02-08 04:37 71480 ----a-w- c:\windows\system32\drivers\avgidsha.sys

2013-02-08 04:37 . 2013-02-08 04:37 206136 ----a-w- c:\windows\system32\drivers\avgldx64.sys

2013-02-08 04:37 . 2013-02-08 04:37 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys

2013-02-07 12:15 . 2013-02-07 12:15 18456 ----a-w- c:\windows\system32\drivers\psi_mf_amd64.sys

2013-01-26 04:39 . 2013-01-26 04:39 895088 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll

2013-01-26 04:39 . 2013-01-26 04:39 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2013-01-26 04:39 . 2013-01-26 04:39 710992 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2013-01-24 21:43 . 2013-01-24 21:43 43216 ----a-w- c:\windows\system32\cmdcsr.dll

2013-01-24 21:43 . 2013-01-24 21:43 461384 ----a-w- c:\windows\system32\guard64.dll

2013-01-24 21:43 . 2013-01-24 21:43 354752 ----a-w- c:\windows\SysWow64\guard32.dll

2013-01-24 21:42 . 2013-01-24 21:42 45776 ----a-w- c:\windows\system32\cmdkbd64.dll

2013-01-24 21:42 . 2013-01-24 21:42 326352 ----a-w- c:\windows\system32\cmdvrt64.dll

2013-01-24 21:42 . 2013-01-24 21:42 40656 ----a-w- c:\windows\SysWow64\cmdkbd32.dll

2013-01-24 21:42 . 2013-01-24 21:42 263888 ----a-w- c:\windows\SysWow64\cmdvrt32.dll

2013-01-16 18:51 . 2013-01-16 18:51 95752 ----a-w- c:\windows\system32\drivers\inspect.sys

2013-01-16 18:51 . 2013-01-16 18:51 699880 ----a-w- c:\windows\system32\drivers\cmdguard.sys

2013-01-16 18:51 . 2013-01-16 18:51 48360 ----a-w- c:\windows\system32\drivers\cmdhlp.sys

2013-01-16 18:51 . 2013-01-16 18:51 23176 ----a-w- c:\windows\system32\drivers\cmderd.sys

2013-01-13 21:17 . 2013-02-27 19:16 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-01-13 21:17 . 2013-02-27 19:16 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-01-13 21:16 . 2013-02-27 19:16 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-01-13 21:12 . 2013-02-27 19:16 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-01-13 21:11 . 2013-02-27 19:16 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll

2013-01-13 21:11 . 2013-02-27 19:16 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-01-13 21:11 . 2013-02-27 19:16 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-01-13 21:11 . 2013-02-27 19:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll

2013-01-13 21:11 . 2013-02-27 19:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-01-13 20:35 . 2013-02-27 19:16 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-01-13 20:35 . 2013-02-27 19:16 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-01-13 20:35 . 2013-02-27 19:16 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-01-13 20:32 . 2013-02-27 19:16 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-01-13 20:31 . 2013-02-27 19:16 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-01-13 20:31 . 2013-02-27 19:16 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-01-13 20:31 . 2013-02-27 19:16 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-01-13 20:31 . 2013-02-27 19:16 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2013-01-13 20:31 . 2013-02-27 19:16 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-01-13 20:31 . 2013-02-27 19:16 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll

2013-01-13 20:22 . 2013-02-27 19:16 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll

2013-01-13 20:20 . 2013-02-27 19:16 293376 ----a-w- c:\windows\SysWow64\dxgi.dll

2013-01-13 20:09 . 2013-02-27 19:16 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll

2013-01-13 20:08 . 2013-02-27 19:16 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll

2013-01-13 20:08 . 2013-02-27 19:16 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll

2013-01-13 19:59 . 2013-02-27 19:16 1643520 ----a-w- c:\windows\system32\DWrite.dll

2013-01-13 19:58 . 2013-02-27 19:16 1175552 ----a-w- c:\windows\system32\FntCache.dll

2013-01-13 19:54 . 2013-02-27 19:16 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll

2013-01-13 19:53 . 2013-02-27 19:16 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll

2013-01-13 19:53 . 2013-02-27 19:16 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll

2013-01-13 19:51 . 2013-02-27 19:16 2565120 ----a-w- c:\windows\system32\d3d10warp.dll

2013-01-13 19:49 . 2013-02-27 19:16 363008 ----a-w- c:\windows\system32\dxgi.dll

2013-01-13 19:48 . 2013-02-27 19:16 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll

2013-01-13 19:46 . 2013-02-27 19:16 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll

2013-01-13 19:43 . 2013-02-27 19:16 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll

2013-01-13 19:38 . 2013-02-27 19:16 333312 ----a-w- c:\windows\system32\d3d10_1core.dll

2013-01-13 19:38 . 2013-02-27 19:16 1887232 ----a-w- c:\windows\system32\d3d11.dll

2013-01-13 19:38 . 2013-02-27 19:16 296960 ----a-w- c:\windows\system32\d3d10core.dll

2013-01-13 19:37 . 2013-02-27 19:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll

2013-01-13 19:25 . 2013-02-27 19:16 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll

2013-01-13 19:24 . 2013-02-27 19:16 648192 ----a-w- c:\windows\system32\d3d10level9.dll

2013-01-13 19:24 . 2013-02-27 19:16 221184 ----a-w- c:\windows\system32\UIAnimation.dll

2013-01-13 19:20 . 2013-02-27 19:16 194560 ----a-w- c:\windows\system32\d3d10_1.dll

2013-01-13 19:20 . 2013-02-27 19:16 1238528 ----a-w- c:\windows\system32\d3d10.dll

2013-01-13 19:15 . 2013-02-27 19:16 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll

2013-01-13 19:10 . 2013-02-27 19:16 3928064 ----a-w- c:\windows\system32\d2d1.dll

2013-01-13 19:02 . 2013-02-27 19:16 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll

2013-01-13 18:34 . 2013-02-27 19:16 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll

2013-01-13 18:32 . 2013-02-27 19:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll

2013-01-13 18:09 . 2013-02-27 19:16 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2013-01-13 17:26 . 2013-02-27 19:16 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll

2013-01-13 17:05 . 2013-02-27 19:16 1682432 ----a-w- c:\windows\system32\XpsPrint.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2013-03-29 11:06 1956016 ----a-w- c:\program files (x86)\AVG Secure Search\15.0.0.2\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

c:\program files (x86)\Vuze_Remote\prxtbVuze.dll [bU]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\15.0.0.2\AVG Secure Search_toolbar.dll" [2013-03-29 1956016]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-03-19 20:02 222808 ----a-w- c:\users\Hockaday Family\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-03-19 20:02 222808 ----a-w- c:\users\Hockaday Family\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-03-19 20:02 222808 ----a-w- c:\users\Hockaday Family\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]

"SkyDrive"="c:\users\Hockaday Family\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2013-03-19 256600]

"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE" [2012-02-28 283232]

"Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-11-13 3713032]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-06-21 341360]

"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-08-05 626792]

"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-02-03 506712]

"TouchPortalV3Launcher"="c:\program files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe" [2011-07-13 430184]

"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-03-13 4394032]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-03-29 1219248]

"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-01-30 450560]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]

"FUFAXRCV"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" [2012-04-03 502912]

"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2012-04-03 863360]

"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2012-04-02 1058912]

"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]

.

c:\users\Hockaday Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-2-7 575000]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys [x]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2013-02-27 4937264]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]

R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2013-02-07 660504]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]

R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-05-13 36328]

R3 bftpusbx64;BUFFALO TurboPC USB Filter;c:\windows\system32\drivers\bftpusbx64.sys [2010-10-21 20608]

R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]

R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-01-24 158928]

R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]

R3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.4.0;c:\windows\system32\drivers\libusb0.sys [2011-12-20 29184]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]

R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-31 1255736]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2013-02-08 71480]

S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2013-02-08 311096]

S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2013-02-08 116536]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2013-02-08 45880]

S0 bftpdskc64;BUFFALO TurboPC Cache Filter;c:\windows\system32\drivers\bftpdskc64.sys [2011-07-13 72016]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2013-02-26 246072]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2013-02-08 206136]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2013-02-14 239416]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-03-29 39768]

S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2013-01-16 23176]

S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2013-01-16 699880]

S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2013-01-16 48360]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-19 283200]

S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-08-26 22648]

S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-08-26 20520]

S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-08-26 62776]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-02-19 282624]

S2 bckd;bckd;c:\windows\system32\drivers\bckd.sys [2013-03-01 127216]

S2 bckwfs;Blue Coat K9 Web Protection;c:\program files\Blue Coat K9 Web Protection\k9filter.exe [2013-03-01 2649840]

S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [2013-03-29 70352]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [2013-03-28 2074768]

S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe [2011-12-12 135824]

S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-03-20 186200]

S2 GeekBuddyRSP;GeekBuddyRSP Service;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-03-13 1851088]

S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-27 1817088]

S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]

S2 NasPmService;NAS PM Service;c:\program files (x86)\BUFFALO\NASNAVI\nassvc.exe [2012-03-29 251760]

S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]

S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]

S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2013-02-07 1223704]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys [2010-06-17 297088]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]

S2 vToolbarUpdater15.0.0;vToolbarUpdater15.0.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [2013-03-29 990896]

S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-06-30 54784]

S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-06-30 77696]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]

S3 ITECIRfilter;ITECIR Filter Driver;c:\windows\system32\DRIVERS\ITECIRfilter.sys [2011-03-22 28264]

S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2013-02-25 2426672]

S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2013-03-23 82816]

S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys [2013-02-07 18456]

S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-01-12 333928]

S3 rtsuvc;Realtek USB 2.0 PC Camera;c:\windows\system32\DRIVERS\rtsuvc.sys [2011-07-05 8204904]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

.

Contents of the 'Scheduled Tasks' folder

.

2013-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 22:08]

.

2013-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-14 11:19]

.

2013-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-14 11:19]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-03-19 20:02 261704 ----a-w- c:\users\Hockaday Family\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-03-19 20:02 261704 ----a-w- c:\users\Hockaday Family\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-03-19 20:02 261704 ----a-w- c:\users\Hockaday Family\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TouchORB"="c:\program files (x86)\TouchSettings\TouchPortalOBR.exe" [2010-05-06 153416]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-21 12632168]

"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-07-13 2264168]

"TouchPortalV3Launcher"="c:\program files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe" [2011-07-13 430184]

"PLFSetL"="c:\windows\\PLFSetL.exe" [2007-07-05 94208]

"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-01-24 1451728]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService

FontCache

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.co.uk/

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{2DB28FE1-FD82-4058-A234-A18534AA8E49}: NameServer = 8.26.56.26,156.154.70.22

TCP: Interfaces\{735EEFB0-AA04-4325-A8FA-900DC5D8B50E}: NameServer = 8.26.56.26,156.154.70.22

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.0.0\ViProtocol.dll

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB

DPF: {0A43D7AC-D6C1-4622-B309-BF975F427C0E} - hxxps://internetbankingplus1.firstdirect.com/ibplus/frontdoorFD.cab

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Notify-SDWinLogon - SDWinLogon.dll

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE

AddRemove-Vuze_Remote Toolbar - c:\program files (x86)\Vuze_Remote\uninstall.exe

AddRemove-WorkMobile - c:\windows\system32\javaws.exe

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\DbgagD\1*]

"value"="?\02\06\12\08*\00?"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2013-04-13 01:31:06

ComboFix-quarantined-files.txt 2013-04-13 00:31

ComboFix2.txt 2013-04-12 23:39

ComboFix3.txt 2013-04-12 22:52

.

Pre-Run: 410,278,539,264 bytes free

Post-Run: 412,952,559,616 bytes free

.

- - End Of File - - F99246E2CC2D22AA966BA60B88E8A3BF

Tomk1 · April 13, 2013

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

Flush DNS
List content of Hosts
List last 10 Event Viewer log

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

StixUK · April 14, 2013

MiniToolBox by Farbar Version:05-03-2013

Ran by Hockaday Family (administrator) on 14-04-2013 at 17:06:24

Running from "C:\Users\Hockaday Family\Desktop"

Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= Event log errors: ===============================

Application errors:

==================

Error: (04/14/2013 04:24:26 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2013 04:22:09 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2013 01:19:46 AM) (Source: CVHSVC) (User: )

Description: Information only.

(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved

Error: (04/13/2013 01:09:58 AM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.

.

Error: (04/13/2013 01:09:58 AM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.

.

Error: (04/13/2013 01:09:58 AM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.

.

Error: (04/13/2013 01:09:58 AM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.

.

Error: (04/13/2013 01:09:58 AM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.

.

Error: (04/13/2013 01:09:58 AM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.

.

Error: (04/13/2013 01:09:58 AM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.

.

System errors:

=============

Error: (04/14/2013 04:24:26 PM) (Source: Service Control Manager) (User: )

Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error:

%%1056

Error: (04/14/2013 04:23:26 PM) (Source: Service Control Manager) (User: )

Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error:

%%1056