Jump to content

Recommended Posts

I've run every scanner under the planet and cannot find a Malware issue with my computer. However, it takes forever to load likely a minute before I can login. Then I sit with a dark screen after I log in for a good 2 to 3 minutes before the background appears and total boot time is likely 10 minutes or more before my Kaspersky Anti-Virus loads. So I am hoping someone here is able to help me out and figure out what is wrong with my computer. I've run Malwarebytes quick scan as instructed and it found:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.12.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Rob :: ROB-HP [administrator]

11/01/2014 11:27:41 PM
mbam-log-2014-01-11 (23-27-41).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218965
Time elapsed: 7 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\$RECYCLE.BIN\S-1-5-21-959301981-1969409258-687824811-1001\$RL8MLU8.exe (PUP.Optional.InstallCore) -> Quarantined and deleted successfully.

(end)
 

The DDS log:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by Rob at 23:35:55 on 2014-01-11
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.2.1033.18.8087.4315 [GMT -7:00]
.
AV: Kaspersky PURE 3.0 *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Spybot - Search and Destroy *Enabled/Updated* {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
SP: Kaspersky PURE 3.0 *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky PURE 3.0 *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\stacsv64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\SysWow64\perfhost.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDOnAccess.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Users\Rob\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Users\Rob\AppData\Local\Akamai\netsession_win.exe
C:\Users\Rob\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\Rob\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\Intel\Intel® Update Manager\bin\ismagent.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Helper.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_39.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_39.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyServer = localhost:8080
mWinlogon: Userinit = userinit.exe,
BHO: Kaspersky Passsword Manager Toolbar: {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB: Kaspersky Passsword Manager Toolbar: {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
uRun: [GarminExpressTrayApp] c:\program files (x86)\garmin\express tray\expresstray.exe
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Octoshape Streaming Services] "C:\Users\Rob\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
uRun: [FileHippo.com] "c:\program files (x86)\filehippo.com\updatechecker.exe" /background
uRun: [Akamai NetSession Interface] c:\users\rob\appdata\local\akamai\netsession_win.exe
uRun: [CAHeadless] c:\program files (x86)\adobe\elements 10 organizer\caheadless\elementsautoanalyzer.exe
uRun: [skyDrive] "c:\users\rob\appdata\local\microsoft\skydrive\skydrive.exe" /background
mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
dRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
StartupFolder: C:\Users\Rob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\UPDATE~1.LNK - C:\Program Files (x86)\Update Notifier\updatenotifier.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:32
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:24
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm
IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.


TCP: NameServer = 172.16.1.254
TCP: Interfaces\{1ECDEE0A-80B3-4ADE-9652-6216000CAA73} : NameServer = 208.122.23.22,208.122.23.23
TCP: Interfaces\{1ECDEE0A-80B3-4ADE-9652-6216000CAA73} : DHCPNameServer = 172.16.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: livecall - <Clsid value has no data>
Handler: msnim - <Clsid value has no data>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\windows\syswow64\nvinit.dll, C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [bLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [iAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [Adobe ARM] c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
x64-Run: [Adobe Creative Cloud] "c:\program files (x86)\adobe\adobe creative cloud\acc\creative cloud.exe" --showwindow=false --onosstartup=true
x64-Run: [AdobeCS6ServiceManager] "c:\program files (x86)\common files\adobe\cs6servicemanager\cs6servicemanager.exe" -launchedbylogin
x64-Run: [APSDaemon] c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe
x64-Run: [EEventManager] c:\program files (x86)\epson software\event manager\eeventmanager.exe
x64-Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\x64\3\ekij5000mui.exe
x64-Run: [EKStatusMonitor] c:\program files (x86)\kodak\aio\statusmonitor\ekstatusmonitor.exe
x64-Run: [HP Quick Launch] c:\program files (x86)\hewlett-packard\hp quick launch\hpmsgsvc.exe
x64-Run: [QuickTime Task] "c:\program files (x86)\quicktime\qttask.exe" -atboottime
x64-Run: [sDTray] c:\program files (x86)\spybot - search & destroy 2\sdtray.exe
x64-Run: [switchBoard] c:\program files (x86)\common files\adobe\switchboard\switchboard.exe
x64-Run: [igfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: livecall - <Clsid value has no data>
x64-Handler: msnim - <Clsid value has no data>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1    www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect64.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npIdfPlugin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npPitPlugin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_39.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\System32\drivers\CSCrySec.sys [2013-5-4 84536]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-9-27 630632]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-9-27 28008]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2011-12-5 16152]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2014-1-7 32544]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-2-29 55856]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\System32\drivers\CSVirtualDiskDrv.sys [2013-5-4 66616]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-10-18 54368]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]
R1 SDHookDriver;Hook Test Driver;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [2013-12-25 63904]
R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-14 169624]
R2 avp;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [2012-12-20 356128]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-11-6 1120192]
R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-11-6 1361856]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-11-6 1140672]
R2 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2012-12-21 819040]
R2 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-11-8 250712]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-9-27 15720]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-9-10 131544]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-9-10 169432]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2013-3-15 395640]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-1-15 780152]
R2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-1 2151744]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-17 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-8-20 15129376]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-12-25 3666392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-12-25 2729432]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-12-25 171928]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-11-4 1228504]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2012-8-3 2711160]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2013-8-28 3378416]
R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2012-10-22 87424]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2012-10-30 131968]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2012-11-6 1345920]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2013-11-16 40896]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2013-11-29 228408]
R3 hswpan;WPAN Driver;C:\Windows\System32\drivers\hswpan.sys [2011-12-7 108288]
R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2012-8-6 68136]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-11-1 169752]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-12-13 449496]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2011-12-5 355096]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2011-12-5 785688]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2013-9-10 25528]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-9-3 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-9-3 29280]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-12-17 39200]
R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-11-4 18456]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-10-11 883928]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2013-10-25 34544]
R3 usb3Hub;UoIP Hub;C:\Windows\System32\drivers\usb3Hub.sys [2013-6-20 206744]
R3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-9-5 227936]
S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-11-4 660184]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S2 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-7-18 198144]
S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2012-7-20 31744]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-10-1 57840]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-11 111616]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-8-28 273136]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 qcusbser;ACER Android USB Device for Legacy Serial Communication;C:\Windows\System32\drivers\qcusbser.sys [2012-7-20 120960]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-27 19456]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-9-10 259688]
S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2011-10-13 20016]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-11-1 16152]
S3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2012-7-16 401256]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-13 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-27 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-3 1255736]
.
=============== Created Last 30 ================
.
2383-07-17 22:09:55    64624    ----a-w-    C:\Windows\System32\drivers\HECIx64.sys
2014-01-12 06:26:01    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-01-12 06:26:01    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-11 10:52:31    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C932E157-D554-47FA-82E3-EB3A4361B439}\offreg.dll
2014-01-11 02:00:38    10315576    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C932E157-D554-47FA-82E3-EB3A4361B439}\mpengine.dll
2014-01-08 06:36:42    0    ----a-w-    C:\Windows\SysWow64\FAP9A73.tmp
2014-01-08 06:28:56    --------    d-----w-    C:\Windows\SysWow64\NV
2014-01-08 06:28:56    --------    d-----w-    C:\Windows\System32\NV
2014-01-08 06:22:51    --------    d-----w-    C:\NVIDIA
2014-01-08 06:21:02    0    ----a-w-    C:\Windows\SysWow64\FAP415A.tmp
2014-01-08 06:21:02    0    ----a-w-    C:\Windows\SysWow64\FAP4129.tmp
2014-01-08 06:21:02    0    ----a-w-    C:\Windows\SysWow64\FAP40F8.tmp
2014-01-08 06:20:53    0    ----a-w-    C:\Windows\SysWow64\FAP1F62.tmp
2014-01-08 06:20:53    0    ----a-w-    C:\Windows\SysWow64\FAP1F32.tmp
2014-01-08 06:20:53    0    ----a-w-    C:\Windows\SysWow64\FAP1F01.tmp
2014-01-08 06:19:00    0    ----a-w-    C:\Windows\SysWow64\FAP66F6.tmp
2014-01-08 06:18:58    0    ----a-w-    C:\Windows\SysWow64\FAP5C89.tmp
2014-01-08 06:18:49    0    ----a-w-    C:\Windows\SysWow64\FAP397D.tmp
2014-01-08 06:18:49    0    ----a-w-    C:\Windows\SysWow64\FAP392D.tmp
2014-01-08 06:18:49    0    ----a-w-    C:\Windows\SysWow64\FAP390C.tmp
2014-01-08 06:18:48    0    ----a-w-    C:\Windows\SysWow64\FAP3764.tmp
2014-01-08 06:18:40    0    ----a-w-    C:\Windows\SysWow64\FAP1938.tmp
2014-01-08 06:15:17    0    ----a-w-    C:\Windows\SysWow64\FAPFE28.tmp
2014-01-08 06:08:58    0    ----a-w-    C:\Windows\SysWow64\FAP37AC.tmp
2014-01-08 06:00:31    0    ----a-w-    C:\Windows\SysWow64\FAP77A6.tmp
2014-01-08 05:59:00    0    ----a-w-    C:\Windows\SysWow64\FAP148E.tmp
2014-01-08 05:59:00    0    ----a-w-    C:\Windows\SysWow64\FAP145E.tmp
2014-01-08 05:59:00    0    ----a-w-    C:\Windows\SysWow64\FAP143C.tmp
2014-01-08 05:58:53    0    ----a-w-    C:\Windows\SysWow64\FAPFB0F.tmp
2014-01-08 05:58:53    0    ----a-w-    C:\Windows\SysWow64\FAPFADF.tmp
2014-01-08 05:58:45    0    ----a-w-    C:\Windows\SysWow64\FAPDC36.tmp
2014-01-08 05:58:45    0    ----a-w-    C:\Windows\SysWow64\FAPDB2B.tmp
2014-01-08 05:57:19    0    ----a-w-    C:\Windows\SysWow64\FAP8CEA.tmp
2014-01-08 05:57:19    0    ----a-w-    C:\Windows\SysWow64\FAP8B43.tmp
2014-01-08 05:57:18    0    ----a-w-    C:\Windows\SysWow64\FAP8844.tmp
2014-01-08 05:57:18    0    ----a-w-    C:\Windows\SysWow64\FAP8814.tmp
2014-01-08 05:57:18    0    ----a-w-    C:\Windows\SysWow64\FAP8802.tmp
2014-01-08 05:57:11    0    ----a-w-    C:\Windows\SysWow64\FAP6D4F.tmp
2014-01-08 05:57:11    0    ----a-w-    C:\Windows\SysWow64\FAP6D1E.tmp
2014-01-08 05:54:58    0    ----a-w-    C:\Windows\SysWow64\FAP6485.tmp
2014-01-08 05:50:26    0    ----a-w-    C:\Windows\SysWow64\FAP3FD3.tmp
2014-01-08 05:50:26    0    ----a-w-    C:\Windows\SysWow64\FAP3FB2.tmp
2014-01-08 05:50:26    0    ----a-w-    C:\Windows\SysWow64\FAP3F81.tmp
2014-01-08 05:50:21    0    ----a-w-    C:\Windows\SysWow64\FAP2AC7.tmp
2014-01-08 05:50:21    0    ----a-w-    C:\Windows\SysWow64\FAP298D.tmp
2014-01-08 05:50:21    0    ----a-w-    C:\Windows\SysWow64\FAP28EF.tmp
2014-01-08 05:50:20    0    ----a-w-    C:\Windows\SysWow64\FAP2526.tmp
2014-01-08 05:34:27    0    ----a-w-    C:\Windows\SysWow64\FAP9ADF.tmp
2014-01-08 05:34:25    0    ----a-w-    C:\Windows\SysWow64\FAP9320.tmp
2014-01-08 05:32:11    0    ----a-w-    C:\Windows\SysWow64\FAP879A.tmp
2014-01-08 05:31:52    0    ----a-w-    C:\Windows\SysWow64\FAP3D01.tmp
2014-01-08 05:22:19    0    ----a-w-    C:\Windows\SysWow64\FAP7F2D.tmp
2014-01-08 05:20:27    0    ----a-w-    C:\Windows\SysWow64\FAPCC50.tmp
2014-01-08 05:20:19    0    ----a-w-    C:\Windows\SysWow64\FAPAA1F.tmp
2014-01-08 05:16:12    0    ----a-w-    C:\Windows\SysWow64\FAPE6BF.tmp
2014-01-08 02:55:49    0    ----a-w-    C:\Windows\SysWow64\FAP5E88.tmp
2014-01-08 02:55:48    0    ----a-w-    C:\Windows\SysWow64\FAP5C64.tmp
2014-01-08 02:52:01    0    ----a-w-    C:\Windows\SysWow64\FAPE6B6.tmp
2014-01-08 02:15:22    0    ----a-w-    C:\Windows\SysWow64\FAP56D4.tmp
2014-01-08 02:06:50    0    ----a-w-    C:\Windows\SysWow64\FAP8791.tmp
2013-12-29 08:04:34    225280    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-12-29 08:04:34    176128    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-12-29 08:04:33    77824    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-12-29 08:04:33    32768    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-12-29 08:01:53    61440    ----a-r-    C:\Users\Rob\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe
2013-12-29 08:01:14    --------    d-----w-    C:\Windows\Downloaded Installations
2013-12-29 07:59:41    --------    d-----w-    C:\Program Files (x86)\Common Files\Nikon
2013-12-29 07:59:25    --------    d-----w-    C:\ProgramData\Importer
2013-12-29 07:57:14    --------    d-----w-    C:\Program Files\Common Files\Nikon
2013-12-29 07:57:14    --------    d-----w-    C:\Program Files (x86)\Nikon
2013-12-29 07:57:13    --------    d-----w-    C:\Program Files\Nikon
2013-12-29 07:56:46    --------    d-----w-    C:\ProgramData\Jazz
2013-12-29 07:56:42    --------    d-----w-    C:\ProgramData\Hybrid Synthesizers
2013-12-29 07:54:12    --------    d-----w-    C:\ProgramData\Sample Delay
2013-12-29 06:10:04    --------    d-----w-    C:\Windows\SysWow64\%LOCALAPPDATA%
2013-12-26 05:35:38    21040    ----a-w-    C:\Windows\System32\sdnclean64.exe
2013-12-22 02:40:13    --------    d-----w-    C:\Program Files (x86)\Evernote
2013-12-18 02:18:39    39200    ----a-w-    C:\Windows\System32\drivers\nvvad64v.sys
2013-12-18 02:18:39    32544    ----a-w-    C:\Windows\SysWow64\nvaudcap32v.dll
2013-12-18 01:41:47    17294728    ----a-w-    C:\Windows\SysWow64\FlashPlayerInstaller.exe
.
==================== Find3M  ====================
.
2014-01-12 05:51:29    16152    ----a-w-    C:\Windows\System32\drivers\SWDUMon.sys
2013-12-29 07:56:01    106496    ----a-w-    C:\Windows\SysWow64\ATL71.DLL
2013-12-19 18:53:46    6671648    ----a-w-    C:\Windows\System32\nvcpl.dll
2013-12-19 18:53:46    3490080    ----a-w-    C:\Windows\System32\nvsvc64.dll
2013-12-19 18:53:44    922912    ----a-w-    C:\Windows\System32\nvvsvc.exe
2013-12-19 18:53:44    67072    ----a-w-    C:\Windows\System32\nv3dappshextr.dll
2013-12-19 18:53:44    63776    ----a-w-    C:\Windows\System32\nvshext.dll
2013-12-19 18:53:44    386336    ----a-w-    C:\Windows\System32\nvmctray.dll
2013-12-19 18:53:44    2559776    ----a-w-    C:\Windows\System32\nvsvcr.dll
2013-12-19 18:53:44    1065248    ----a-w-    C:\Windows\System32\nv3dappshext.dll
2013-12-19 05:01:48    3539040    ----a-w-    C:\Windows\System32\nvcoproc.bin
2013-12-18 23:58:34    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-18 23:58:34    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-10 02:13:11    982232    ----a-w-    C:\Windows\SysWow64\nvspcap.dll
2013-12-10 02:13:01    1100248    ----a-w-    C:\Windows\System32\nvspcap64.dll
2013-12-05 08:42:26    35104    ----a-w-    C:\Windows\System32\nvaudcap64v.dll
2013-11-30 06:27:03    85016    ---ha-w-    C:\Windows\System32\drivers\PROCMON23.SYS
2013-11-26 19:25:52    267936    ------w-    C:\Windows\System32\MpSigStub.exe
2013-11-26 10:19:07    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ----a-w-    C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-11-23 19:26:48    1884448    ----a-w-    C:\Windows\System32\nvdispco6433193.dll
2013-11-23 19:26:48    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6433193.dll
2013-11-23 18:26:20    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
2013-11-14 11:58:09    1884448    ----a-w-    C:\Windows\System32\nvdispco6433182.dll
2013-11-14 11:58:09    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6433182.dll
2013-11-14 06:59:52    83968    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2013-11-14 06:59:52    13824    ----a-w-    C:\Windows\System32\mshta.exe
2013-11-14 06:59:51    48128    ----a-w-    C:\Windows\System32\imgutil.dll
2013-11-12 02:23:09    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-11-12 02:07:29    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2013-11-04 12:42:02    18456    ----a-w-    C:\Windows\System32\drivers\psi_mf_amd64.sys
2013-10-30 02:32:01    335360    ----a-w-    C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52    301568    ----a-w-    C:\Windows\SysWow64\msieftp.dll
2013-10-30 01:24:31    3155968    ----a-w-    C:\Windows\System32\win32k.sys
2013-10-26 01:36:28    549104    ----a-w-    C:\Windows\System32\drivers\SynTP.sys
2013-10-26 01:36:26    34544    ----a-w-    C:\Windows\System32\drivers\Smb_driver_Intel.sys
2013-10-26 01:36:24    422640    ----a-w-    C:\Windows\System32\SynTPCo19.dll
2013-10-26 01:36:24    169712    ----a-w-    C:\Windows\SysWow64\SynTPCom.dll
2013-10-26 01:36:22    400624    ----a-w-    C:\Windows\SysWow64\SynCom.dll
2013-10-26 01:36:22    252144    ----a-w-    C:\Windows\System32\SynTPAPI.dll
2013-10-26 01:36:20    723184    ----a-w-    C:\Windows\System32\SynCOM.dll
2013-10-26 00:37:44    161880    ----a-w-    C:\Windows\System32\pca-manta.bin
2013-10-24 13:10:24    357432    ----a-w-    C:\Windows\SysWow64\LavasoftProxy.dll
2013-10-24 13:04:44    450616    ----a-w-    C:\Windows\System32\LavasoftProxy64.dll
2013-10-23 10:30:23    1884448    ----a-w-    C:\Windows\System32\nvdispco6433165.dll
2013-10-23 10:30:23    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6433165.dll
2013-10-21 01:38:08    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-21 01:10:21    108968    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2013-10-21 00:55:34    29280    ----a-w-    C:\Windows\System32\drivers\klmouflt.sys
2013-10-21 00:55:34    29280    ----a-w-    C:\Windows\System32\drivers\klkbdflt.sys
2013-10-21 00:55:32    90208    ----a-w-    C:\Windows\System32\drivers\klflt.sys
2013-10-21 00:55:31    7717984    ----a-w-    C:\Windows\System32\drivers\kl1.sys
2013-10-19 02:18:57    81408    ----a-w-    C:\Windows\System32\imagehlp.dll
2013-10-19 01:36:59    159232    ----a-w-    C:\Windows\SysWow64\imagehlp.dll
2013-10-16 00:48:05    1884448    ----a-w-    C:\Windows\System32\nvdispco6433158.dll
2013-10-16 00:48:05    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6433158.dll
.
============= FINISH: 23:36:08.40 ===============
 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 30/09/2012 11:31:55 AM
System Uptime: 11/01/2014 10:46:43 PM (1 hours ago)
.
Motherboard: Hewlett-Packard |  | 181B
Processor: Intel® Core i7-3610QM CPU @ 2.30GHz | U3E1 | 2301/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 903 GiB total, 773.91 GiB free.
D: is FIXED (NTFS) - 28 GiB total, 2.933 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 0 GiB total, 0.073 GiB free.
G: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP262: 05/01/2014 11:17:57 PM - Windows Update
RP263: 10/01/2014 6:55:59 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Acrobat 8 Professional - English, Français, Deutsch
Adobe Acrobat 8.3.1 - CPSID_83708
Adobe Acrobat 8.3.1 Professional
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe AIR
Adobe Bridge CC (64 Bit)
Adobe Creative Cloud
Adobe Creative Suite 6 Design Standard
Adobe Download Assistant
Adobe Edge Animate CC
Adobe Edge Code CC
Adobe Edge Inspect CC
Adobe Edge Reflow CC Preview
Adobe Exchange Panel
Adobe ExtendScript Toolkit CC
Adobe Extension Manager CC
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Gaming SDK 1.2
Adobe Gaming SDK 1.3
Adobe Help Manager
Adobe Photoshop Elements 10
Adobe Premiere Elements 10
Adobe Reader XI (11.0.05)
Adobe Scout CC
Adobe Shockwave Player 12.0
Adobe Touch App Plugins
Adobe® Content Viewer
aioprnt
aioscnnr
Akamai NetSession Interface
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Panorama Maker 6
AuthenTec TrueAPI 64-bit
Away Builder
Blackhawk Striker 2
Blio
Bonjour
C4USelfUpdater
CCleaner
center
Chuzzle Deluxe
Cradle of Rome 2
CyberLink YouCam 5
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dora's World Adventure
Elements 10 Organizer
Elevated Installer
Epson Event Manager
EPSON NX620 Series Printer Uninstall
EPSON NX635 Series Printer Uninstall
EPSON Scan
EpsonNet Print
EpsonNet Setup 3.3
essentials
ESU for Microsoft Windows 7 SP1
Evernote v. 5.1
Farm Frenzy
Farmscapes
FATE
File Shredder 2.5
FileHippo.com Update Checker
Final Drive Fury
FrostWire 5.6.8
Galerie de photos Windows Live
Garmin Communicator Plugin
Garmin Communicator Plugin x64
Garmin Express
Garmin Express Tray
Garmin USB Drivers
Garmin WebUpdater
GeForce Experience NvStream Client Components
Hewlett-Packard ACLM.NET v1.2.1.1
HijackThis 1.99.1
Hoyle Card Games
HP 3D DriveGuard
HP Auto
HP Client Services
HP CoolSense
HP Customer Experience Enhancements
HP Documentation
HP Games
HP IDF Software
HP Launch Box
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Quick Launch Buttons
HP Recovery Manager
HP Security Assistant
HP Setup
HP Setup Manager
HP Software Framework
iCloud
IDT Audio
Intel® Control Center
Intel® Manageability Engine Firmware Recovery Agent
Intel® Management Engine Components
Intel® PRO/Wireless Driver
Intel® Processor Graphics
Intel® PROSet/Wireless Software for Bluetooth® Technology
Intel® Rapid Storage Technology
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Update Manager
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® WiDi
Intel® Wireless Music device driver
Intel® PROSet/Wireless Software
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
iTunes
Java 7 Update 45
Java 7 Update 45 (64-bit)
John Deere Drive Green
Junk Mail filter update
Kaspersky PURE 3.0
Kodak AIO Printer
KODAK AiO Software
Luxor HD
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Movie Maker
Mozilla Firefox 25.0 (x86 en-US)
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 27.0 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
Nikon Message Center 2
Nikon Movie Editor
NVIDIA Control Panel 332.21
NVIDIA GeForce Experience 1.8.1
NVIDIA Graphics Driver 332.21
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA Optimus Update 10.11.15
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 10.11.15
NVIDIA Update 10.11.15
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.19
ocr
Octoshape Streaming Services
OpenAL
OpenBVE TTC YUS V3
OpenBVE v1.4.2
opensource
PDF Settings CS6
Penguins!
Photo Common
Photo Gallery
Picture Control Utility x64
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
Polar Bowler
Polar Golfer
PRE10STI64Installer
PreReq
PrintProjects
PSE10 STI Installer
QLBCASL
QuickTime
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
RollerCoaster Tycoon 3: Platinum
Secunia PSI (3.0.0.9015)
Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 64-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
SHIELD Streaming
Should I Remove It
Skype™ 6.11
SlimCleaner
SlimDrivers
Spybot - Search & Destroy
swMSM
Synaptics Pointing Device Driver
System Requirements Lab for Intel
Torchlight
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition
Update Installer for WildTangent Games App
Update Notifier
Validity Sensors DDK
Validity WBF DDK
VBA (2627.01)
ViewNX 2
Virtual Villagers 4 - The Tree of Life
VLC media player 2.1.1
VLC media player 2.1.2
WildTangent Games
WildTangent Games App
WildTangent Games App for HP
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0)
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinRAR 5.01 (64-bit)
Yahoo! Messenger
Yahoo! Software Update
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
11/01/2014 10:54:48 PM, Error: Service Control Manager [7023]  - The GamesAppIntegrationService service terminated with the following error:  %%-2147467259
11/01/2014 10:51:01 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Adobe SwitchBoard service to connect.
11/01/2014 10:51:01 PM, Error: Service Control Manager [7000]  - The Adobe SwitchBoard service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/01/2014 10:50:51 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
11/01/2014 10:50:51 PM, Error: Service Control Manager [7000]  - The Spybot-S&D 2 Scanner Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/01/2014 10:50:48 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
11/01/2014 10:49:44 PM, Error: Service Control Manager [7003]  - The Net.Tcp Listener Adapter service depends the following service: was. This service might not be installed.
11/01/2014 10:49:44 PM, Error: Service Control Manager [7003]  - The Net.Pipe Listener Adapter service depends the following service: was. This service might not be installed.
11/01/2014 10:49:44 PM, Error: Service Control Manager [7003]  - The Net.Msmq Listener Adapter service depends the following service: msmq. This service might not be installed.
11/01/2014 10:49:34 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect.
11/01/2014 10:49:34 PM, Error: Service Control Manager [7000]  - The HP Software Framework Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
10/01/2014 7:01:54 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.165.1564.0).
10/01/2014 6:40:04 PM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
08/01/2014 10:39:50 PM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
08/01/2014 10:29:09 PM, Error: Service Control Manager [7034]  - The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly.  It has done this 1 time(s).
08/01/2014 10:21:57 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service.
08/01/2014 10:21:27 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
07/01/2014 3:41:09 PM, Error: Service Control Manager [7034]  - The Secunia PSI Agent service terminated unexpectedly.  It has done this 1 time(s).
05/01/2014 11:09:16 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
05/01/2014 10:56:01 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
05/01/2014 10:56:01 PM, Error: Service Control Manager [7000]  - The Garmin Core Update Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
04/01/2014 11:15:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.165.1076.0).
04/01/2014 11:10:37 PM, Error: Service Control Manager [7022]  - The Windows Defender service hung on starting.
.
==== End Of File ===========================
 

My Hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 11:39:07 PM, on 11/01/2014
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Users\Rob\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Users\Rob\AppData\Local\Akamai\netsession_win.exe
C:\Users\Rob\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\Rob\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\Intel\Intel® Update Manager\bin\ismagent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_39.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_39.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/4
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~2.0\KASPER~2\spIEBho.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~2.0\KASPER~2\spIEBho.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKCU\..\Run: [GarminExpressTrayApp] c:\program files (x86)\garmin\express tray\expresstray.exe
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\Rob\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [FileHippo.com] "c:\program files (x86)\filehippo.com\updatechecker.exe" /background
O4 - HKCU\..\Run: [Akamai NetSession Interface] c:\users\rob\appdata\local\akamai\netsession_win.exe
O4 - HKCU\..\Run: [CAHeadless] c:\program files (x86)\adobe\elements 10 organizer\caheadless\elementsautoanalyzer.exe
O4 - HKCU\..\Run: [skyDrive] "c:\users\rob\appdata\local\microsoft\skydrive\skydrive.exe" /background
O4 - Startup: Update Notifier.lnk = C:\Program Files (x86)\Update Notifier\updatenotifier.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm

O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0








O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html

O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
O9 - Extra button: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\bonjour\mdnsnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [iNTERNATIONAL] International
O13 - Gopher Prefix:
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - http://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1ECDEE0A-80B3-4ADE-9652-6216000CAA73}: NameServer = 208.122.23.22,208.122.23.23
O17 - HKLM\System\CS1\Services\Tcpip\..\{1ECDEE0A-80B3-4ADE-9652-6216000CAA73}: NameServer = 208.122.23.22,208.122.23.23
O17 - HKLM\System\CS2\Services\Tcpip\..\{1ECDEE0A-80B3-4ADE-9652-6216000CAA73}: NameServer = 208.122.23.22,208.122.23.23
O18 - Protocol: livecall - (no CLSID) - (no file)
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - (no file)
O18 - Protocol: msnim - (no CLSID) - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll, C:\Windows\SysWOW64\nvinit.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service (avp) - Unknown owner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe" -r (file missing)
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
O23 - Service: Kodak AiO Status Monitor Service - Eastman Kodak Company - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195 (NetMsmqActivator) - Unknown owner - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Secunia PSI Agent - Unknown owner - C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service (file missing)
O23 - Service: Secunia Update Agent - Unknown owner - C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\stacsv64.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TrueAPI Service component (TrueService) - AuthenTec, Inc. - C:\Program Files\Common Files\AuthenTec\TrueService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
 

Link to post
Share on other sites

Hello Shootmaster_44 and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
P2P/Piracy Warning:

If you're using Peer 2 Peer software such as FrostWire or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Please generate a new fresh DDS log files.

Link to post
Share on other sites

Here's the DDS.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by Rob at 18:31:05 on 2014-01-12
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.2.1033.18.8087.4083 [GMT -7:00]
.
AV: Kaspersky PURE 3.0 *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Spybot - Search and Destroy *Enabled/Updated* {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
SP: Kaspersky PURE 3.0 *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky PURE 3.0 *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\stacsv64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\SysWow64\perfhost.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\Rob\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
C:\Users\Rob\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
C:\Users\Rob\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Rob\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyServer = localhost:8080
mWinlogon: Userinit = userinit.exe,
BHO: Kaspersky Passsword Manager Toolbar: {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB: Kaspersky Passsword Manager Toolbar: {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
uRun: [GarminExpressTrayApp] c:\program files (x86)\garmin\express tray\expresstray.exe
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Octoshape Streaming Services] "C:\Users\Rob\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
uRun: [FileHippo.com] "c:\program files (x86)\filehippo.com\updatechecker.exe" /background
uRun: [Akamai NetSession Interface] c:\users\rob\appdata\local\akamai\netsession_win.exe
uRun: [CAHeadless] c:\program files (x86)\adobe\elements 10 organizer\caheadless\elementsautoanalyzer.exe
uRun: [skyDrive] "c:\users\rob\appdata\local\microsoft\skydrive\skydrive.exe" /background
mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
dRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
StartupFolder: C:\Users\Rob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\UPDATE~1.LNK - C:\Program Files (x86)\Update Notifier\updatenotifier.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:32
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:24
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm
IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.


TCP: NameServer = 172.16.1.254
TCP: Interfaces\{1ECDEE0A-80B3-4ADE-9652-6216000CAA73} : NameServer = 208.122.23.22,208.122.23.23
TCP: Interfaces\{1ECDEE0A-80B3-4ADE-9652-6216000CAA73} : DHCPNameServer = 172.16.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: livecall - <Clsid value has no data>
Handler: msnim - <Clsid value has no data>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\windows\syswow64\nvinit.dll, C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [bLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [iAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [Adobe ARM] c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
x64-Run: [Adobe Creative Cloud] "c:\program files (x86)\adobe\adobe creative cloud\acc\creative cloud.exe" --showwindow=false --onosstartup=true
x64-Run: [AdobeCS6ServiceManager] "c:\program files (x86)\common files\adobe\cs6servicemanager\cs6servicemanager.exe" -launchedbylogin
x64-Run: [APSDaemon] c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe
x64-Run: [EEventManager] c:\program files (x86)\epson software\event manager\eeventmanager.exe
x64-Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\x64\3\ekij5000mui.exe
x64-Run: [EKStatusMonitor] c:\program files (x86)\kodak\aio\statusmonitor\ekstatusmonitor.exe
x64-Run: [HP Quick Launch] c:\program files (x86)\hewlett-packard\hp quick launch\hpmsgsvc.exe
x64-Run: [QuickTime Task] "c:\program files (x86)\quicktime\qttask.exe" -atboottime
x64-Run: [sDTray] c:\program files (x86)\spybot - search & destroy 2\sdtray.exe
x64-Run: [switchBoard] c:\program files (x86)\common files\adobe\switchboard\switchboard.exe
x64-Run: [igfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: livecall - <Clsid value has no data>
x64-Handler: msnim - <Clsid value has no data>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1    www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect64.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npIdfPlugin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npPitPlugin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_39.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\System32\drivers\CSCrySec.sys [2013-5-4 84536]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-9-27 630632]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-9-27 28008]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2011-12-5 16152]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2014-1-7 32544]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-2-29 55856]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\System32\drivers\CSVirtualDiskDrv.sys [2013-5-4 66616]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-10-18 54368]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]
R1 SDHookDriver;Hook Test Driver;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [2013-12-25 63904]
R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-14 169624]
R2 avp;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [2012-12-20 356128]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-11-6 1120192]
R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-11-6 1361856]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-11-6 1140672]
R2 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2012-12-21 819040]
R2 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-11-8 250712]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-9-27 15720]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-9-10 131544]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-9-10 169432]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2013-3-15 395640]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-1-15 780152]
R2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-1 2151744]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-17 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-8-20 15129376]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-12-25 3666392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-12-25 2729432]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-12-25 171928]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-11-4 1228504]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2012-8-3 2711160]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2013-8-28 3378416]
R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2012-10-22 87424]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2012-10-30 131968]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2012-11-6 1345920]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2013-11-16 40896]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2013-11-29 228408]
R3 hswpan;WPAN Driver;C:\Windows\System32\drivers\hswpan.sys [2011-12-7 108288]
R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2012-8-6 68136]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-11-1 169752]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-12-13 449496]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2011-12-5 355096]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2011-12-5 785688]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2013-9-10 25528]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-9-3 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-9-3 29280]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-12-17 39200]
R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-11-4 18456]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-10-11 883928]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2013-10-25 34544]
R3 usb3Hub;UoIP Hub;C:\Windows\System32\drivers\usb3Hub.sys [2013-6-20 206744]
R3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-9-5 227936]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-1-11 418376]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-11 701512]
S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-11-4 660184]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S2 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-7-18 198144]
S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2012-7-20 31744]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-10-1 57840]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-11 111616]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-1-11 25928]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-8-28 273136]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 qcusbser;ACER Android USB Device for Legacy Serial Communication;C:\Windows\System32\drivers\qcusbser.sys [2012-7-20 120960]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-27 19456]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-9-10 259688]
S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2011-10-13 20016]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-11-1 16152]
S3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2012-7-16 401256]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-13 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-27 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-3 1255736]
.
=============== Created Last 30 ================
.
2383-07-17 22:09:55    64624    ----a-w-    C:\Windows\System32\drivers\HECIx64.sys
2014-01-12 06:26:01    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-01-12 06:26:01    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-11 10:52:31    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C932E157-D554-47FA-82E3-EB3A4361B439}\offreg.dll
2014-01-11 02:00:38    10315576    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C932E157-D554-47FA-82E3-EB3A4361B439}\mpengine.dll
2014-01-08 06:36:42    0    ----a-w-    C:\Windows\SysWow64\FAP9A73.tmp
2014-01-08 06:28:56    --------    d-----w-    C:\Windows\SysWow64\NV
2014-01-08 06:28:56    --------    d-----w-    C:\Windows\System32\NV
2014-01-08 06:22:51    --------    d-----w-    C:\NVIDIA
2014-01-08 06:21:02    0    ----a-w-    C:\Windows\SysWow64\FAP415A.tmp
2014-01-08 06:21:02    0    ----a-w-    C:\Windows\SysWow64\FAP4129.tmp
2014-01-08 06:21:02    0    ----a-w-    C:\Windows\SysWow64\FAP40F8.tmp
2014-01-08 06:20:53    0    ----a-w-    C:\Windows\SysWow64\FAP1F62.tmp
2014-01-08 06:20:53    0    ----a-w-    C:\Windows\SysWow64\FAP1F32.tmp
2014-01-08 06:20:53    0    ----a-w-    C:\Windows\SysWow64\FAP1F01.tmp
2014-01-08 06:19:00    0    ----a-w-    C:\Windows\SysWow64\FAP66F6.tmp
2014-01-08 06:18:58    0    ----a-w-    C:\Windows\SysWow64\FAP5C89.tmp
2014-01-08 06:18:49    0    ----a-w-    C:\Windows\SysWow64\FAP397D.tmp
2014-01-08 06:18:49    0    ----a-w-    C:\Windows\SysWow64\FAP392D.tmp
2014-01-08 06:18:49    0    ----a-w-    C:\Windows\SysWow64\FAP390C.tmp
2014-01-08 06:18:48    0    ----a-w-    C:\Windows\SysWow64\FAP3764.tmp
2014-01-08 06:18:40    0    ----a-w-    C:\Windows\SysWow64\FAP1938.tmp
2014-01-08 06:15:17    0    ----a-w-    C:\Windows\SysWow64\FAPFE28.tmp
2014-01-08 06:08:58    0    ----a-w-    C:\Windows\SysWow64\FAP37AC.tmp
2014-01-08 06:00:31    0    ----a-w-    C:\Windows\SysWow64\FAP77A6.tmp
2014-01-08 05:59:00    0    ----a-w-    C:\Windows\SysWow64\FAP148E.tmp
2014-01-08 05:59:00    0    ----a-w-    C:\Windows\SysWow64\FAP145E.tmp
2014-01-08 05:59:00    0    ----a-w-    C:\Windows\SysWow64\FAP143C.tmp
2014-01-08 05:58:53    0    ----a-w-    C:\Windows\SysWow64\FAPFB0F.tmp
2014-01-08 05:58:53    0    ----a-w-    C:\Windows\SysWow64\FAPFADF.tmp
2014-01-08 05:58:45    0    ----a-w-    C:\Windows\SysWow64\FAPDC36.tmp
2014-01-08 05:58:45    0    ----a-w-    C:\Windows\SysWow64\FAPDB2B.tmp
2014-01-08 05:57:19    0    ----a-w-    C:\Windows\SysWow64\FAP8CEA.tmp
2014-01-08 05:57:19    0    ----a-w-    C:\Windows\SysWow64\FAP8B43.tmp
2014-01-08 05:57:18    0    ----a-w-    C:\Windows\SysWow64\FAP8844.tmp
2014-01-08 05:57:18    0    ----a-w-    C:\Windows\SysWow64\FAP8814.tmp
2014-01-08 05:57:18    0    ----a-w-    C:\Windows\SysWow64\FAP8802.tmp
2014-01-08 05:57:11    0    ----a-w-    C:\Windows\SysWow64\FAP6D4F.tmp
2014-01-08 05:57:11    0    ----a-w-    C:\Windows\SysWow64\FAP6D1E.tmp
2014-01-08 05:54:58    0    ----a-w-    C:\Windows\SysWow64\FAP6485.tmp
2014-01-08 05:50:26    0    ----a-w-    C:\Windows\SysWow64\FAP3FD3.tmp
2014-01-08 05:50:26    0    ----a-w-    C:\Windows\SysWow64\FAP3FB2.tmp
2014-01-08 05:50:26    0    ----a-w-    C:\Windows\SysWow64\FAP3F81.tmp
2014-01-08 05:50:21    0    ----a-w-    C:\Windows\SysWow64\FAP2AC7.tmp
2014-01-08 05:50:21    0    ----a-w-    C:\Windows\SysWow64\FAP298D.tmp
2014-01-08 05:50:21    0    ----a-w-    C:\Windows\SysWow64\FAP28EF.tmp
2014-01-08 05:50:20    0    ----a-w-    C:\Windows\SysWow64\FAP2526.tmp
2014-01-08 05:34:27    0    ----a-w-    C:\Windows\SysWow64\FAP9ADF.tmp
2014-01-08 05:34:25    0    ----a-w-    C:\Windows\SysWow64\FAP9320.tmp
2014-01-08 05:32:11    0    ----a-w-    C:\Windows\SysWow64\FAP879A.tmp
2014-01-08 05:31:52    0    ----a-w-    C:\Windows\SysWow64\FAP3D01.tmp
2014-01-08 05:22:19    0    ----a-w-    C:\Windows\SysWow64\FAP7F2D.tmp
2014-01-08 05:20:27    0    ----a-w-    C:\Windows\SysWow64\FAPCC50.tmp
2014-01-08 05:20:19    0    ----a-w-    C:\Windows\SysWow64\FAPAA1F.tmp
2014-01-08 05:16:12    0    ----a-w-    C:\Windows\SysWow64\FAPE6BF.tmp
2014-01-08 02:55:49    0    ----a-w-    C:\Windows\SysWow64\FAP5E88.tmp
2014-01-08 02:55:48    0    ----a-w-    C:\Windows\SysWow64\FAP5C64.tmp
2014-01-08 02:52:01    0    ----a-w-    C:\Windows\SysWow64\FAPE6B6.tmp
2014-01-08 02:15:22    0    ----a-w-    C:\Windows\SysWow64\FAP56D4.tmp
2014-01-08 02:06:50    0    ----a-w-    C:\Windows\SysWow64\FAP8791.tmp
2013-12-29 08:04:34    225280    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-12-29 08:04:34    176128    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-12-29 08:04:33    77824    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-12-29 08:04:33    32768    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-12-29 08:01:53    61440    ----a-r-    C:\Users\Rob\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe
2013-12-29 08:01:14    --------    d-----w-    C:\Windows\Downloaded Installations
2013-12-29 07:59:41    --------    d-----w-    C:\Program Files (x86)\Common Files\Nikon
2013-12-29 07:59:25    --------    d-----w-    C:\ProgramData\Importer
2013-12-29 07:57:14    --------    d-----w-    C:\Program Files\Common Files\Nikon
2013-12-29 07:57:14    --------    d-----w-    C:\Program Files (x86)\Nikon
2013-12-29 07:57:13    --------    d-----w-    C:\Program Files\Nikon
2013-12-29 07:56:46    --------    d-----w-    C:\ProgramData\Jazz
2013-12-29 07:56:42    --------    d-----w-    C:\ProgramData\Hybrid Synthesizers
2013-12-29 07:54:12    --------    d-----w-    C:\ProgramData\Sample Delay
2013-12-29 06:10:04    --------    d-----w-    C:\Windows\SysWow64\%LOCALAPPDATA%
2013-12-26 05:35:38    21040    ----a-w-    C:\Windows\System32\sdnclean64.exe
2013-12-22 02:40:13    --------    d-----w-    C:\Program Files (x86)\Evernote
2013-12-18 02:18:39    39200    ----a-w-    C:\Windows\System32\drivers\nvvad64v.sys
2013-12-18 02:18:39    32544    ----a-w-    C:\Windows\SysWow64\nvaudcap32v.dll
2013-12-18 01:41:47    17294728    ----a-w-    C:\Windows\SysWow64\FlashPlayerInstaller.exe
.
==================== Find3M  ====================
.
2014-01-13 01:12:28    16152    ----a-w-    C:\Windows\System32\drivers\SWDUMon.sys
2013-12-29 07:56:01    106496    ----a-w-    C:\Windows\SysWow64\ATL71.DLL
2013-12-19 18:53:46    6671648    ----a-w-    C:\Windows\System32\nvcpl.dll
2013-12-19 18:53:46    3490080    ----a-w-    C:\Windows\System32\nvsvc64.dll
2013-12-19 18:53:44    922912    ----a-w-    C:\Windows\System32\nvvsvc.exe
2013-12-19 18:53:44    67072    ----a-w-    C:\Windows\System32\nv3dappshextr.dll
2013-12-19 18:53:44    63776    ----a-w-    C:\Windows\System32\nvshext.dll
2013-12-19 18:53:44    386336    ----a-w-    C:\Windows\System32\nvmctray.dll
2013-12-19 18:53:44    2559776    ----a-w-    C:\Windows\System32\nvsvcr.dll
2013-12-19 18:53:44    1065248    ----a-w-    C:\Windows\System32\nv3dappshext.dll
2013-12-19 05:01:48    3539040    ----a-w-    C:\Windows\System32\nvcoproc.bin
2013-12-18 23:58:34    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-18 23:58:34    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-10 02:13:11    982232    ----a-w-    C:\Windows\SysWow64\nvspcap.dll
2013-12-10 02:13:01    1100248    ----a-w-    C:\Windows\System32\nvspcap64.dll
2013-12-05 08:42:26    35104    ----a-w-    C:\Windows\System32\nvaudcap64v.dll
2013-11-30 06:27:03    85016    ---ha-w-    C:\Windows\System32\drivers\PROCMON23.SYS
2013-11-26 19:25:52    267936    ------w-    C:\Windows\System32\MpSigStub.exe
2013-11-26 10:19:07    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ----a-w-    C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-11-23 19:26:48    1884448    ----a-w-    C:\Windows\System32\nvdispco6433193.dll
2013-11-23 19:26:48    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6433193.dll
2013-11-23 18:26:20    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
2013-11-14 11:58:09    1884448    ----a-w-    C:\Windows\System32\nvdispco6433182.dll
2013-11-14 11:58:09    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6433182.dll
2013-11-14 06:59:52    83968    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2013-11-14 06:59:52    13824    ----a-w-    C:\Windows\System32\mshta.exe
2013-11-14 06:59:51    48128    ----a-w-    C:\Windows\System32\imgutil.dll
2013-11-12 02:23:09    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-11-12 02:07:29    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2013-11-04 12:42:02    18456    ----a-w-    C:\Windows\System32\drivers\psi_mf_amd64.sys
2013-10-30 02:32:01    335360    ----a-w-    C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52    301568    ----a-w-    C:\Windows\SysWow64\msieftp.dll
2013-10-30 01:24:31    3155968    ----a-w-    C:\Windows\System32\win32k.sys
2013-10-26 01:36:28    549104    ----a-w-    C:\Windows\System32\drivers\SynTP.sys
2013-10-26 01:36:26    34544    ----a-w-    C:\Windows\System32\drivers\Smb_driver_Intel.sys
2013-10-26 01:36:24    422640    ----a-w-    C:\Windows\System32\SynTPCo19.dll
2013-10-26 01:36:24    169712    ----a-w-    C:\Windows\SysWow64\SynTPCom.dll
2013-10-26 01:36:22    400624    ----a-w-    C:\Windows\SysWow64\SynCom.dll
2013-10-26 01:36:22    252144    ----a-w-    C:\Windows\System32\SynTPAPI.dll
2013-10-26 01:36:20    723184    ----a-w-    C:\Windows\System32\SynCOM.dll
2013-10-26 00:37:44    161880    ----a-w-    C:\Windows\System32\pca-manta.bin
2013-10-24 13:10:24    357432    ----a-w-    C:\Windows\SysWow64\LavasoftProxy.dll
2013-10-24 13:04:44    450616    ----a-w-    C:\Windows\System32\LavasoftProxy64.dll
2013-10-23 10:30:23    1884448    ----a-w-    C:\Windows\System32\nvdispco6433165.dll
2013-10-23 10:30:23    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6433165.dll
2013-10-21 01:38:08    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-21 01:10:21    108968    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2013-10-21 00:55:34    29280    ----a-w-    C:\Windows\System32\drivers\klmouflt.sys
2013-10-21 00:55:34    29280    ----a-w-    C:\Windows\System32\drivers\klkbdflt.sys
2013-10-21 00:55:32    90208    ----a-w-    C:\Windows\System32\drivers\klflt.sys
2013-10-21 00:55:31    7717984    ----a-w-    C:\Windows\System32\drivers\kl1.sys
2013-10-19 02:18:57    81408    ----a-w-    C:\Windows\System32\imagehlp.dll
2013-10-19 01:36:59    159232    ----a-w-    C:\Windows\SysWow64\imagehlp.dll
2013-10-16 00:48:05    1884448    ----a-w-    C:\Windows\System32\nvdispco6433158.dll
2013-10-16 00:48:05    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6433158.dll
.
============= FINISH: 18:31:17.16 ===============
 

Here's the Attach.txt:

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 30/09/2012 11:31:55 AM
System Uptime: 12/01/2014 6:08:16 PM (0 hours ago)
.
Motherboard: Hewlett-Packard |  | 181B
Processor: Intel® Core i7-3610QM CPU @ 2.30GHz | U3E1 | 2301/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 903 GiB total, 778.3 GiB free.
D: is FIXED (NTFS) - 28 GiB total, 2.933 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 0 GiB total, 0.073 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP262: 05/01/2014 11:17:57 PM - Windows Update
RP263: 10/01/2014 6:55:59 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Acrobat 8 Professional - English, Français, Deutsch
Adobe Acrobat 8.3.1 - CPSID_83708
Adobe Acrobat 8.3.1 Professional
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe AIR
Adobe Bridge CC (64 Bit)
Adobe Creative Cloud
Adobe Creative Suite 6 Design Standard
Adobe Download Assistant
Adobe Edge Animate CC
Adobe Edge Code CC
Adobe Edge Inspect CC
Adobe Edge Reflow CC Preview
Adobe Exchange Panel
Adobe ExtendScript Toolkit CC
Adobe Extension Manager CC
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Gaming SDK 1.2
Adobe Gaming SDK 1.3
Adobe Help Manager
Adobe Photoshop Elements 10
Adobe Premiere Elements 10
Adobe Reader XI (11.0.05)
Adobe Scout CC
Adobe Shockwave Player 12.0
Adobe Touch App Plugins
Adobe® Content Viewer
aioprnt
aioscnnr
Akamai NetSession Interface
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Panorama Maker 6
AuthenTec TrueAPI 64-bit
Away Builder
Blackhawk Striker 2
Blio
Bonjour
C4USelfUpdater
CCleaner
center
Chuzzle Deluxe
Cradle of Rome 2
CyberLink YouCam 5
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dora's World Adventure
Elements 10 Organizer
Elevated Installer
Epson Event Manager
EPSON NX620 Series Printer Uninstall
EPSON NX635 Series Printer Uninstall
EPSON Scan
EpsonNet Print
EpsonNet Setup 3.3
essentials
ESU for Microsoft Windows 7 SP1
Evernote v. 5.1
Farm Frenzy
Farmscapes
FATE
File Shredder 2.5
FileHippo.com Update Checker
Final Drive Fury
Galerie de photos Windows Live
Garmin Communicator Plugin
Garmin Communicator Plugin x64
Garmin Express
Garmin Express Tray
Garmin USB Drivers
Garmin WebUpdater
GeForce Experience NvStream Client Components
Hewlett-Packard ACLM.NET v1.2.1.1
HijackThis 1.99.1
Hoyle Card Games
HP 3D DriveGuard
HP Auto
HP Client Services
HP CoolSense
HP Customer Experience Enhancements
HP Documentation
HP Games
HP IDF Software
HP Launch Box
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Quick Launch Buttons
HP Recovery Manager
HP Security Assistant
HP Setup
HP Setup Manager
HP Software Framework
iCloud
IDT Audio
Intel® Control Center
Intel® Manageability Engine Firmware Recovery Agent
Intel® Management Engine Components
Intel® PRO/Wireless Driver
Intel® Processor Graphics
Intel® PROSet/Wireless Software for Bluetooth® Technology
Intel® Rapid Storage Technology
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Update Manager
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® WiDi
Intel® Wireless Music device driver
Intel® PROSet/Wireless Software
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
iTunes
Java 7 Update 45
Java 7 Update 45 (64-bit)
John Deere Drive Green
Junk Mail filter update
Kaspersky PURE 3.0
Kodak AIO Printer
KODAK AiO Software
Luxor HD
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Movie Maker
Mozilla Firefox 25.0 (x86 en-US)
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 27.0 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
Nikon Message Center 2
Nikon Movie Editor
NVIDIA Control Panel 332.21
NVIDIA GeForce Experience 1.8.1
NVIDIA Graphics Driver 332.21
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA Optimus Update 10.11.15
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 10.11.15
NVIDIA Update 10.11.15
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.19
ocr
Octoshape Streaming Services
OpenAL
OpenBVE TTC YUS V3
OpenBVE v1.4.2
opensource
PDF Settings CS6
Penguins!
Photo Common
Photo Gallery
Picture Control Utility x64
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
Polar Bowler
Polar Golfer
PRE10STI64Installer
PreReq
PrintProjects
PSE10 STI Installer
QLBCASL
QuickTime
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
RollerCoaster Tycoon 3: Platinum
Secunia PSI (3.0.0.9015)
Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 64-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
SHIELD Streaming
Should I Remove It
Skype™ 6.11
SlimCleaner
SlimDrivers
Spybot - Search & Destroy
swMSM
Synaptics Pointing Device Driver
System Requirements Lab for Intel
Torchlight
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition
Update Installer for WildTangent Games App
Update Notifier
Validity Sensors DDK
Validity WBF DDK
VBA (2627.01)
ViewNX 2
Virtual Villagers 4 - The Tree of Life
VLC media player 2.1.1
VLC media player 2.1.2
WildTangent Games
WildTangent Games App
WildTangent Games App for HP
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0)
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinRAR 5.01 (64-bit)
Yahoo! Messenger
Yahoo! Software Update
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
12/01/2014 6:16:08 PM, Error: Service Control Manager [7023]  - The GamesAppIntegrationService service terminated with the following error:  %%-2147467259
12/01/2014 6:12:04 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Adobe SwitchBoard service to connect.
12/01/2014 6:12:04 PM, Error: Service Control Manager [7000]  - The Adobe SwitchBoard service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
12/01/2014 6:11:06 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
12/01/2014 6:10:56 PM, Error: Service Control Manager [7003]  - The Net.Tcp Listener Adapter service depends the following service: was. This service might not be installed.
12/01/2014 6:10:56 PM, Error: Service Control Manager [7003]  - The Net.Pipe Listener Adapter service depends the following service: was. This service might not be installed.
12/01/2014 6:10:56 PM, Error: Service Control Manager [7003]  - The Net.Msmq Listener Adapter service depends the following service: msmq. This service might not be installed.
12/01/2014 6:10:52 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect.
12/01/2014 6:10:52 PM, Error: Service Control Manager [7000]  - The HP Software Framework Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/01/2014 10:50:51 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
11/01/2014 10:50:51 PM, Error: Service Control Manager [7000]  - The Spybot-S&D 2 Scanner Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
10/01/2014 7:01:54 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.165.1564.0).
10/01/2014 6:40:04 PM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
08/01/2014 10:39:50 PM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
08/01/2014 10:29:09 PM, Error: Service Control Manager [7034]  - The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly.  It has done this 1 time(s).
08/01/2014 10:21:57 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service.
08/01/2014 10:21:27 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
07/01/2014 3:41:09 PM, Error: Service Control Manager [7034]  - The Secunia PSI Agent service terminated unexpectedly.  It has done this 1 time(s).
05/01/2014 11:09:16 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
05/01/2014 10:56:01 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
05/01/2014 10:56:01 PM, Error: Service Control Manager [7000]  - The Garmin Core Update Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
 

Link to post
Share on other sites

I notice that you are using more than one antivirus program.

  • Spybot - Search & Destroy
  • Kaspersky PURE 3.0
This is very dangerous, as multiple Antivirus programs can interfere with one another and actually allow more viruses to get through. It is important that only one antivirus program is running realtime protection. Please uninstall one of them and reboot your system.

Let me know how are things sutiation after that.

Link to post
Share on other sites

Ok I removed Spybot S&D, though I had no idea it was considered an Anti-virus, I just thought it was a program like Malwarebytes. Anyway, in doing so there is no real change in the situation. Looking at my HijackThis log, which I don't fully understand there seems to lots of recognizable files missing. Did you want me to post a new HijackThis log?

Link to post
Share on other sites

DDS.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by Rob at 16:47:04 on 2014-01-16
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.2.1033.18.8087.4181 [GMT -7:00]
.
AV: Kaspersky PURE 3.0 *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky PURE 3.0 *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\stacsv64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\SysWow64\perfhost.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Rob\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
C:\Users\Rob\AppData\Local\Akamai\netsession_win.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Users\Rob\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Users\Rob\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\32\dynamiclinkmanager.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\32\Adobe QT32 Server.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\msfeedssync.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\SoftwareDistribution\Download\Install\mpas-d.exe
c:\545a0e8d36f95c875a6b44f677\MpSigStub.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyServer = localhost:8080
mWinlogon: Userinit = userinit.exe,
BHO: Kaspersky Passsword Manager Toolbar: {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB: Kaspersky Passsword Manager Toolbar: {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
uRun: [GarminExpressTrayApp] c:\program files (x86)\garmin\express tray\expresstray.exe
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Octoshape Streaming Services] "C:\Users\Rob\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
uRun: [FileHippo.com] "c:\program files (x86)\filehippo.com\updatechecker.exe" /background
uRun: [Akamai NetSession Interface] c:\users\rob\appdata\local\akamai\netsession_win.exe
uRun: [CAHeadless] c:\program files (x86)\adobe\elements 10 organizer\caheadless\elementsautoanalyzer.exe
uRun: [skyDrive] "c:\users\rob\appdata\local\microsoft\skydrive\skydrive.exe" /background
mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
StartupFolder: C:\Users\Rob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\UPDATE~1.LNK - C:\Program Files (x86)\Update Notifier\updatenotifier.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:32
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:24
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm
IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll


TCP: NameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{1ECDEE0A-80B3-4ADE-9652-6216000CAA73} : NameServer = 208.122.23.22,208.122.23.23
TCP: Interfaces\{1ECDEE0A-80B3-4ADE-9652-6216000CAA73} : DHCPNameServer = 192.168.1.254 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: livecall - <Clsid value has no data>
Handler: msnim - <Clsid value has no data>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\windows\syswow64\nvinit.dll, C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [bLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [iAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [Adobe ARM] c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
x64-Run: [Adobe Creative Cloud] "c:\program files (x86)\adobe\adobe creative cloud\acc\creative cloud.exe" --showwindow=false --onosstartup=true
x64-Run: [AdobeCS6ServiceManager] "c:\program files (x86)\common files\adobe\cs6servicemanager\cs6servicemanager.exe" -launchedbylogin
x64-Run: [APSDaemon] c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe
x64-Run: [EEventManager] c:\program files (x86)\epson software\event manager\eeventmanager.exe
x64-Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\x64\3\ekij5000mui.exe
x64-Run: [EKStatusMonitor] c:\program files (x86)\kodak\aio\statusmonitor\ekstatusmonitor.exe
x64-Run: [HP Quick Launch] c:\program files (x86)\hewlett-packard\hp quick launch\hpmsgsvc.exe
x64-Run: [QuickTime Task] "c:\program files (x86)\quicktime\qttask.exe" -atboottime
x64-Run: [sDTray] c:\program files (x86)\spybot - search & destroy 2\sdtray.exe
x64-Run: [switchBoard] c:\program files (x86)\common files\adobe\switchboard\switchboard.exe
x64-Run: [igfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: livecall - <Clsid value has no data>
x64-Handler: msnim - <Clsid value has no data>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1    www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect64.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npIdfPlugin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npPitPlugin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_39.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2012-10-22 87424]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2012-10-30 131968]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2012-11-6 1345920]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2013-11-16 40896]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-7-18 198144]
S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2012-7-20 31744]
.
=============== Created Last 30 ================
.
2383-07-17 22:09:55    64624    ----a-w-    C:\Windows\System32\drivers\HECIx64.sys
2014-01-16 23:45:24    --------    d-----w-    C:\545a0e8d36f95c875a6b44f677
2014-01-14 02:21:44    --------    d-----w-    C:\Users\Rob\AppData\Local\RipTiger
2014-01-14 02:21:13    --------    d-----w-    C:\Program Files (x86)\RipTiger
2014-01-14 02:17:51    --------    d-----w-    C:\Users\Rob\AppData\Local\DomainIcons
2014-01-14 02:17:40    --------    d-----w-    C:\Program Files (x86)\Free Video Downloader
2014-01-14 02:08:51    --------    d-----w-    C:\Users\Rob\.android
2014-01-14 02:08:50    --------    d-----w-    C:\Users\Rob\AppData\Local\cache
2014-01-14 02:08:48    --------    d-----w-    C:\Users\Rob\AppData\Local\genienext
2014-01-14 02:08:47    --------    d-----w-    C:\Users\Rob\AppData\Local\Mobogenie
2014-01-14 02:07:37    --------    d-----w-    C:\Users\Rob\AppData\Roaming\FVDIEPlugin
2014-01-14 02:07:37    --------    d-----w-    C:\Program Files (x86)\FVDIEPlugin
2014-01-14 02:03:47    --------    d-----w-    C:\Program Files (x86)\FlashCatch
2014-01-14 01:55:15    --------    d-----w-    C:\wimpy_flv_player_pc
2014-01-12 06:26:01    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-01-12 06:26:01    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-11 02:00:38    10315576    ------w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C932E157-D554-47FA-82E3-EB3A4361B439}\mpengine.dll
2014-01-08 06:36:42    0    ----a-w-    C:\Windows\SysWow64\FAP9A73.tmp
2014-01-08 06:28:56    --------    d-----w-    C:\Windows\SysWow64\NV
2014-01-08 06:28:56    --------    d-----w-    C:\Windows\System32\NV
2014-01-08 06:22:51    --------    d-----w-    C:\NVIDIA
2014-01-08 06:21:02    0    ----a-w-    C:\Windows\SysWow64\FAP415A.tmp
2014-01-08 06:21:02    0    ----a-w-    C:\Windows\SysWow64\FAP4129.tmp
2014-01-08 06:21:02    0    ----a-w-    C:\Windows\SysWow64\FAP40F8.tmp
2014-01-08 06:20:53    0    ----a-w-    C:\Windows\SysWow64\FAP1F62.tmp
2014-01-08 06:20:53    0    ----a-w-    C:\Windows\SysWow64\FAP1F32.tmp
2014-01-08 06:20:53    0    ----a-w-    C:\Windows\SysWow64\FAP1F01.tmp
2014-01-08 06:19:00    0    ----a-w-    C:\Windows\SysWow64\FAP66F6.tmp
2014-01-08 06:18:58    0    ----a-w-    C:\Windows\SysWow64\FAP5C89.tmp
2014-01-08 06:18:49    0    ----a-w-    C:\Windows\SysWow64\FAP397D.tmp
2014-01-08 06:18:49    0    ----a-w-    C:\Windows\SysWow64\FAP392D.tmp
2014-01-08 06:18:49    0    ----a-w-    C:\Windows\SysWow64\FAP390C.tmp
2014-01-08 06:18:48    0    ----a-w-    C:\Windows\SysWow64\FAP3764.tmp
2014-01-08 06:18:40    0    ----a-w-    C:\Windows\SysWow64\FAP1938.tmp
2014-01-08 06:15:17    0    ----a-w-    C:\Windows\SysWow64\FAPFE28.tmp
2014-01-08 06:08:58    0    ----a-w-    C:\Windows\SysWow64\FAP37AC.tmp
2014-01-08 06:00:31    0    ----a-w-    C:\Windows\SysWow64\FAP77A6.tmp
2014-01-08 05:59:00    0    ----a-w-    C:\Windows\SysWow64\FAP148E.tmp
2014-01-08 05:59:00    0    ----a-w-    C:\Windows\SysWow64\FAP145E.tmp
2014-01-08 05:59:00    0    ----a-w-    C:\Windows\SysWow64\FAP143C.tmp
2014-01-08 05:58:53    0    ----a-w-    C:\Windows\SysWow64\FAPFB0F.tmp
2014-01-08 05:58:53    0    ----a-w-    C:\Windows\SysWow64\FAPFADF.tmp
2014-01-08 05:58:45    0    ----a-w-    C:\Windows\SysWow64\FAPDC36.tmp
2014-01-08 05:58:45    0    ----a-w-    C:\Windows\SysWow64\FAPDB2B.tmp
2014-01-08 05:57:19    0    ----a-w-    C:\Windows\SysWow64\FAP8CEA.tmp
2014-01-08 05:57:19    0    ----a-w-    C:\Windows\SysWow64\FAP8B43.tmp
2014-01-08 05:57:18    0    ----a-w-    C:\Windows\SysWow64\FAP8844.tmp
2014-01-08 05:57:18    0    ----a-w-    C:\Windows\SysWow64\FAP8814.tmp
2014-01-08 05:57:18    0    ----a-w-    C:\Windows\SysWow64\FAP8802.tmp
2014-01-08 05:57:11    0    ----a-w-    C:\Windows\SysWow64\FAP6D4F.tmp
2014-01-08 05:57:11    0    ----a-w-    C:\Windows\SysWow64\FAP6D1E.tmp
2014-01-08 05:54:58    0    ----a-w-    C:\Windows\SysWow64\FAP6485.tmp
2014-01-08 05:50:26    0    ----a-w-    C:\Windows\SysWow64\FAP3FD3.tmp
2014-01-08 05:50:26    0    ----a-w-    C:\Windows\SysWow64\FAP3FB2.tmp
2014-01-08 05:50:26    0    ----a-w-    C:\Windows\SysWow64\FAP3F81.tmp
2014-01-08 05:50:21    0    ----a-w-    C:\Windows\SysWow64\FAP2AC7.tmp
2014-01-08 05:50:21    0    ----a-w-    C:\Windows\SysWow64\FAP298D.tmp
2014-01-08 05:50:21    0    ----a-w-    C:\Windows\SysWow64\FAP28EF.tmp
2014-01-08 05:50:20    0    ----a-w-    C:\Windows\SysWow64\FAP2526.tmp
2014-01-08 05:34:27    0    ----a-w-    C:\Windows\SysWow64\FAP9ADF.tmp
2014-01-08 05:34:25    0    ----a-w-    C:\Windows\SysWow64\FAP9320.tmp
2014-01-08 05:32:11    0    ----a-w-    C:\Windows\SysWow64\FAP879A.tmp
2014-01-08 05:31:52    0    ----a-w-    C:\Windows\SysWow64\FAP3D01.tmp
2014-01-08 05:22:19    0    ----a-w-    C:\Windows\SysWow64\FAP7F2D.tmp
2014-01-08 05:20:27    0    ----a-w-    C:\Windows\SysWow64\FAPCC50.tmp
2014-01-08 05:20:19    0    ----a-w-    C:\Windows\SysWow64\FAPAA1F.tmp
2014-01-08 05:16:12    0    ----a-w-    C:\Windows\SysWow64\FAPE6BF.tmp
2014-01-08 02:55:49    0    ----a-w-    C:\Windows\SysWow64\FAP5E88.tmp
2014-01-08 02:55:48    0    ----a-w-    C:\Windows\SysWow64\FAP5C64.tmp
2014-01-08 02:52:01    0    ----a-w-    C:\Windows\SysWow64\FAPE6B6.tmp
2014-01-08 02:15:22    0    ----a-w-    C:\Windows\SysWow64\FAP56D4.tmp
2014-01-08 02:06:50    0    ----a-w-    C:\Windows\SysWow64\FAP8791.tmp
2013-12-29 08:04:34    225280    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-12-29 08:04:34    176128    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-12-29 08:04:33    77824    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-12-29 08:04:33    32768    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-12-29 08:01:53    61440    ----a-r-    C:\Users\Rob\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe
2013-12-29 08:01:14    --------    d-----w-    C:\Windows\Downloaded Installations
2013-12-29 07:59:41    --------    d-----w-    C:\Program Files (x86)\Common Files\Nikon
2013-12-29 07:59:25    --------    d-----w-    C:\ProgramData\Importer
2013-12-29 07:57:14    --------    d-----w-    C:\Program Files\Common Files\Nikon
2013-12-29 07:57:14    --------    d-----w-    C:\Program Files (x86)\Nikon
2013-12-29 07:57:13    --------    d-----w-    C:\Program Files\Nikon
2013-12-29 07:56:46    --------    d-----w-    C:\ProgramData\Jazz
2013-12-29 07:56:42    --------    d-----w-    C:\ProgramData\Hybrid Synthesizers
2013-12-29 07:54:12    --------    d-----w-    C:\ProgramData\Sample Delay
2013-12-29 06:10:04    --------    d-----w-    C:\Windows\SysWow64\%LOCALAPPDATA%
2013-12-22 02:40:13    --------    d-----w-    C:\Program Files (x86)\Evernote
2013-12-21 06:04:22    225656    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
2013-12-18 02:18:39    39200    ----a-w-    C:\Windows\System32\drivers\nvvad64v.sys
2013-12-18 02:18:39    32544    ----a-w-    C:\Windows\SysWow64\nvaudcap32v.dll
.
==================== Find3M  ====================
.
2014-01-16 23:31:37    16152    ----a-w-    C:\Windows\System32\drivers\SWDUMon.sys
2014-01-15 09:08:44    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-15 09:08:44    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-29 07:56:01    106496    ----a-w-    C:\Windows\SysWow64\ATL71.DLL
2013-12-19 18:53:46    6671648    ----a-w-    C:\Windows\System32\nvcpl.dll
2013-12-19 18:53:46    3490080    ----a-w-    C:\Windows\System32\nvsvc64.dll
2013-12-19 18:53:44    922912    ----a-w-    C:\Windows\System32\nvvsvc.exe
2013-12-19 18:53:44    67072    ----a-w-    C:\Windows\System32\nv3dappshextr.dll
2013-12-19 18:53:44    63776    ----a-w-    C:\Windows\System32\nvshext.dll
2013-12-19 18:53:44    386336    ----a-w-    C:\Windows\System32\nvmctray.dll
2013-12-19 18:53:44    2559776    ----a-w-    C:\Windows\System32\nvsvcr.dll
2013-12-19 18:53:44    1065248    ----a-w-    C:\Windows\System32\nv3dappshext.dll
2013-12-19 05:01:48    3539040    ----a-w-    C:\Windows\System32\nvcoproc.bin
2013-12-10 02:13:11    982232    ----a-w-    C:\Windows\SysWow64\nvspcap.dll
2013-12-10 02:13:01    1100248    ----a-w-    C:\Windows\System32\nvspcap64.dll
2013-12-05 08:42:26    35104    ----a-w-    C:\Windows\System32\nvaudcap64v.dll
2013-11-30 06:27:03    85016    ---ha-w-    C:\Windows\System32\drivers\PROCMON23.SYS
2013-11-26 19:25:52    267936    ------w-    C:\Windows\System32\MpSigStub.exe
2013-11-26 10:19:07    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ----a-w-    C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-11-23 19:26:48    1884448    ----a-w-    C:\Windows\System32\nvdispco6433193.dll
2013-11-23 19:26:48    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6433193.dll
2013-11-23 18:26:20    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
2013-11-14 11:58:09    1884448    ----a-w-    C:\Windows\System32\nvdispco6433182.dll
2013-11-14 11:58:09    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6433182.dll
2013-11-14 06:59:52    83968    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2013-11-14 06:59:52    13824    ----a-w-    C:\Windows\System32\mshta.exe
2013-11-14 06:59:51    48128    ----a-w-    C:\Windows\System32\imgutil.dll
2013-11-12 02:23:09    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-11-12 02:07:29    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2013-11-04 12:42:02    18456    ----a-w-    C:\Windows\System32\drivers\psi_mf_amd64.sys
2013-10-30 02:32:01    335360    ----a-w-    C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52    301568    ----a-w-    C:\Windows\SysWow64\msieftp.dll
2013-10-30 01:24:31    3155968    ----a-w-    C:\Windows\System32\win32k.sys
2013-10-26 01:36:28    549104    ----a-w-    C:\Windows\System32\drivers\SynTP.sys
2013-10-26 01:36:26    34544    ----a-w-    C:\Windows\System32\drivers\Smb_driver_Intel.sys
2013-10-26 01:36:24    422640    ----a-w-    C:\Windows\System32\SynTPCo19.dll
2013-10-26 01:36:24    169712    ----a-w-    C:\Windows\SysWow64\SynTPCom.dll
2013-10-26 01:36:22    400624    ----a-w-    C:\Windows\SysWow64\SynCom.dll
2013-10-26 01:36:22    252144    ----a-w-    C:\Windows\System32\SynTPAPI.dll
2013-10-26 01:36:20    723184    ----a-w-    C:\Windows\System32\SynCOM.dll
2013-10-26 00:37:44    161880    ----a-w-    C:\Windows\System32\pca-manta.bin
2013-10-24 13:10:24    357432    ----a-w-    C:\Windows\SysWow64\LavasoftProxy.dll
2013-10-24 13:04:44    450616    ----a-w-    C:\Windows\System32\LavasoftProxy64.dll
2013-10-23 10:30:23    1884448    ----a-w-    C:\Windows\System32\nvdispco6433165.dll
2013-10-23 10:30:23    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6433165.dll
2013-10-21 01:38:08    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-21 01:10:21    108968    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2013-10-21 00:55:34    29280    ----a-w-    C:\Windows\System32\drivers\klmouflt.sys
2013-10-21 00:55:34    29280    ----a-w-    C:\Windows\System32\drivers\klkbdflt.sys
2013-10-21 00:55:32    90208    ----a-w-    C:\Windows\System32\drivers\klflt.sys
2013-10-21 00:55:31    7717984    ----a-w-    C:\Windows\System32\drivers\kl1.sys
2013-10-19 02:18:57    81408    ----a-w-    C:\Windows\System32\imagehlp.dll
2013-10-19 01:36:59    159232    ----a-w-    C:\Windows\SysWow64\imagehlp.dll
.
============= FINISH: 16:53:17.04 ===============
 

Attach.txt:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 30/09/2012 11:31:55 AM
System Uptime: 16/01/2014 4:28:13 PM (0 hours ago)
.
Motherboard: Hewlett-Packard |  | 181B
Processor: Intel® Core i7-3610QM CPU @ 2.30GHz | U3E1 | 2301/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 903 GiB total, 775.121 GiB free.
D: is FIXED (NTFS) - 28 GiB total, 2.933 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 0 GiB total, 0.073 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Hook Test Driver
Device ID: ROOT\LEGACY_SDHOOKDRIVER\0000
Manufacturer:
Name: Hook Test Driver
PNP Device ID: ROOT\LEGACY_SDHOOKDRIVER\0000
Service: SDHookDriver
.
==== System Restore Points ===================
.
RP262: 05/01/2014 11:17:57 PM - Windows Update
RP263: 10/01/2014 6:55:59 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Acrobat 8 Professional - English, Français, Deutsch
Adobe Acrobat 8.3.1 - CPSID_83708
Adobe Acrobat 8.3.1 Professional
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe AIR
Adobe Bridge CC (64 Bit)
Adobe Creative Cloud
Adobe Creative Suite 6 Design Standard
Adobe Download Assistant
Adobe Edge Animate CC
Adobe Edge Code CC
Adobe Edge Inspect CC
Adobe Edge Reflow CC Preview
Adobe Exchange Panel
Adobe ExtendScript Toolkit CC
Adobe Extension Manager CC
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Gaming SDK 1.2
Adobe Gaming SDK 1.3
Adobe Help Manager
Adobe Photoshop Elements 10
Adobe Premiere Elements 10
Adobe Reader XI (11.0.06)
Adobe Scout CC
Adobe Shockwave Player 12.0
Adobe Touch App Plugins
Adobe® Content Viewer
aioprnt
aioscnnr
Akamai NetSession Interface
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Panorama Maker 6
AuthenTec TrueAPI 64-bit
Away Builder
Blackhawk Striker 2
Blio
Bonjour
C4USelfUpdater
CCleaner
center
Chuzzle Deluxe
Cradle of Rome 2
CyberLink YouCam 5
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dora's World Adventure
Elements 10 Organizer
Elevated Installer
Epson Event Manager
EPSON NX620 Series Printer Uninstall
EPSON NX635 Series Printer Uninstall
EPSON Scan
EpsonNet Print
EpsonNet Setup 3.3
essentials
ESU for Microsoft Windows 7 SP1
Evernote v. 5.1
Farm Frenzy
Farmscapes
FATE
File Shredder 2.5
FileHippo.com Update Checker
Final Drive Fury
Galerie de photos Windows Live
Garmin Communicator Plugin
Garmin Communicator Plugin x64
Garmin Express
Garmin Express Tray
Garmin USB Drivers
Garmin WebUpdater
GeForce Experience NvStream Client Components
Hewlett-Packard ACLM.NET v1.2.1.1
HijackThis 1.99.1
Hoyle Card Games
HP 3D DriveGuard
HP Auto
HP Client Services
HP CoolSense
HP Customer Experience Enhancements
HP Documentation
HP Games
HP IDF Software
HP Launch Box
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Quick Launch Buttons
HP Recovery Manager
HP Security Assistant
HP Setup
HP Setup Manager
HP Software Framework
iCloud
IDT Audio
Intel® Control Center
Intel® Manageability Engine Firmware Recovery Agent
Intel® Management Engine Components
Intel® PRO/Wireless Driver
Intel® Processor Graphics
Intel® PROSet/Wireless Software for Bluetooth® Technology
Intel® Rapid Storage Technology
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Update Manager
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® WiDi
Intel® Wireless Music device driver
Intel® PROSet/Wireless Software
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
iTunes
Java 7 Update 45
Java 7 Update 45 (64-bit)
John Deere Drive Green
Junk Mail filter update
Kaspersky PURE 3.0
Kodak AIO Printer
KODAK AiO Software
Luxor HD
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Movie Maker
Mozilla Firefox 25.0 (x86 en-US)
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 27.0 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
Nikon Message Center 2
Nikon Movie Editor
NVIDIA Control Panel 332.21
NVIDIA GeForce Experience 1.8.1
NVIDIA Graphics Driver 332.21
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA Optimus Update 10.11.15
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 10.11.15
NVIDIA Update 10.11.15
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.19
ocr
Octoshape Streaming Services
OpenAL
OpenBVE TTC YUS V3
OpenBVE v1.4.2
opensource
PDF Settings CS6
Penguins!
Photo Common
Photo Gallery
Picture Control Utility x64
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
Polar Bowler
Polar Golfer
PRE10STI64Installer
PreReq
PrintProjects
PSE10 STI Installer
QLBCASL
QuickTime
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
RollerCoaster Tycoon 3: Platinum
Secunia PSI (3.0.0.9015)
Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 64-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
SHIELD Streaming
Should I Remove It
Skype™ 6.11
SlimCleaner
SlimDrivers
swMSM
Synaptics Pointing Device Driver
System Requirements Lab for Intel
Torchlight
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition
Update Installer for WildTangent Games App
Update Notifier
Validity Sensors DDK
Validity WBF DDK
VBA (2627.01)
ViewNX 2
Virtual Villagers 4 - The Tree of Life
VLC media player 2.1.1
VLC media player 2.1.2
WildTangent Games
WildTangent Games App
WildTangent Games App for HP
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0)
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinRAR 5.01 (64-bit)
Yahoo! Messenger
Yahoo! Software Update
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
16/01/2014 4:35:56 PM, Error: Service Control Manager [7023]  - The GamesAppIntegrationService service terminated with the following error:  %%-2147467259
16/01/2014 4:32:02 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  SDHookDriver
16/01/2014 4:31:17 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Adobe SwitchBoard service to connect.
16/01/2014 4:31:17 PM, Error: Service Control Manager [7000]  - The Adobe SwitchBoard service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
16/01/2014 4:30:59 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
16/01/2014 4:30:45 PM, Error: Service Control Manager [7003]  - The Net.Tcp Listener Adapter service depends the following service: was. This service might not be installed.
16/01/2014 4:30:45 PM, Error: Service Control Manager [7003]  - The Net.Pipe Listener Adapter service depends the following service: was. This service might not be installed.
16/01/2014 4:30:45 PM, Error: Service Control Manager [7003]  - The Net.Msmq Listener Adapter service depends the following service: msmq. This service might not be installed.
16/01/2014 4:30:41 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect.
16/01/2014 4:30:41 PM, Error: Service Control Manager [7000]  - The HP Software Framework Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
15/01/2014 1:46:04 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
15/01/2014 1:33:15 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
15/01/2014 1:33:15 AM, Error: Service Control Manager [7000]  - The Garmin Core Update Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
13/01/2014 7:37:31 PM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
13/01/2014 6:00:42 PM, Error: Service Control Manager [7022]  - The Windows Defender service hung on starting.
11/01/2014 10:50:51 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
11/01/2014 10:50:51 PM, Error: Service Control Manager [7000]  - The Spybot-S&D 2 Scanner Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
10/01/2014 7:01:54 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.165.1564.0).
.
==== End Of File ===========================
 

Link to post
Share on other sites

Step 1

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 2

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
Step 3
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

Jrt.txt:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Rob on 17/01/2014 at 15:48:38.71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\caphyon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_openal_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_openal_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_openal_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_openal_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F8305D7D-CF69-465a-9003-813C6013A702}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F8305D7D-CF79-465a-9003-813C6013A702}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FC7B8A54-3E4C-45CA-9F59-AA122713DE4D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{F8305D7D-CF69-465a-9003-813C6013A702}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{F8305D7D-CF79-465a-9003-813C6013A702}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{FC7B8A54-3E4C-45CA-9F59-AA122713DE4D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Users\Rob\appdata\local\downtango"
Successfully deleted: [Folder] "C:\Users\Rob\appdata\local\filetypeassistant"
Successfully deleted: [Folder] "C:\Users\Rob\appdata\local\webplayer"
Successfully deleted: [Folder] "C:\Users\Rob\appdata\locallow\searchresultstb"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{08B5BE65-F9B2-410B-9BF0-E5674D52CB59}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{0C0EA6D6-E86F-48F5-B6F2-BDA28DDB8C45}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{11559B57-5A3E-49D0-A90F-2BBAB003D2D9}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{1932C7BB-B934-4643-91EA-B31D348F8D05}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{268739B6-3A4E-45CD-806E-E862B7700970}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{2B3041CE-DCF4-4ED5-98D8-B5083843A14D}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{2C855D51-5719-4D0F-81AE-BD56D4C5BF6C}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{2E6B1C66-633B-429D-9AF3-DBFF8CDC2B26}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{31D48322-FD1B-449F-9597-AA90EA37478A}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{3291AB86-6D0B-4025-998B-1948ACD3F527}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{35D11993-DBC3-4C7B-BB85-8226CD7B8ECC}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{36C7377A-9882-4925-91D2-3FA3B968E920}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{38081617-E2B9-434C-8501-1D5F08B71677}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{3B999026-67EA-4E0F-8A18-ACF7D5EDB4C1}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{437C7880-451C-4FB8-A396-B3787396FCF1}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{469EF531-1FF7-4664-AB3C-36BE93EB37FD}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{477626E1-228C-4EB4-8B7E-32D3FE151E19}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{500A89A8-876A-423C-A216-0A7AADBF7E5B}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{513A5281-CD98-4B79-A5C1-8C33EE34355C}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{66CD011B-DD05-48F5-B26C-C022CAB0A6D8}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{6FB3BF48-464C-4122-B330-FF6F4AD98076}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{70198D7B-0480-44CD-A461-278E08FF1E05}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{73B0E71E-7978-4A73-9303-3B07A50D836F}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{768782CA-A01A-4082-A6EC-D948D515FDE6}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{7B3D1216-5F11-41BA-A918-328FF9EFD109}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{814B9BA1-0626-4D2E-BF6E-47CC45C162E3}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{85911D8A-D848-480B-8D2F-D3469AA416C0}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{89B27BF4-422B-4C0E-957C-2F227D47725A}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{8F554848-9ECF-469A-9D70-ED847E7939A4}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{964C2DA5-67E2-4F3B-ACBC-9EDB52E9A8A3}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{96842ACB-F28F-4229-9D11-DB4ECBDB06E8}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{96CACC65-60D8-406D-A610-B56F6BFC6EF4}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{998313D8-10D1-47DC-82BB-2EA60F6BC025}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{99849D16-2AB8-4CE0-82FB-1D0A201A67ED}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{9C1C0A14-9FF5-405A-A996-8190EFA04432}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{9EE29AC0-EAA0-45F0-BCAF-7307D2E60417}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{A15C6348-E2C0-4DCD-A1C8-6828B8FB9705}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{A37142B3-709D-49C9-9C47-A40E5CE3D28D}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{A40D5D19-5FF5-4C93-9FDE-3691932508E7}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{A4865D63-D296-48FB-9821-F1DAEA4F44BD}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{ADAF76B3-4CC7-4FE4-9039-EBD6979DCC55}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{AF56735F-2587-4659-86A9-B712B215854D}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{C0A8392E-1202-46AA-AFB8-A3F99448B1B1}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{C2CB2797-9928-4087-8E1A-FF83D4287E39}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{C2EC0A78-E4B5-4BAB-9151-8802C6B2524C}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{C5AD6F6A-F4B3-4976-A132-5D8EB43CFBBB}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{C900F860-3AE0-4598-AD59-22B49120D01E}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{D98F2A0D-1BA7-4945-9BD0-E1FE77DE6DA3}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{DC8EC6CB-538B-43BB-97E6-E35CE13F990C}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{E5145F49-CD9E-453F-874D-61CA2AEA0DCB}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{E68062FD-69D1-4428-91D8-CC52B543B509}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{E6843CC0-F37C-4E34-9F79-30CBA7B744FC}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{E97A55CD-D089-46F2-9D72-24642FF909FC}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{F0109E2C-0E1E-43F3-884A-7CB244AA6E8E}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{F0505D9E-1555-41FE-A9E9-B7A8375C7035}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{F53760E8-2921-4C26-8AF7-FB1A9DAE3A11}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{F75E4C2F-9D06-4CAB-9F76-1812E5C97AEB}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{F7AF5CDC-6351-477E-BD6D-D156AFBA876A}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{F8F30B39-5DBD-4989-B1A7-28973F2531BE}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{FAB99390-E944-484C-BF20-820BF923865E}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{FDD34E8C-8C75-4568-A991-A15E5263E4CA}
Successfully deleted: [Empty Folder] C:\Users\Rob\appdata\local\{FE7A83F4-7FAC-4830-B221-66B9A8909E44}



~~~ FireFox

Successfully deleted: [File] C:\Users\Rob\AppData\Roaming\mozilla\firefox\profiles\fbim37eo.default\user.js
Emptied folder: C:\Users\Rob\AppData\Roaming\mozilla\firefox\profiles\fbim37eo.default\minidumps [18 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17/01/2014 at 15:57:34.71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Link to post
Share on other sites

AdwCleaner[s0].txt:

# AdwCleaner v3.017 - Report created 17/01/2014 at 16:02:09
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Rob - ROB-HP
# Running from : C:\Users\Rob\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[#] Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\Uniblue\DriverScanner
Folder Deleted : C:\Program Files (x86)\Red Sky
Folder Deleted : C:\Users\Rob\AppData\Local\genienext
Folder Deleted : C:\Users\Rob\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Rob\Documents\Mobogenie
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\SafetyNut
Key Deleted : HKLM\Software\Uniblue

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v25.0 (en-US)

[ File : C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\fbim37eo.default\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "Ask.com");

*************************

AdwCleaner[R0].txt - [2469 octets] - [17/01/2014 16:01:51]
AdwCleaner[s0].txt - [2398 octets] - [17/01/2014 16:02:09]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2458 octets] ##########
 

Link to post
Share on other sites

mbam.txt:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.17.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Rob :: ROB-HP [administrator]

17/01/2014 4:20:14 PM
mbam-log-2014-01-17 (16-20-14).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220045
Time elapsed: 13 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

Link to post
Share on other sites

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Link to post
Share on other sites

The scan took 6 hours to run, so I had it run overnight. I unfortunately unplugged my laptop moving it, so I couldn't follow the final instructions about the exporting. But I did find a log in the scanner's folder that I think says exactly what you are looking for.

 

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6f464238225cf149a01f59d108b18ec0
# engine=16706
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-01-19 02:31:23
# local_time=2014-01-19 07:31:23 (-0700, Mountain Standard Time)
# country="Canada"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 0 141685333 0 0
# scanned=402059
# found=25
# cleaned=13
# scan_time=24010
sh=A913FD45A3A701711CDF78D3630EB5D97108C73A ft=1 fh=c6b43bbb1e46f346 vn="multiple threats" ac=I fn="C:\Users\Rob\.frostwire5\updates\frostwire-5.6.8.windows.exe"
sh=8C48398F3189AB21241C3E60241BBBDA56783839 ft=1 fh=5d1124175ccddd0c vn="multiple threats" ac=I fn="C:\Users\Rob\AppData\Local\Temp\dlm96E3.tmp\freevideodownloader_tiny_4.4.1-setup_cnet.exe"
sh=6585F3BCD797EFC2F81599CDE50115668B677D52 ft=1 fh=c4c5afd1d69feff3 vn="Win32/Bundled.Toolbar.Google.D application" ac=I fn="C:\Users\Rob\Downloads\ccsetup408.exe"
sh=932E042070F1567ED5A116E98E3C04D7D07E0681 ft=1 fh=3bf8f6c29b1c29c3 vn="Win32/Bundled.Toolbar.Google.D application" ac=I fn="C:\Users\Rob\Downloads\ccsetup409.exe"
sh=A3766A05436EC00EFE7DC7D6D658595266BFA281 ft=1 fh=bd7212a41b650ac3 vn="a variant of Win32/OpenInstall application" ac=I fn="C:\Users\Rob\Downloads\WinZip170.exe"
sh=5CD09A38C1839DE456CA9DAECB7BEFF92AFB0D30 ft=1 fh=a32156e667dbeb97 vn="a variant of Win32/Verti.A application" ac=I fn="C:\Users\Rob\Downloads\Xvid_RocketFuelInstaller.exe"
sh=8181EE9366E89541DCF88873CE4EFF12823C4C2E ft=1 fh=0f810a2bba11d70b vn="a variant of Win32/Toolbar.Widgi application" ac=I fn="C:\Users\Rob\Downloads\Download\unlocker-setup.exe"
sh=E4E9AA2F1C1DDF1E1AE0217918084CF0FA05FA10 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-FWV7[1].7z"
sh=A8374B5A06660F4A24120BA5504347647C2CC94B ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-FWV7[2].7z"
sh=7EB6660C4E75C3D38F9A73C5F0AAA86E7A005C82 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-FWV7[3].7z"
sh=7EB6660C4E75C3D38F9A73C5F0AAA86E7A005C82 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-FWV7[4].7z"
sh=5F2224A8926FA04EA58BC4CBC6C915D827AA1C5B ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-FWV7[5].7z"
sh=A913FD45A3A701711CDF78D3630EB5D97108C73A ft=1 fh=c6b43bbb1e46f346 vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Rob\.frostwire5\updates\frostwire-5.6.8.windows.exe"
sh=8C48398F3189AB21241C3E60241BBBDA56783839 ft=1 fh=5d1124175ccddd0c vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Rob\AppData\Local\Temp\dlm96E3.tmp\freevideodownloader_tiny_4.4.1-setup_cnet.exe"
sh=6585F3BCD797EFC2F81599CDE50115668B677D52 ft=1 fh=c4c5afd1d69feff3 vn="Win32/Bundled.Toolbar.Google.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Rob\Downloads\ccsetup408.exe"
sh=932E042070F1567ED5A116E98E3C04D7D07E0681 ft=1 fh=3bf8f6c29b1c29c3 vn="Win32/Bundled.Toolbar.Google.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Rob\Downloads\ccsetup409.exe"
sh=A3766A05436EC00EFE7DC7D6D658595266BFA281 ft=1 fh=bd7212a41b650ac3 vn="a variant of Win32/OpenInstall application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Rob\Downloads\WinZip170.exe"
sh=5CD09A38C1839DE456CA9DAECB7BEFF92AFB0D30 ft=1 fh=a32156e667dbeb97 vn="a variant of Win32/Verti.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Rob\Downloads\Xvid_RocketFuelInstaller.exe"
sh=8181EE9366E89541DCF88873CE4EFF12823C4C2E ft=1 fh=0f810a2bba11d70b vn="a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Rob\Downloads\Download\unlocker-setup.exe"
sh=C2F8D1DCEDBA4E711F48E0349D54169F7BA401EE ft=1 fh=58054c55c6d40ee5 vn="a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\IObit\Advanced SystemCare 6\unlocker-setup.exe"
sh=E4E9AA2F1C1DDF1E1AE0217918084CF0FA05FA10 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F application (deleted - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-FWV7[1].7z"
sh=A8374B5A06660F4A24120BA5504347647C2CC94B ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F application (deleted - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-FWV7[2].7z"
sh=7EB6660C4E75C3D38F9A73C5F0AAA86E7A005C82 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F application (deleted - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-FWV7[3].7z"
sh=7EB6660C4E75C3D38F9A73C5F0AAA86E7A005C82 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F application (deleted - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-FWV7[4].7z"
sh=5F2224A8926FA04EA58BC4CBC6C915D827AA1C5B ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F application (deleted - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-FWV7[5].7z"
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6f464238225cf149a01f59d108b18ec0
# engine=16712
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-01-19 10:50:11
# local_time=2014-01-19 03:50:11 (-0700, Mountain Standard Time)
# country="Canada"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 0 141715261 0 0
# scanned=2466
# found=0
# cleaned=0
# scan_time=49
 

Link to post
Share on other sites

Download TFC to your desktop

  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
  • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
Let me know how are things then.
Link to post
Share on other sites

Alright, so I did that and it removed a ton of items, but upon rebooting it, I timed how long it took from start until every single startup program had begun. It took 10 minutes and 8 seconds. Breaking this down, it took:

 

1:30 to go from the initial hit esc to enter bios to where the login screen disappears

2:30 of a black screen with simply the cursor arrow showing

6:08 of the startup programs booting up

 

I wonder if this isn't a malware problem but rather something with my drivers, I know there is something called sfc.exe that shows whether or not things are corrupted. Should I run that and post the log that follows?

Link to post
Share on other sites

Do you still have the same problem? On the second restart may be normal again?

If not:

Please download the Kaspersky Virus Removal Tool from here to your Desktop.

Double-click the Removal Tool.

Click the cog in the upper right corner:

AVPfront.gif

Select down to and including your main drive.

Once done please select the Automatic Scan tab and press Start Scan.

avpsettings.gif

Allow AVP to delete all infections found.

Once it has finished select the Report tab.

Select the Detected threats report from the left and press the Save button.

Save it to your Desktop and post the contents in your next reply.

Link to post
Share on other sites

Just reset it and round two took 12 minutes 1 second

 

2:21 from when I hit the power button until the login screen disappeared

2:37 where it sat with a black screen with just the cursor visible

6:02 until the startup programs finished loading.

 

I will try the Kaspersky Virus Removal tool, but I already use Kaspersky Pure 3.0 (with Kaspersky Anti-Virus) as my Internet Security, so it may not find anything.

Link to post
Share on other sites

I have had major issues with the Kaspersky Virus Removal Tool. When I try to install it the first time I get the dreaded Blue Screen of Death due to Page_Fault_In_NonPaged_Area. It does a memory dump and resets and then runs Chkdisk when it reboots. Then I try to install it again and I get Please Reboot Computer - Error Message Is Client Register Error: -2147024894. Then I reboot again and it installed, of course I was unable to save the specific log file. I really should have my battery in my laptop while doing this, it unplugged but it did not find any threats.

 

Then when I reboot, it attempts to uninstall the Kaspersky Virus Removal Tool as part of start up and I get the same Blue Screen of Death as above and when it resets I get the Please Reboot message. Now when I reboot a third time, it gives me the Blue Screen of Death with the same message. So I am not sure a) whether this is some sort of conflict with my Kaspersky Pure 3.0? B) How I will ever get it to stop trying to uninstall on startup. C) How to fix the issues it is presenting when attempting to install/uninstall it?

Link to post
Share on other sites

Ok I read that and seems little help. So what do you suggest now? What concerned me about the behaviour before was the Blue Screen of Death the Kaspersky scanner was causing. To me that indicates a large system problem no? Do you have any other suggestions to resolve my problem? It is no better than it was before I started this thread.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.