Jump to content

Laptop still bad after removing malware!


Recommended Posts

Still telling me parameters are wrong
Help Please!
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 18/02/2011 22:52:29
System Uptime: 16/02/2014 12:57:22 (1 hours ago)
.
Motherboard: Dell Inc. |  | 0PJTXT
Processor: Intel® Core i3 CPU       M 370  @ 2.40GHz | U2E1 | 2394/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 89.361 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: aswRvrt
Device ID: ROOT\LEGACY_ASWRVRT\0000
Manufacturer: 
Name: aswRvrt
PNP Device ID: ROOT\LEGACY_ASWRVRT\0000
Service: aswRvrt
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: avast! Network Shield Support
Device ID: ROOT\LEGACY_ASWTDI\0000
Manufacturer: 
Name: avast! Network Shield Support
PNP Device ID: ROOT\LEGACY_ASWTDI\0000
Service: aswTdi
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: aswVmm
Device ID: ROOT\LEGACY_ASWVMM\0000
Manufacturer: 
Name: aswVmm
PNP Device ID: ROOT\LEGACY_ASWVMM\0000
Service: aswVmm
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer: 
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: avast! Firewall NDIS Filter Miniport
Device ID: ROOT\SW_ASWNDISMP\0000
Manufacturer: ALWIL Software
Name: avast! Firewall NDIS Filter Miniport
PNP Device ID: ROOT\SW_ASWNDISMP\0000
Service: aswNdis
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: avast! Firewall NDIS Filter Miniport
Device ID: ROOT\SW_ASWNDISMP\0001
Manufacturer: ALWIL Software
Name: avast! Firewall NDIS Filter Miniport
PNP Device ID: ROOT\SW_ASWNDISMP\0001
Service: aswNdis
.
==== System Restore Points ===================
.
RP242: 02/02/2014 01:09:57 - Scheduled Checkpoint
RP243: 09/02/2014 22:04:30 - Scheduled Checkpoint
RP244: 10/02/2014 00:35:20 - avast! antivirus system restore point
RP245: 10/02/2014 00:38:42 - Device Driver Package Install: Avast Network Service
RP246: 13/02/2014 03:00:30 - Windows Update
RP247: 14/02/2014 03:00:12 - Windows Update
.
==== Installed Programs ======================
.
AC3Filter 2.5b
Adobe Digital Editions 2.0
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader 9.1.2
Advanced Audio FX Engine
Amazon Kindle
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Control Center
Autodesk MapGuide® Viewer ActiveX Control Release 6.5
avast! Internet Security
AVG 2013
AVG PC TuneUp 2014
AVG PC TuneUp 2014 (en-US)
Bonjour
calibre
CanoScan Toolbox Ver4.1
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Edoc Viewer
Dell Webcam Central
DivX Setup
Document Express DjVu Plug-in
DW WLAN Card
FBReader for Windows
Free Video to Samsung Phones Converter version 5.0.6.221
Google Chrome
Google Drive
Google Earth Plug-in
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
HP Photo Creations
HP Photosmart 5520 series Basic Device Software
HP Photosmart 5520 series Help
HP Photosmart 5520 series Product Improvement Study
HP Update
Intel® Management Engine Components
iTunes
Java 7 Update 51
Java Auto Updater
Java 6 Update 20 (64-bit)
Java 6 Update 37
LeapFrog Connect
LeapFrog Tag Junior Plugin
Live! Cam Avatar Creator
McAfee SecurityCenter
MediaBar
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft PowerPoint Viewer
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
My Dell
Quickset64
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Roxio Burn
Samsung Kies
Samsung Story Album Viewer
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Shareaza 2.5.4.0
Skins
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)
VC80CRTRedist - 8.0.50727.4053
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
WIDCOMM Bluetooth Software
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012)
Xilisoft Video Converter Ultimate
.
==== Event Viewer Messages From Past Week ========
.
16/02/2014 13:18:37, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
16/02/2014 13:16:20, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
16/02/2014 13:02:38, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
16/02/2014 13:00:18, Error: Service Control Manager [7001]  - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
16/02/2014 12:59:58, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
16/02/2014 12:59:57, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
16/02/2014 12:59:55, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
16/02/2014 12:59:43, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
16/02/2014 12:59:32, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
16/02/2014 12:58:32, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21
16/02/2014 12:58:18, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  aswRvrt aswSnx aswSP aswTdi aswVmm AVGIDSDriver Avgldx64 discache spldr Wanarpv6
16/02/2014 12:58:15, Error: Service Control Manager [7001]  - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:  The dependency service or group failed to start.
16/02/2014 12:58:14, Error: Service Control Manager [7001]  - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:  A device attached to the system is not functioning.
16/02/2014 12:52:08, Error: Service Control Manager [7000]  - The Windows Modules Installer service failed to start due to the following error:  The parameter is incorrect.
16/02/2014 12:52:08, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "87" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
16/02/2014 12:51:28, Error: Service Control Manager [7000]  - The McAfee Proxy Service service failed to start due to the following error:  The parameter is incorrect.
16/02/2014 12:50:34, Error: Microsoft-Windows-WMPNSS-Service [14325]  - Service 'WMPNetworkSvc' did not start correctly because QueryService encountered error '0x80010105'. In Windows Media Player, turn off media sharing, and then turn it back on.
16/02/2014 12:50:28, Error: Service Control Manager [7031]  - The McAfee Services service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
16/02/2014 12:50:28, Error: Service Control Manager [7031]  - The McAfee Proxy Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
16/02/2014 12:50:28, Error: Service Control Manager [7031]  - The McAfee Personal Firewall Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
16/02/2014 12:50:28, Error: Service Control Manager [7031]  - The McAfee Anti-Spam Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
16/02/2014 12:49:58, Error: Service Control Manager [7023]  - The McAfee VirusScan Announcer service terminated with the following error:  %%-2147024890
16/02/2014 12:49:51, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Intel® Management & Security Application User Notification Service service to connect.
16/02/2014 12:49:51, Error: Service Control Manager [7000]  - The Intel® Management & Security Application User Notification Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
16/02/2014 12:48:34, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
16/02/2014 12:48:34, Error: Service Control Manager [7000]  - The Google Update Service (gupdate) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
16/02/2014 12:46:44, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
16/02/2014 12:46:44, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
16/02/2014 12:46:30, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  aswTdi
16/02/2014 12:45:21, Error: Service Control Manager [7000]  - The aswFsBlk service failed to start due to the following error:  The system cannot find the file specified.
16/02/2014 12:20:45, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
16/02/2014 12:13:42, Error: Service Control Manager [7000]  - The McAfee Scanner service failed to start due to the following error:  The parameter is incorrect.
16/02/2014 12:13:42, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "87" attempting to start the service MCODS with arguments "" in order to run the server: {C98F04D7-CD30-4BB0-B7D7-8DD7448520F2}
16/02/2014 12:09:19, Error: Service Control Manager [7001]  - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:  The service did not respond to the start or control request in a timely fashion.
16/02/2014 12:09:18, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Application Virtualization Client service to connect.
16/02/2014 12:09:18, Error: Service Control Manager [7000]  - The Application Virtualization Client service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
16/02/2014 11:39:19, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  aswRvrt aswSnx aswSP aswVmm AVGIDSDriver Avgldx64 discache spldr Wanarpv6
16/02/2014 11:35:59, Error: Service Control Manager [7001]  - The McAfee Network Agent service depends on the McAfee Firewall Core Service service which failed to start because of the following error:  The dependency service or group failed to start.
16/02/2014 11:35:59, Error: Service Control Manager [7001]  - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error:  The parameter is incorrect.
16/02/2014 11:35:59, Error: Service Control Manager [7000]  - The McAfee Validation Trust Protection Service service failed to start due to the following error:  The parameter is incorrect.
16/02/2014 11:35:59, Error: Service Control Manager [7000]  - The McAfee Services service failed to start due to the following error:  The parameter is incorrect.
16/02/2014 11:34:45, Error: Service Control Manager [7031]  - The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
16/02/2014 11:34:00, Error: Service Control Manager [7023]  - The Network Location Awareness service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
16/02/2014 11:34:00, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  Operation did not complete successfully because the file contains a virus.
16/02/2014 11:34:00, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
16/02/2014 11:33:57, Error: Service Control Manager [7034]  - The AVG WatchDog service terminated unexpectedly.  It has done this 1 time(s).
16/02/2014 11:33:52, Error: Service Control Manager [7023]  - The IP Helper service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
16/02/2014 11:33:52, Error: Service Control Manager [7001]  - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error:  The dependency service or group failed to start.
16/02/2014 11:33:52, Error: Service Control Manager [7001]  - The McAfee Personal Firewall Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error:  The dependency service or group failed to start.
16/02/2014 11:33:51, Error: Service Control Manager [7001]  - The McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error:  The parameter is incorrect.
16/02/2014 11:33:51, Error: Service Control Manager [7001]  - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error:  The dependency service or group failed to start.
16/02/2014 11:33:51, Error: Service Control Manager [7001]  - The Application Virtualization Client service depends on the Application Virtualization Service Agent service which failed to start because of the following error:  The service did not respond to the start or control request in a timely fashion.
16/02/2014 11:33:51, Error: Service Control Manager [7000]  - The AVG PC TuneUp Service service failed to start due to the following error:  The parameter is incorrect.
16/02/2014 11:33:48, Error: Service Control Manager [7023]  - The Windows Image Acquisition (WIA) service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
16/02/2014 11:33:48, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Application Virtualization Service Agent service to connect.
16/02/2014 11:33:48, Error: Service Control Manager [7000]  - The Application Virtualization Service Agent service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
16/02/2014 11:33:42, Error: Service Control Manager [7000]  - The SoftThinks Agent Service service failed to start due to the following error:  The parameter is incorrect.
16/02/2014 11:33:39, Error: Service Control Manager [7023]  - The Program Compatibility Assistant Service service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
16/02/2014 11:33:38, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.
16/02/2014 11:33:38, Error: Service Control Manager [7000]  - The MBAMService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
16/02/2014 11:28:20, Error: Service Control Manager [7001]  - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error:  The parameter is incorrect.
16/02/2014 11:28:20, Error: Service Control Manager [7001]  - The McAfee Personal Firewall Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error:  The parameter is incorrect.
16/02/2014 11:28:20, Error: Service Control Manager [7001]  - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:  The parameter is incorrect.
16/02/2014 11:28:20, Error: Service Control Manager [7000]  - The Application Virtualization Client service failed to start due to the following error:  The parameter is incorrect.
16/02/2014 11:28:10, Error: Service Control Manager [7001]  - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error:  The parameter is incorrect.
16/02/2014 11:28:10, Error: Service Control Manager [7000]  - The McAfee Firewall Core Service service failed to start due to the following error:  The parameter is incorrect.
16/02/2014 11:28:02, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McShield service to connect.
16/02/2014 11:28:02, Error: Service Control Manager [7000]  - The McShield service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
16/02/2014 11:06:51, Error: Service Control Manager [7000]  - The McShield service failed to start due to the following error:  The parameter is incorrect.
16/02/2014 10:54:03, Error: Service Control Manager [7001]  - The McAfee Network Agent service depends on the McAfee Firewall Core Service service which failed to start because of the following error:  The parameter is incorrect.
16/02/2014 10:51:38, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
16/02/2014 10:51:38, Error: Service Control Manager [7000]  - The IP Helper service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
16/02/2014 10:03:40, Error: Service Control Manager [7023]  - The Windows Driver Foundation - User-mode Driver Framework service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
16/02/2014 10:01:28, Error: Service Control Manager [7031]  - The Print Spooler service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
16/02/2014 09:57:27, Error: Service Control Manager [7023]  - The Function Discovery Resource Publication service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
16/02/2014 09:57:27, Error: Service Control Manager [7000]  - The MBAMService service failed to start due to the following error:  The parameter is incorrect.
16/02/2014 09:57:27, Error: Service Control Manager [7000]  - The MBAMScheduler service failed to start due to the following error:  The parameter is incorrect.
16/02/2014 09:57:27, Error: Service Control Manager [7000]  - The Intel® Management and Security Application Local Management Service service failed to start due to the following error:  The parameter is incorrect.
16/02/2014 09:57:26, Error: Service Control Manager [7023]  - The IKE and AuthIP IPsec Keying Modules service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
16/02/2014 09:57:26, Error: Service Control Manager [7023]  - The Diagnostic Policy Service service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
16/02/2014 09:57:26, Error: Service Control Manager [7023]  - The Cryptographic Services service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
16/02/2014 09:57:26, Error: Service Control Manager [7000]  - The Bonjour Service service failed to start due to the following error:  The parameter is incorrect.
16/02/2014 09:57:26, Error: Service Control Manager [7000]  - The Bluetooth Service service failed to start due to the following error:  The parameter is incorrect.
16/02/2014 09:57:25, Error: Service Control Manager [7024]  - The AVGIDSAgent service terminated with service-specific error %%-536753637.
16/02/2014 09:57:25, Error: Service Control Manager [7000]  - The AVG WatchDog service failed to start due to the following error:  The parameter is incorrect.
16/02/2014 00:05:51, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
15/02/2014 23:40:11, Error: Service Control Manager [7023]  - The Multimedia Class Scheduler service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
15/02/2014 23:31:48, Error: Microsoft-Windows-WMPNSS-Service [14324]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(WindowsMediaPlayer) encountered error '0x80004002'. If possible, reinstall Windows Media Player.
15/02/2014 23:31:47, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
15/02/2014 23:31:47, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
15/02/2014 23:31:41, Error: Service Control Manager [7023]  - The PnP-X IP Bus Enumerator service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
15/02/2014 23:31:39, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
15/02/2014 23:29:54, Error: Service Control Manager [7023]  - The SSDP Discovery service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
15/02/2014 23:29:53, Error: Service Control Manager [7023]  - The IPsec Policy Agent service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
15/02/2014 23:29:53, Error: Service Control Manager [7023]  - The Application Experience service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
15/02/2014 23:29:43, Error: Service Control Manager [7023]  - The Bluetooth Support Service service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
15/02/2014 23:29:39, Error: Service Control Manager [7023]  - The Application Information service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
15/02/2014 23:29:38, Error: Service Control Manager [7031]  - The McShield service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
15/02/2014 23:29:38, Error: Service Control Manager [7000]  - The Client Virtualization Handler service failed to start due to the following error:  The parameter is incorrect.
15/02/2014 21:18:09, Error: Service Control Manager [7024]  - The HomeGroup Provider service terminated with service-specific error %%-2147221164.
15/02/2014 21:17:55, Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.
15/02/2014 21:16:10, Error: Microsoft-Windows-WMPNSS-Service [14324]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(WindowsMediaPlayer) encountered error '0x800700e1'. If possible, reinstall Windows Media Player.
15/02/2014 21:16:09, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
15/02/2014 21:16:09, Error: Service Control Manager [7000]  - The Windows Media Player Network Sharing Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
15/02/2014 21:15:34, Error: Microsoft-Windows-DistributedCOM [10000]  - Unable to start a DCOM Server: {06622D85-6856-4460-8DE1-A81921B41C4B}. The error: "87" Happened while starting this command: C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
15/02/2014 21:15:33, Error: Service Control Manager [7023]  - The HomeGroup Provider service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
15/02/2014 21:14:07, Error: Microsoft-Windows-DistributedCOM [10000]  - Unable to start a DCOM Server: {7323885B-407F-4839-9695-96F545FF6286}. The error: "87" Happened while starting this command: "c:\PROGRA~1\mcafee\msc\mcupdmgr.exe" -Embedding
15/02/2014 21:12:36, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x800700e1'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
15/02/2014 21:11:19, Error: Service Control Manager [7023]  - The Windows Update service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
15/02/2014 21:11:03, Error: Service Control Manager [7023]  - The Function Discovery Provider Host service terminated with the following error:  %%-2147024671
15/02/2014 21:11:03, Error: Service Control Manager [7001]  - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:  %%-2147024671
15/02/2014 21:11:00, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.
15/02/2014 21:10:29, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  %%-2147024671
15/02/2014 09:43:42, Error: Microsoft-Windows-DistributedCOM [10000]  - Unable to start a DCOM Server: {51FA2736-5DEE-11D4-98E8-006008BF430C}. The error: "87" Happened while starting this command: "C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
15/02/2014 09:43:20, Error: Service Control Manager [7023]  - The TCP/IP NetBIOS Helper service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
15/02/2014 09:40:33, Error: Service Control Manager [7023]  - The UPnP Device Host service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
15/02/2014 09:39:45, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
15/02/2014 09:39:33, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
15/02/2014 09:39:28, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
15/02/2014 08:41:55, Error: Service Control Manager [7000]  - The Windows Installer service failed to start due to the following error:  The parameter is incorrect.
15/02/2014 08:41:55, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "87" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
15/02/2014 08:34:47, Error: Ntfs [137]  - The default transaction resource manager on volume E: encountered a non-retryable error and could not start.  The data contains the error code.
15/02/2014 08:34:35, Error: Service Control Manager [7038]  - The NlaSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
15/02/2014 08:34:35, Error: Service Control Manager [7038]  - The MpsSvc service was unable to log on as NT Authority\LocalService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
15/02/2014 08:34:35, Error: Service Control Manager [7038]  - The mfevtp service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
15/02/2014 08:34:35, Error: Service Control Manager [7038]  - The LanmanWorkstation service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
15/02/2014 08:34:35, Error: Service Control Manager [7038]  - The CryptSvc service was unable to log on as NT Authority\NetworkService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
15/02/2014 08:34:35, Error: Service Control Manager [7001]  - The McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error:  The service did not start due to a logon failure.
15/02/2014 08:34:35, Error: Service Control Manager [7001]  - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error:  The service did not start due to a logon failure.
15/02/2014 08:34:35, Error: Service Control Manager [7001]  - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error:  The service did not start due to a logon failure.
15/02/2014 08:34:35, Error: Service Control Manager [7001]  - The IP Helper service depends on the Windows Management Instrumentation service which failed to start because of the following error:  A system shutdown is in progress.
15/02/2014 08:34:35, Error: Service Control Manager [7000]  - The Workstation service failed to start due to the following error:  The service did not start due to a logon failure.
15/02/2014 08:34:35, Error: Service Control Manager [7000]  - The Windows Firewall service failed to start due to the following error:  The service did not start due to a logon failure.
15/02/2014 08:34:35, Error: Service Control Manager [7000]  - The Network Location Awareness service failed to start due to the following error:  The service did not start due to a logon failure.
15/02/2014 08:34:35, Error: Service Control Manager [7000]  - The McAfee Validation Trust Protection Service service failed to start due to the following error:  The service did not start due to a logon failure.
15/02/2014 08:34:35, Error: Service Control Manager [7000]  - The IKE and AuthIP IPsec Keying Modules service failed to start due to the following error:  A system shutdown is in progress.
15/02/2014 08:34:35, Error: Service Control Manager [7000]  - The Cryptographic Services service failed to start due to the following error:  The service did not start due to a logon failure.
15/02/2014 00:52:16, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
15/02/2014 00:52:16, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
15/02/2014 00:52:16, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
15/02/2014 00:51:06, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
15/02/2014 00:45:52, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD aswRdr aswRvrt aswSnx aswSP aswVmm AVGIDSDriver Avgldx64 Avgtdia DfsC discache mfehidk mfenlfk mfewfpk NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
15/02/2014 00:45:52, Error: Service Control Manager [7001]  - The McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error:  The dependency service or group failed to start.
15/02/2014 00:45:52, Error: Service Control Manager [7001]  - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error:  The dependency service or group failed to start.
15/02/2014 00:45:51, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
15/02/2014 00:45:51, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
15/02/2014 00:45:51, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
15/02/2014 00:45:51, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
15/02/2014 00:45:51, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
15/02/2014 00:45:51, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
15/02/2014 00:45:51, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
15/02/2014 00:45:51, Error: Service Control Manager [7001]  - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error:  A device attached to the system is not functioning.
15/02/2014 00:45:51, Error: Service Control Manager [7001]  - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error:  The dependency service or group failed to start.
15/02/2014 00:45:51, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
15/02/2014 00:45:51, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
15/02/2014 00:45:51, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
14/02/2014 19:48:20, Error: BTHUSB [17]  - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
14/02/2014 15:10:03, Error: Service Control Manager [7023]  - The Server service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:10:03, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:09:53, Error: Service Control Manager [7023]  - The WinHTTP Web Proxy Auto-Discovery Service service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:09:27, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The parameter is incorrect.
14/02/2014 15:09:26, Error: Service Control Manager [7023]  - The Security Center service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:09:26, Error: Service Control Manager [7023]  - The Power service terminated with the following error:  The WMI request could not be completed and should be retried.
14/02/2014 15:09:26, Error: Service Control Manager [7000]  - The Windows Media Player Network Sharing Service service failed to start due to the following error:  The parameter is incorrect.
14/02/2014 15:09:23, Error: Service Control Manager [7000]  - The Software Protection service failed to start due to the following error:  The parameter is incorrect.
14/02/2014 15:09:23, Error: Service Control Manager [7000]  - The Intel® Management & Security Application User Notification Service service failed to start due to the following error:  The parameter is incorrect.
14/02/2014 15:09:21, Error: Service Control Manager [7023]  - The Function Discovery Provider Host service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:09:21, Error: Service Control Manager [7001]  - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:09:21, Error: Service Control Manager [7000]  - The Google Update Service (gupdate) service failed to start due to the following error:  The parameter is incorrect.
14/02/2014 15:08:50, Error: Microsoft-Windows-DistributedCOM [10000]  - Unable to start a DCOM Server: {56EA1054-1959-467F-BE3B-A2A787C4B6EA}. The error: "87" Happened while starting this command: C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
14/02/2014 15:08:33, Error: Service Control Manager [7023]  - The Shell Hardware Detection service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:08:19, Error: Service Control Manager [7000]  - The Print Spooler service failed to start due to the following error:  The parameter is incorrect.
14/02/2014 15:07:49, Error: Schannel [36865]  - A fatal error occurred while opening the system DSS cryptographic module. Operations that require the SSL or TLS cryptographic protocols will not work correctly. The error code is 0x8009001d.
14/02/2014 15:07:21, Error: Service Control Manager [7023]  - The Windows Error Reporting Service service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:07:21, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Bluetooth Support Service service to connect.
14/02/2014 15:07:21, Error: Service Control Manager [7000]  - The Bluetooth Support Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
14/02/2014 15:07:19, Error: Service Control Manager [7023]  - The Portable Device Enumerator Service service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:07:19, Error: Service Control Manager [7023]  - The Network Connections service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:07:19, Error: Service Control Manager [7023]  - The Human Interface Device Access service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:07:19, Error: Service Control Manager [7023]  - The Diagnostic Service Host service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:07:19, Error: Service Control Manager [7023]  - The Background Intelligent Transfer Service service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:07:18, Error: Service Control Manager [7023]  - The Windows Management Instrumentation service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:07:18, Error: Service Control Manager [7001]  - The IP Helper service depends on the Windows Management Instrumentation service which failed to start because of the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:07:18, Error: Service Control Manager [7001]  - The Application Virtualization Client service depends on the Application Virtualization Service Agent service which failed to start because of the following error:  The parameter is incorrect.
14/02/2014 15:07:17, Error: Service Control Manager [7023]  - The Superfetch service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:07:17, Error: Service Control Manager [7023]  - The Distributed Link Tracking Client service terminated with the following error:  Operation did not complete successfully because the file contains a virus.
14/02/2014 15:07:17, Error: Service Control Manager [7000]  - The Windows Image Acquisition (WIA) service failed to start due to the following error:  The parameter is incorrect.
14/02/2014 15:07:16, Error: Service Control Manager [7000]  - The Application Virtualization Service Agent service failed to start due to the following error:  The parameter is incorrect.
14/02/2014 15:05:10, Error: Service Control Manager [7024]  - The AVGIDSAgent service terminated with service-specific error %%-536753639.
14/02/2014 15:05:01, Error: Service Control Manager [7024]  - The AVG WatchDog service terminated with service-specific error %%-1073282847.
14/02/2014 14:48:04, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McAfee VirusScan Announcer service to connect.
14/02/2014 14:48:04, Error: Service Control Manager [7000]  - The McAfee VirusScan Announcer service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
14/02/2014 03:21:16, Error: Service Control Manager [7034]  - The AVGIDSAgent service terminated unexpectedly.  It has done this 1 time(s).
13/02/2014 04:20:38, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80004005: Update for Windows 7 for x64-based Systems (KB2919469).
13/02/2014 04:09:49, Error: Service Control Manager [7022]  - The Windows Search service hung on starting.
13/02/2014 03:52:08, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.51.2
Run by Eamonn at 13:40:15 on 2014-02-16
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.353.1033.18.3957.2933 [GMT 0:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
AV: avast! Internet Security *Enabled/Outdated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: avast! Internet Security *Enabled/Outdated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
FW: avast! Internet Security *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\mfevtps.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyServer = 50.63.57.205:8080
mURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - 
mWinlogon: Userinit = userinit.exe
BHO: Shareaza Web Download Hook: {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files (x86)\Shareaza\RazaWebHook32.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110219235153.dll
BHO: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - 
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: UrlHelper Class: {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files (x86)\Shareaza Applications\MediaBar\Datamngr\IEBHO.dll
BHO: MediaBar: {d48c9ead-f59f-4dea-ac97-7065fea79f42} - C:\Program Files (x86)\Shareaza Applications\MediaBar\ToolBar\shdtxmltbpi.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: MediaBar: {d48c9ead-f59f-4dea-ac97-7065fea79f42} - C:\Program Files (x86)\Shareaza Applications\MediaBar\ToolBar\shdtxmltbpi.dll
TB: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - 
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [HP Photosmart 5520 series (NET)] "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN37Q130DT0602:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1
mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [DATAMNGR] C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\DATAMN~1.EXE
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Eamonn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download with &Shareaza - C:\Program Files (x86)\Shareaza\RazaWebHook32.dll/3000
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{F8925218-DAF2-4299-8B63-6003F8F3209F} : DHCPNameServer = 192.168.0.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
AppInit_DLLs= C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\IEBHO.dll 
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Shareaza Web Download Hook: {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files (x86)\Shareaza\RazaWebHook64.dll
x64-BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho64.dll
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110219235153.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: UrlHelper Class: {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files (x86)\Shareaza Applications\MediaBar\Datamngr\x64\IEBHO.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-10-23 45880]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-2-19 529128]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-12-15 55856]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-7-9 28184]
R1 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswNdisFlt.sys [2013-3-16 447888]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\System32\drivers\mfenlfk.sys [2011-2-19 75032]
R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-2-19 283360]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-2-19 355440]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-2-19 245352]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2011-2-19 149032]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2010-12-15 20984]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-12-15 56344]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-12-15 74280]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-2-19 441328]
S0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-16 65776]
S0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-16 207904]
S1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-5-12 1038072]
S1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-5-12 421704]
S1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-25 246072]
S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
S2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-12-15 98208]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-12-15 202752]
S2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-5-12 78648]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-29 50344]
S2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-11-29 116776]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-2-19 355440]
S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-2-19 355440]
S2 McShield;McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-2-19 200056]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-12-15 1692480]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-10-30 2099000]
S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-15 2320920]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2012-3-2 163368]
S3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2013-12-24 594472]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2013-12-24 39976]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-2-19 62800]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2010-12-15 172704]
S3 FlyUsb;FLY Fusion;C:\Windows\System32\drivers\FlyUsb.sys [2012-9-28 24576]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-13 111616]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-12-15 151936]
S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-2-19 190136]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-2-19 94864]
S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0;PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\My Dell\pcdsrvc_x64.pkms [2013-5-3 25584]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-22 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-12-15 245792]
S3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
S3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
S3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
S3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-6-22 57856]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2013-9-18 14112]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-19 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
.
=============== Created Last 30 ================
.
2014-02-16 11:13:52 -------- d-----w- C:\FRST
2014-02-16 10:24:15 -------- d-----w- C:\AdwCleaner
2014-02-15 21:32:26 -------- d-----w- C:\Users\Eamonn\AppData\Roaming\Malwarebytes
2014-02-15 21:32:21 -------- d-----w- C:\ProgramData\Malwarebytes
2014-02-15 21:32:20 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-02-15 21:32:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-15 21:32:01 -------- d-----w- C:\Users\Eamonn\AppData\Local\Programs
2014-02-13 03:04:10 548864 ----a-w- C:\Windows\System32\vbscript.dll
2014-02-13 03:04:10 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-02-13 03:01:58 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-02-12 20:45:08 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-02-12 20:45:07 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-02-12 20:45:05 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-02-12 20:45:05 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-02-10 00:37:48 80184 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-01-20 10:08:06 -------- d-----w- C:\ProgramData\Oracle
2014-01-20 10:06:00 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M  ====================
.
2014-02-10 00:37:23 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-02-10 00:37:23 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-02-10 00:37:23 1038072 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-02-10 00:37:21 43152 ----a-w- C:\Windows\avastSS.scr
2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-05 01:55:20 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-05 01:55:20 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-12-04 02:27:33 485888 ----a-w- C:\Windows\System32\secproc_isv.dll
2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll
2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp.dll
2013-12-04 02:27:16 488448 ----a-w- C:\Windows\System32\secproc.dll
2013-12-04 02:26:32 528384 ----a-w- C:\Windows\System32\msdrm.dll
2013-12-04 02:16:51 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe
2013-12-04 02:16:51 626176 ----a-w- C:\Windows\System32\RMActivate.exe
2013-12-04 02:16:50 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe
2013-12-04 02:16:48 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe
2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll
2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll
2013-12-04 02:03:20 423936 ----a-w- C:\Windows\SysWow64\secproc_isv.dll
2013-12-04 02:03:08 428032 ----a-w- C:\Windows\SysWow64\secproc.dll
2013-12-04 02:02:06 390144 ----a-w- C:\Windows\SysWow64\msdrm.dll
2013-12-04 01:54:14 510976 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe
2013-12-04 01:54:10 594944 ----a-w- C:\Windows\SysWow64\RMActivate_isv.exe
2013-12-04 01:54:09 572416 ----a-w- C:\Windows\SysWow64\RMActivate.exe
2013-12-04 01:54:06 508928 ----a-w- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
2013-11-29 21:23:00 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-11-29 21:22:59 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-11-29 21:22:44 28184 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2013-11-29 21:22:35 447888 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys
2013-11-27 01:41:37 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-11-27 01:41:15 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-11-27 01:41:11 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-11-27 01:41:11 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-11-27 01:41:09 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-11-27 01:41:06 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-11-27 01:41:03 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-11-26 11:40:00 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2013-11-26 10:32:56 3156480 ----a-w- C:\Windows\System32\win32k.sys
2013-11-26 08:16:50 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-11-25 01:48:36 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-22 22:48:21 3928064 ----a-w- C:\Windows\System32\d2d1.dll
.
============= FINISH: 13:40:23.02 ===============
 

 

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Please comply with the above and remove any software that breaks forum protocol...

 

Next,

 

There are three security systems running (AVG, Avast & McAfee), that is counterproductive and will have a major negative affect on the OS.... Uninstall two of those and leave your preferred choice..

 

Next,

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin...

Link to post
Share on other sites

Hi there Kevin

The addition note is from earlier today before i posted and before i deleted file sharing and excess av software.

Hope thats ok

Eamonn 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01

Ran by Eamonn (administrator) on EAMONN-PC on 16-02-2014 17:14:10

Running from C:\Users\Eamonn\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Safe Mode (with Networking)

 

The only official download link for FRST:

Download link for 32-Bit version:

Download link for 64-Bit Version:

Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Farbar) C:\Users\Eamonn\Downloads\FRST64 (2).exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2122536 2010-05-08] (Synaptics Incorporated)

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-02-03] (Realtek Semiconductor)

HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\QuickSet.exe [3203440 2010-04-06] (Dell Inc.)

HKLM-x32\...\Run: [startCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)

HKLM-x32\...\Run: [DATAMNGR] - C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\DATAMN~1.EXE

HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2013-11-20] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [] - [X]

HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-29] (AVAST Software)

HKLM-x32\...\Run: [Monitor] - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [106496 2013-11-27] (LeapFrog Enterprises, Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-07] (Samsung)

HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-03-20] (Samsung Electronics)

HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-07] (Samsung)

HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\...\Run: [HP Photosmart 5520 series (NET)] - C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\...\MountPoints2: {dbae707e-0838-11e0-b4d7-806e6f6e6963} - D:\Autorun.exe

AppInit_DLLs: C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\x64\datamngr.dll => C:\Program Files (x86)\Shareaza Applications\MediaBar\Datamngr\x64\datamngr.dll [1031616 2011-02-08] (Discordia, LTD)

AppInit_DLLs: C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\x64\IEBHO.dll => C:\Program Files (x86)\Shareaza Applications\MediaBar\Datamngr\x64\IEBHO.dll [1057728 2011-02-08] (Discordia, LTD)

AppInit_DLLs-x32: C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\datamngr.dll => C:\Program Files (x86)\Shareaza Applications\MediaBar\Datamngr\datamngr.dll [726464 2011-02-08] (Discordia, LTD)

AppInit_DLLs-x32: C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\IEBHO.dll => C:\Program Files (x86)\Shareaza Applications\MediaBar\Datamngr\IEBHO.dll [721856 2011-02-08] (Discordia, LTD)

Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

Startup: C:\Users\Eamonn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5520 series (Network).lnk

ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5520 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

 

==================== Internet (Whitelisted) ====================

 

ProxyServer: 50.63.57.205:8080

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen

URLSearchHook: HKLM-x32 - BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll No File

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - DefaultScope {71C63272-91A7-436a-843D-A1C641D1C626} URL = http://search.shareazaweb.com/web?src=ieb&systemid=3&q={searchTerms}

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - {71C63272-91A7-436a-843D-A1C641D1C626} URL = http://search.shareazaweb.com/web?src=ieb&systemid=3&q={searchTerms}

SearchScopes: HKCU - {71C63272-91A7-436a-843D-A1C641D1C626} URL = 

SearchScopes: HKCU - {BC8C9113-0353-4BFB-B56D-0811E37A400C} URL = 

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files (x86)\Shareaza Applications\MediaBar\Datamngr\x64\IEBHO.dll (Discordia, LTD)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)

BHO-x32: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll No File

BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files (x86)\Shareaza Applications\MediaBar\Datamngr\IEBHO.dll (Discordia, LTD)

BHO-x32: MediaBar - {d48c9ead-f59f-4dea-ac97-7065fea79f42} - C:\Program Files (x86)\Shareaza Applications\MediaBar\ToolBar\shdtxmltbpi.dll ()

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - MediaBar - {d48c9ead-f59f-4dea-ac97-7065fea79f42} - C:\Program Files (x86)\Shareaza Applications\MediaBar\ToolBar\shdtxmltbpi.dll ()

Toolbar: HKLM-x32 - BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll No File

Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab

DPF: HKLM-x32 {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://photos.fujipix.ie/imagine/ax/ImageUploader5.cab

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File

Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

 

Chrome: 

=======


CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File

CHR Plugin: (Skype Click to Call) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll No File

CHR Plugin: (AVG Internet Security) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File

CHR Plugin: (Java Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File

CHR Plugin: (Google Talk Plugin) - C:\Users\Eamonn\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Eamonn\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer Version Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File

CHR Plugin: (RealJukebox NS Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll No File

CHR Extension: (YouTube) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-12]

CHR Extension: (Google Search) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-12]

CHR Extension: (DivX HiQ) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2012-05-12]

CHR Extension: (MagicScroll eBook Reader) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2013-04-28]

CHR Extension: (avast! Online Security) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-05-22]

CHR Extension: (RealDownloader) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-02-17]

CHR Extension: (Google Wallet) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]

CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-05-12]

CHR Extension: (Gmail) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-12]

CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]

CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]

CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Eamonn\AppData\Local\Temp\ccex.crx [2012-11-29]

CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]

 

==================== Services (Whitelisted) =================

 

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-29] (AVAST Software)

S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [116776 2013-11-29] (AVAST Software)

S2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()

S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2099000 2013-10-30] (AVG)

S2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [42808 2013-10-30] (AVG)

 

==================== Drivers (Whitelisted) ====================

 

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-11-29] (AVAST Software)

S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-10] (AVAST Software)

R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2013-11-29] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-29] (AVAST Software)

S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-29] ()

S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-10] (AVAST Software)

S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-10] (AVAST Software)

S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-10] ()

S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)

S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-09-28] (LeapFrog)

S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)

S2 aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [X]

S1 aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [X]

S3 dg_ssudbus; system32\DRIVERS\ssudbus.sys [X]

S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X]

S3 ssudmdm; system32\DRIVERS\ssudmdm.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-02-16 17:13 - 2014-02-16 17:14 - 02152960 _____ (Farbar) C:\Users\Eamonn\Downloads\FRST64 (2).exe

2014-02-16 15:26 - 2014-02-16 15:26 - 00003288 ____N () C:\bootsqm.dat

2014-02-16 14:42 - 2014-02-16 14:42 - 00000000 ____D () C:\Users\Eamonn\AppData\Local\Avg2014

2014-02-16 13:40 - 2014-02-16 13:40 - 00052026 _____ () C:\Users\Eamonn\Desktop\attach.txt

2014-02-16 13:40 - 2014-02-16 13:40 - 00022417 _____ () C:\Users\Eamonn\Desktop\dds.txt

2014-02-16 13:39 - 2014-02-16 13:40 - 00688992 ____R (Swearware) C:\Users\Eamonn\Downloads\dds (1).scr

2014-02-16 13:31 - 2014-02-16 13:31 - 00688992 ____R (Swearware) C:\Users\Eamonn\Downloads\dds.scr

2014-02-16 13:02 - 2014-02-16 13:02 - 00688992 ____R (Swearware) C:\Users\Eamonn\Downloads\dds.com

2014-02-16 12:47 - 2014-02-16 15:28 - 00003344 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4189699179-4261241995-2062581622-1001

2014-02-16 12:47 - 2014-02-16 15:28 - 00003212 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4189699179-4261241995-2062581622-1001

2014-02-16 12:10 - 2014-02-16 12:10 - 00003556 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - cd7538e1970a4a0cb0962f2786c3f786fe2058051a404ffe8be1c0c41cfb2813

2014-02-16 11:23 - 2014-02-16 11:24 - 02152960 _____ (Farbar) C:\Users\Eamonn\Downloads\FRST64 (1).exe

2014-02-16 11:15 - 2014-02-16 11:15 - 00030894 _____ () C:\Users\Eamonn\Downloads\Addition.txt

2014-02-16 11:13 - 2014-02-16 17:14 - 00000000 ____D () C:\FRST

2014-02-16 11:13 - 2014-02-16 17:14 - 00000000 _____ () C:\Users\Eamonn\Downloads\FRST.txt

2014-02-16 11:12 - 2014-02-16 11:12 - 02152960 _____ (Farbar) C:\Users\Eamonn\Downloads\FRST64.exe

2014-02-16 11:11 - 2014-02-16 11:11 - 01141248 _____ (Farbar) C:\Users\Eamonn\Downloads\FRST.exe

2014-02-16 10:59 - 2014-02-16 11:00 - 01166132 _____ () C:\Users\Eamonn\Downloads\AdwCleaner (1).exe

2014-02-16 10:24 - 2014-02-16 11:04 - 00000000 ____D () C:\AdwCleaner

2014-02-16 10:23 - 2014-02-16 10:24 - 01166132 _____ () C:\Users\Eamonn\Downloads\AdwCleaner.exe

2014-02-16 10:10 - 2014-02-16 12:41 - 00000000 ____D () C:\Users\Eamonn\Documents\Registry files

2014-02-15 21:32 - 2014-02-16 12:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-15 21:32 - 2014-02-15 21:32 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-15 21:32 - 2014-02-15 21:32 - 00000000 ____D () C:\Users\Eamonn\AppData\Roaming\Malwarebytes

2014-02-15 21:32 - 2014-02-15 21:32 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-15 21:32 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-02-15 21:31 - 2014-02-15 21:31 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Eamonn\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-15 21:31 - 2014-02-15 21:31 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Eamonn\Downloads\mbam-setup-1.75.0.1300 (1).exe

2014-02-11 23:02 - 2014-02-11 23:02 - 00000000 ____D () C:\Users\Eamonn\Desktop\new house plans

2014-02-11 20:37 - 2014-02-11 20:38 - 00000000 ____D () C:\Users\Eamonn\Desktop\wall system

2014-02-10 00:37 - 2014-02-10 00:37 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys

2014-02-01 09:57 - 2014-02-01 09:57 - 00000000 ____D () C:\Users\Eamonn\Downloads\WALT DISNEYS TINKERBELL 2008[DVDRIP][ENG]-KIDZCORNER&J.T.R

2014-01-20 10:09 - 2014-01-20 10:09 - 00921000 _____ (Oracle Corporation) C:\Users\Eamonn\Downloads\chromeinstall-7u51 (1).exe

2014-01-20 10:08 - 2014-01-20 10:08 - 00000000 ____D () C:\ProgramData\Oracle

2014-01-20 10:06 - 2014-01-20 10:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-01-20 10:06 - 2014-01-20 10:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-01-20 10:06 - 2014-01-20 10:05 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-01-20 10:06 - 2014-01-20 10:05 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-01-20 10:01 - 2014-01-20 10:01 - 00921000 _____ (Oracle Corporation) C:\Users\Eamonn\Downloads\chromeinstall-7u51.exe

 

==================== One Month Modified Files and Folders =======

 

2014-02-16 17:14 - 2014-02-16 17:13 - 02152960 _____ (Farbar) C:\Users\Eamonn\Downloads\FRST64 (2).exe

2014-02-16 17:14 - 2014-02-16 11:13 - 00000000 ____D () C:\FRST

2014-02-16 17:14 - 2014-02-16 11:13 - 00000000 _____ () C:\Users\Eamonn\Downloads\FRST.txt

2014-02-16 17:09 - 2011-05-12 23:12 - 00000000 ____D () C:\Users\Eamonn\AppData\Roaming\Shareaza

2014-02-16 17:04 - 2009-07-14 05:10 - 01654705 _____ () C:\Windows\WindowsUpdate.log

2014-02-16 17:02 - 2011-10-29 20:53 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-16 16:55 - 2013-02-08 09:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-02-16 16:34 - 2011-08-12 12:34 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4189699179-4261241995-2062581622-1001UA.job

2014-02-16 16:11 - 2009-07-14 04:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-02-16 16:11 - 2009-07-14 04:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-16 16:03 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-02-16 16:03 - 2009-07-14 04:51 - 00077355 _____ () C:\Windows\setupact.log

2014-02-16 15:34 - 2010-12-15 09:02 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup

2014-02-16 15:33 - 2010-12-15 10:48 - 00581464 _____ () C:\Windows\PFRO.log

2014-02-16 15:28 - 2014-02-16 12:47 - 00003344 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4189699179-4261241995-2062581622-1001

2014-02-16 15:28 - 2014-02-16 12:47 - 00003212 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4189699179-4261241995-2062581622-1001

2014-02-16 15:28 - 2010-12-15 09:11 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks

2014-02-16 15:28 - 2010-12-15 09:11 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks

2014-02-16 15:26 - 2014-02-16 15:26 - 00003288 ____N () C:\bootsqm.dat

2014-02-16 14:42 - 2014-02-16 14:42 - 00000000 ____D () C:\Users\Eamonn\AppData\Local\Avg2014

2014-02-16 14:34 - 2012-03-13 02:25 - 00000000 ____D () C:\ProgramData\MFAData

2014-02-16 13:40 - 2014-02-16 13:40 - 00052026 _____ () C:\Users\Eamonn\Desktop\attach.txt

2014-02-16 13:40 - 2014-02-16 13:40 - 00022417 _____ () C:\Users\Eamonn\Desktop\dds.txt

2014-02-16 13:40 - 2014-02-16 13:39 - 00688992 ____R (Swearware) C:\Users\Eamonn\Downloads\dds (1).scr

2014-02-16 13:34 - 2013-01-15 14:52 - 00000000 ____D () C:\Users\Eamonn\Desktop\Printing

2014-02-16 13:31 - 2014-02-16 13:31 - 00688992 ____R (Swearware) C:\Users\Eamonn\Downloads\dds.scr

2014-02-16 13:02 - 2014-02-16 13:02 - 00688992 ____R (Swearware) C:\Users\Eamonn\Downloads\dds.com

2014-02-16 12:45 - 2011-10-29 20:53 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-16 12:42 - 2014-02-15 21:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-16 12:41 - 2014-02-16 10:10 - 00000000 ____D () C:\Users\Eamonn\Documents\Registry files

2014-02-16 12:41 - 2012-01-11 18:18 - 00000000 ____D () C:\Users\Eamonn\AppData\Roaming\Mozilla

2014-02-16 12:41 - 2011-02-18 22:57 - 00000000 ___RD () C:\Users\Eamonn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-02-16 12:41 - 2011-02-18 22:52 - 00000000 ____D () C:\Users\Eamonn

2014-02-16 12:41 - 2009-07-14 07:44 - 00000000 ___RD () C:\Users\Public\Recorded TV

2014-02-16 12:40 - 2010-12-15 08:54 - 00000000 ____D () C:\Windows\SysWOW64\Macromed

2014-02-16 12:40 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache

2014-02-16 12:40 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\registration

2014-02-16 12:10 - 2014-02-16 12:10 - 00003556 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - cd7538e1970a4a0cb0962f2786c3f786fe2058051a404ffe8be1c0c41cfb2813

2014-02-16 11:43 - 2009-07-14 05:13 - 00780260 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-02-16 11:24 - 2014-02-16 11:23 - 02152960 _____ (Farbar) C:\Users\Eamonn\Downloads\FRST64 (1).exe

2014-02-16 11:15 - 2014-02-16 11:15 - 00030894 _____ () C:\Users\Eamonn\Downloads\Addition.txt

2014-02-16 11:12 - 2014-02-16 11:12 - 02152960 _____ (Farbar) C:\Users\Eamonn\Downloads\FRST64.exe

2014-02-16 11:11 - 2014-02-16 11:11 - 01141248 _____ (Farbar) C:\Users\Eamonn\Downloads\FRST.exe

2014-02-16 11:04 - 2014-02-16 10:24 - 00000000 ____D () C:\AdwCleaner

2014-02-16 11:00 - 2014-02-16 10:59 - 01166132 _____ () C:\Users\Eamonn\Downloads\AdwCleaner (1).exe

2014-02-16 10:52 - 2012-07-09 11:55 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update

2014-02-16 10:24 - 2014-02-16 10:23 - 01166132 _____ () C:\Users\Eamonn\Downloads\AdwCleaner.exe

2014-02-15 21:32 - 2014-02-15 21:32 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-15 21:32 - 2014-02-15 21:32 - 00000000 ____D () C:\Users\Eamonn\AppData\Roaming\Malwarebytes

2014-02-15 21:32 - 2014-02-15 21:32 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-15 21:31 - 2014-02-15 21:31 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Eamonn\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-15 21:31 - 2014-02-15 21:31 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Eamonn\Downloads\mbam-setup-1.75.0.1300 (1).exe

2014-02-15 21:02 - 2010-12-15 08:59 - 00000000 ____D () C:\ProgramData\Adobe

2014-02-15 21:01 - 2011-02-21 09:45 - 00000000 ____D () C:\Users\Eamonn\AppData\Local\Adobe

2014-02-14 12:34 - 2011-08-12 12:34 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4189699179-4261241995-2062581622-1001Core.job

2014-02-13 03:31 - 2011-05-03 07:50 - 00766172 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-02-13 03:03 - 2011-10-29 20:53 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-02-13 03:03 - 2011-10-29 20:53 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-02-13 00:00 - 2013-03-04 20:39 - 00002008 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk

2014-02-12 14:39 - 2013-06-17 10:12 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask

2014-02-11 23:02 - 2014-02-11 23:02 - 00000000 ____D () C:\Users\Eamonn\Desktop\new house plans

2014-02-11 20:38 - 2014-02-11 20:37 - 00000000 ____D () C:\Users\Eamonn\Desktop\wall system

2014-02-10 00:39 - 2013-11-29 21:24 - 00002034 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk

2014-02-10 00:39 - 2013-11-29 21:12 - 00001974 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk

2014-02-10 00:37 - 2014-02-10 00:37 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys

2014-02-10 00:37 - 2013-03-16 09:00 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2014-02-10 00:37 - 2012-05-12 13:29 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

2014-02-10 00:37 - 2012-05-12 13:29 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2014-02-10 00:37 - 2012-05-12 13:29 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2014-02-10 00:37 - 2012-05-12 13:29 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2014-02-10 00:37 - 2012-05-12 13:28 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-02-05 01:55 - 2013-02-08 09:34 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-02-05 01:55 - 2012-04-12 11:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-02-05 01:55 - 2011-06-16 06:21 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-02-04 03:07 - 2012-05-12 13:35 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-02-02 22:33 - 2014-01-16 01:19 - 00000000 ____D () C:\Users\Eamonn\Desktop\House design

2014-02-01 10:02 - 2013-05-19 22:45 - 00000000 ____D () C:\Users\Eamonn\Downloads\Dr Seuss eBooks in PDF and CBZ

2014-02-01 09:57 - 2014-02-01 09:57 - 00000000 ____D () C:\Users\Eamonn\Downloads\WALT DISNEYS TINKERBELL 2008[DVDRIP][ENG]-KIDZCORNER&J.T.R

2014-01-24 17:49 - 2011-05-03 07:51 - 00000000 ____D () C:\Users\Eamonn\AppData\Roaming\SoftGrid Client

2014-01-20 10:09 - 2014-01-20 10:09 - 00921000 _____ (Oracle Corporation) C:\Users\Eamonn\Downloads\chromeinstall-7u51 (1).exe

2014-01-20 10:08 - 2014-01-20 10:08 - 00000000 ____D () C:\ProgramData\Oracle

2014-01-20 10:05 - 2014-01-20 10:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-01-20 10:05 - 2014-01-20 10:06 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-01-20 10:05 - 2014-01-20 10:06 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-01-20 10:05 - 2014-01-20 10:06 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-01-20 10:05 - 2012-08-17 21:22 - 00000000 ____D () C:\Program Files (x86)\Java

2014-01-20 10:01 - 2014-01-20 10:01 - 00921000 _____ (Oracle Corporation) C:\Users\Eamonn\Downloads\chromeinstall-7u51.exe

 

Some content of TEMP:

====================

C:\Users\Eamonn\AppData\Local\Temp\install_flashplayer12x32axau_mssd_awe_aih.exe

C:\Users\Eamonn\AppData\Local\Temp\mncrqwf5.dll

C:\Users\Eamonn\AppData\Local\Temp\Quarantine.exe

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01

Ran by Eamonn at 2014-02-16 11:15:38

Running from C:\Users\Eamonn\Downloads

Boot Mode: Safe Mode (with Networking)

==========================================================

 

 

==================== Security Center ========================

 

AV: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}

AV: avast! Internet Security (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}

AS: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

AS: avast! Internet Security (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

FW: McAfee Firewall (Disabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

FW: avast! Internet Security (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

FW: AVG Internet Security 2013 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

 

==================== Installed Programs ======================

 

µTorrent (x32 Version: 3.3.0.29342 - BitTorrent Inc.)

AC3Filter 2.5b (x32 Version: 2.5b - Alexander Vigovsky)

Adobe Digital Editions 2.0 (x32 Version: 2.0 - Adobe Systems Incorporated)

Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)

Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)

Adobe Reader 9.1.2 (x32 Version: 9.1.2 - Adobe Systems Incorporated)

Advanced Audio FX Engine (x32 Version: 1.12.05 - Creative Technology Ltd)

Amazon Kindle (HKCU Version:  - Amazon)

Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)

Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.)

Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)

ATI Catalyst Control Center (x32 Version: 2.010.0122.0857 - )

Autodesk MapGuide® Viewer ActiveX Control Release 6.5 (x32 Version: 6.5.6.11 - Autodesk, Inc.)

avast! Internet Security (x32 Version: 9.0.2013 - Avast Software)

AVG 2013 (Version: 13.0.3462 - AVG Technologies) Hidden

AVG 2013 (Version: 13.0.3697 - AVG Technologies) Hidden

AVG 2013 (Version: 2013.0.3462 - AVG Technologies)

AVG PC TuneUp 2014 (en-US) (x32 Version: 14.0.1001.229 - AVG) Hidden

AVG PC TuneUp 2014 (x32 Version: 14.0.1001.229 - AVG)

AVG PC TuneUp 2014 (x32 Version: 14.0.1001.229 - AVG) Hidden

BitTorrent (x32 Version: 7.6.1 - BitTorrent Inc.)

Bonjour (Version: 3.0.0.10 - Apple Inc.)

calibre (x32 Version: 0.9.29 - Kovid Goyal)

CanoScan Toolbox Ver4.1 (x32 Version:  - )

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden

Catalyst Control Center Core Implementation (x32 Version: 2010.0122.858.16002 - ATI) Hidden

Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0122.858.16002 - ATI) Hidden

Catalyst Control Center Graphics Full New (x32 Version: 2010.0122.858.16002 - ATI) Hidden

Catalyst Control Center Graphics Light (x32 Version: 2010.0122.858.16002 - ATI) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0122.858.16002 - ATI) Hidden

Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0122.858.16002 - ATI) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2010.0122.858.16002 - ATI Technologies, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2010.0122.858.16002 - ATI) Hidden

CCC Help Chinese Standard (x32 Version: 2010.0122.0857.16002 - ATI) Hidden

CCC Help Chinese Traditional (x32 Version: 2010.0122.0857.16002 - ATI) Hidden

CCC Help Danish (x32 Version: 2010.0122.0857.16002 - ATI) Hidden

CCC Help Dutch (x32 Version: 2010.0122.0857.16002 - ATI) Hidden

CCC Help English (x32 Version: 2010.0122.0857.16002 - ATI) Hidden

CCC Help Finnish (x32 Version: 2010.0122.0857.16002 - ATI) Hidden

CCC Help French (x32 Version: 2010.0122.0857.16002 - ATI) Hidden

CCC Help German (x32 Version: 2010.0122.0857.16002 - ATI) Hidden

CCC Help Italian (x32 Version: 2010.0122.0857.16002 - ATI) Hidden

CCC Help Japanese (x32 Version: 2010.0122.0857.16002 - ATI) Hidden

CCC Help Korean (x32 Version: 2010.0122.0857.16002 - ATI) Hidden

CCC Help Norwegian (x32 Version: 2010.0122.0857.16002 - ATI) Hidden

CCC Help Portuguese (x32 Version: 2010.0122.0857.16002 - ATI) Hidden

CCC Help Russian (x32 Version: 2010.0122.0857.16002 - ATI) Hidden

CCC Help Spanish (x32 Version: 2010.0122.0857.16002 - ATI) Hidden

CCC Help Swedish (x32 Version: 2010.0122.0857.16002 - ATI) Hidden

ccc-core-static (x32 Version: 2010.0122.858.16002 - ATI) Hidden

ccc-utility64 (Version: 2010.0122.858.16002 - ATI) Hidden

Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.60 - Dell)

Dell DataSafe Local Backup (x32 Version: 9.4.60 - Dell)

Dell Edoc Viewer (Version: 1.0.0 - Dell Inc)

Dell Webcam Central (x32 Version: 1.40.05 - Creative Technology Ltd)

DivX Setup (x32 Version: 2.3.1.2 - DivX, LLC)

Document Express DjVu Plug-in (x32 Version: 6.1.27549 - Caminova, Inc.)

DW WLAN Card (Version: 5.60.48.35 - Dell Inc.)

FBReader for Windows (x32 Version:  - )

Free Video to Samsung Phones Converter version 5.0.6.221 (x32 Version: 5.0.6.221 - DVDVideoSoft Ltd.)

Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)

Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.)

Google Earth Plug-in (x32 Version: 7.1.2.2041 - Google)

Google Talk Plugin (x32 Version: 5.1.4.17398 - Google)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)

Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden

HP Photo Creations (x32 Version: 1.0.0.7702 - HP)

HP Photosmart 5520 series Basic Device Software (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Photosmart 5520 series Help (x32 Version: 27.0.0 - Hewlett Packard)

HP Photosmart 5520 series Product Improvement Study (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Update (x32 Version: 5.005.000.002 - Hewlett-Packard)

Intel® Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)

iTunes (Version: 10.7.0.21 - Apple Inc.)

Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Java 6 Update 20 (64-bit) (Version: 6.0.200 - Sun Microsystems, Inc.)

Java 6 Update 37 (x32 Version: 6.0.370 - Oracle)

LeapFrog Connect (x32 Version: 5.2.4.18506 - LeapFrog)

LeapFrog Connect (x32 Version: 5.2.4.18506 - LeapFrog) Hidden

LeapFrog Tag Junior Plugin (x32 Version: 5.1.26.18340 - LeapFrog) Hidden

Live! Cam Avatar Creator (x32 Version: 4.6.3009.1 - Creative Technology Ltd)

Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)

McAfee SecurityCenter (x32 Version: 10.5.227 - McAfee, Inc.)

MediaBar (x32 Version: 2.5.0.100449 - Discordia, LTD)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft PowerPoint Viewer (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable - KB2467175 (x32 Version: 8.0.51011 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.58299 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)

My Dell (Version: 3.4.6422.14 - PC-Doctor, Inc.)

Quickset64 (Version: 10.6.2 - Dell Inc.)

RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer (x32 Version: 16.0.0 - RealNetworks)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6039 - Realtek Semiconductor Corp.)

RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden

Roxio Burn (x32 Version: 1.01 - Roxio) Hidden

Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)

Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden

Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)

Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Driver for Mobile Phones (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)

Shareaza 2.5.4.0 (x32 Version: 2.5.4.0 - Shareaza Development Team)

Skins (x32 Version: 2010.0122.858.16002 - ATI) Hidden

Synaptics Pointing Device Driver (Version: 15.0.20.0 - Synaptics Incorporated)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)

Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin) (x32 Version:  - LeapFrog)

VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden

Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2 - AVG Technologies)

Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1 - AVG Technologies)

WIDCOMM Bluetooth Software (Version: 6.5.1.2700 - Broadcom Corporation)

Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (Version: 11/05/2008 1.1.1.0 - LeapFrog)

Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012 - Leapfrog)

Xilisoft Video Converter Ultimate (x32 Version: 7.0.1.1219 - Xilisoft)

 

==================== Restore Points  =========================

 

02-02-2014 01:09:57 Scheduled Checkpoint

09-02-2014 22:04:30 Scheduled Checkpoint

10-02-2014 00:35:20 avast! antivirus system restore point

10-02-2014 00:38:42 Device Driver Package Install: Avast Network Service

13-02-2014 03:00:30 Windows Update

14-02-2014 03:00:12 Windows Update

 

==================== Hosts content: ==========================

 

2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {068918CE-ED98-4CA9-8D42-B1DCEB826658} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2013-10-30] (AVG)

Task: {08431F0B-E440-4507-80BD-8045F6B32AB0} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)

Task: {1885C0D3-DBB8-4E78-8A44-DD2107C25415} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-29] (Google Inc.)

Task: {2363A535-8900-4E16-9B6F-A5D9C783CF18} - System32\Tasks\ScanToPCActivationApp.exe_{A0BB237B-6D22-4114-87EC-3AF4B810E46D} => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2012-10-17] (Hewlett-Packard Co.)

Task: {49DCE664-F9E5-49D0-8226-0F1E59EDAC19} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-12-07] (PC-Doctor, Inc.)

Task: {60555D26-6AB5-4573-BD78-C37F932D0217} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-09-05] (PC-Doctor, Inc.)

Task: {68456B52-D528-4386-A60C-DB115CBA786E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-10] (AVAST Software)

Task: {6BEAF384-3A48-4FF3-81E6-F88F11CEAFFB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {8F02C3A0-1FA4-4255-8BD7-62F6FA81D342} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4189699179-4261241995-2062581622-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)

Task: {91F4B5A4-6F8B-4DC0-A9F5-E5504B24832C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4189699179-4261241995-2062581622-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)

Task: {AD9EC72F-BEB5-4031-AC16-B44AF0A91D9D} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

Task: {C78D0DC0-991B-4383-A293-2B006A56EF91} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4189699179-4261241995-2062581622-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)

Task: {D28F00D1-8766-443D-8FAB-8920B447C040} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4189699179-4261241995-2062581622-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)

Task: {DA2E51EF-5205-4BD6-BC68-389176A01D93} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)

Task: {E783F2D1-BBD7-4E77-AD4B-1BF4417B2CC3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4189699179-4261241995-2062581622-1001Core => C:\Users\Eamonn\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-12] (Google Inc.)

Task: {E9F10BBB-3159-48AF-B195-13F94C77343E} - System32\Tasks\HP online update program => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard)

Task: {EC572F5A-D498-4899-B573-DA09E7DBC046} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4189699179-4261241995-2062581622-1001UA => C:\Users\Eamonn\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-12] (Google Inc.)

Task: {F26AF316-0EB4-4089-B966-55C3E0F66AA3} - System32\Tasks\Google Updater and Installer => C:\Users\Eamonn\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-12] (Google Inc.)

Task: {FD499741-01B8-4245-81AD-0513534826E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-29] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4189699179-4261241995-2062581622-1001Core.job => C:\Users\Eamonn\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4189699179-4261241995-2062581622-1001UA.job => C:\Users\Eamonn\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2014-02-04 03:06 - 2014-02-01 23:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll

2014-02-04 03:06 - 2014-02-01 23:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll

2014-02-04 03:06 - 2014-02-01 23:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\Users\Eamonn\Downloads:Shareaza.GUID

AlternateDataStreams: C:\Users\Eamonn\Downloads\Canon:Shareaza.GUID

AlternateDataStreams: C:\Users\Eamonn\Downloads\lide20lide30n670un676un1240uvst7031a_xpen:Shareaza.GUID

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

 

==================== Disabled items from MSCONFIG ==============

 

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: Monitor => "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

 

==================== Faulty Device Manager Devices =============

 

Name: aswVmm

Description: aswVmm

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: aswVmm

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

 

Name: Security Processor Loader Driver

Description: Security Processor Loader Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: spldr

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

 

Name: avast! Firewall NDIS Filter Miniport

Description: avast! Firewall NDIS Filter Miniport

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: ALWIL Software

Service: aswNdis

Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)

Resolution: A registry problem was detected.

 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

 

Name: aswRvrt

Description: aswRvrt

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: aswRvrt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

 

Name: avast! Firewall NDIS Filter Miniport

Description: avast! Firewall NDIS Filter Miniport

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: ALWIL Software

Service: aswNdis

Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)

Resolution: A registry problem was detected.

 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (02/16/2014 11:06:58 AM) (Source: Application Error) (User: )

Description: Faulting application name: TOASTER.EXE, version: 1.0.3.50, time stamp: 0x4e6490af

Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1116

Exception code: 0xe0434f4d

Fault offset: 0x0000c41f

Faulting process id: 0x%9

Faulting application start time: 0xTOASTER.EXE0

Faulting application path: TOASTER.EXE1

Faulting module path: TOASTER.EXE2

Report Id: TOASTER.EXE3

 

Error: (02/16/2014 11:06:52 AM) (Source: WinMgmt) (User: )

Description: 0x8004100a

 

Error: (02/16/2014 10:54:22 AM) (Source: Windows Search Service) (User: )

Description: The protocol handler File cannot be loaded. Error description: Operation did not complete successfully because the file contains a virus.  (HRESULT : 0x800700e1).

 

Error: (02/16/2014 10:54:06 AM) (Source: SecurityCenter) (User: )

Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

 

Error: (02/16/2014 10:51:56 AM) (Source: WinMgmt) (User: )

Description: 0x8004100a

 

Error: (02/16/2014 10:03:06 AM) (Source: Windows Search Service) (User: )

Description: The protocol handler File cannot be loaded. Error description: Operation did not complete successfully because the file contains a virus.  (HRESULT : 0x800700e1).

 

Error: (02/16/2014 10:00:24 AM) (Source: Windows Search Service) (User: )

Description: The protocol handler File cannot be loaded. Error description: Operation did not complete successfully because the file contains a virus.  (HRESULT : 0x800700e1).

 

Error: (02/16/2014 10:00:02 AM) (Source: SecurityCenter) (User: )

Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

 

Error: (02/16/2014 09:57:56 AM) (Source: WinMgmt) (User: )

Description: 0x8004100a

 

Error: (02/16/2014 00:04:51 AM) (Source: WinMgmt) (User: )

Description: 0x8004100a

 

 

System errors:

=============

Error: (02/16/2014 11:13:40 AM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/16/2014 11:13:40 AM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/16/2014 11:13:40 AM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/16/2014 11:13:40 AM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/16/2014 11:13:40 AM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/16/2014 11:13:40 AM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/16/2014 11:13:40 AM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/16/2014 11:13:40 AM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/16/2014 11:13:40 AM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (02/16/2014 11:13:40 AM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

 

Microsoft Office Sessions:

=========================

Error: (02/16/2014 11:06:58 AM) (Source: Application Error)(User: )

Description: TOASTER.EXE1.0.3.504e6490afKERNELBASE.dll6.1.7601.1822951fb1116e0434f4d0000c41f

 

Error: (02/16/2014 11:06:52 AM) (Source: WinMgmt)(User: )

Description: 0x8004100a

 

Error: (02/16/2014 10:54:22 AM) (Source: Windows Search Service)(User: )

Description: FileOperation did not complete successfully because the file contains a virus.  (HRESULT : 0x800700e1)

 

Error: (02/16/2014 10:54:06 AM) (Source: SecurityCenter)(User: )

Description: 

 

Error: (02/16/2014 10:51:56 AM) (Source: WinMgmt)(User: )

Description: 0x8004100a

 

Error: (02/16/2014 10:03:06 AM) (Source: Windows Search Service)(User: )

Description: FileOperation did not complete successfully because the file contains a virus.  (HRESULT : 0x800700e1)

 

Error: (02/16/2014 10:00:24 AM) (Source: Windows Search Service)(User: )

Description: FileOperation did not complete successfully because the file contains a virus.  (HRESULT : 0x800700e1)

 

Error: (02/16/2014 10:00:02 AM) (Source: SecurityCenter)(User: )

Description: 

 

Error: (02/16/2014 09:57:56 AM) (Source: WinMgmt)(User: )

Description: 0x8004100a

 

Error: (02/16/2014 00:04:51 AM) (Source: WinMgmt)(User: )

Description: 0x8004100a

 

 

CodeIntegrity Errors:

===================================

  Date: 2012-10-24 23:15:15.517

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2012-10-24 23:15:15.395

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2012-10-24 23:14:49.669

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2012-10-24 23:14:49.549

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 23%

Total physical RAM: 3956.52 MB

Available physical RAM: 3032.74 MB

Total Pagefile: 7911.23 MB

Available Pagefile: 7011.69 MB

Total Virtual: 8192 MB

Available Virtual: 8191.82 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:89.93 GB) NTFS

Drive d: (USB-BT4LE) (CDROM) (Total:0.53 GB) (Free:0 GB) CDFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7A75F800)

Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)

Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

 

==================== End Of Log ================================================ Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2014-02-16 18:05

 

==================== End Of Log ============================

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

Next,

 

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick scan

Make sure that everything is checked, and click Remove Selected on any found items.

 

Post the produced log.

 

Let me see those logs in next reply...

 

Kevin

fixlist.txt

Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.1 (02.04.2014:1)

OS: Windows 7 Home Premium x64

Ran by Eamonn on 16/02/2014 at 23:33:49.37

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Myfree Codec

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bittorrentbar

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2790392

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}

 

 

 

~~~ Files

 

Successfully deleted: [File] "C:\Users\Eamonn\appdata\local\google\chrome\user data\default\local storage\http_app.mam.conduit.com_0.localstorage"

Successfully deleted: [File] "C:\Users\Eamonn\appdata\local\google\chrome\user data\default\local storage\http_app.mam.conduit.com_0.localstorage-journal"

Successfully deleted: [File] "C:\Users\Eamonn\appdata\local\google\chrome\user data\default\local storage\http_storage.conduit.com_0.localstorage"

Successfully deleted: [File] C:\Windows\syswow64\shoD48E.tmp

Successfully deleted: [File] C:\Windows\syswow64\shoDA28.tmp

 

 

 

~~~ Folders

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 16/02/2014 at 23:40:49.38

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-02-2014

Ran by Eamonn at 2014-02-16 23:21:07 Run:1

Running from C:\Users\Eamonn\Downloads

Boot Mode: Safe Mode (with Networking)

==============================================

 

Content of fixlist:

*****************

Start

HKLM-x32\...\Run: [DATAMNGR] - C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\DATAMN~1.EXE

C:\PROGRA~2\SHAREA~1

HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\...\MountPoints2: {dbae707e-0838-11e0-b4d7-806e6f6e6963} - D:\Autorun.exe

AppInit_DLLs: C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\x64\datamngr.dll => C:\Program Files (x86)\Shareaza Applications\MediaBar\Datamngr\x64\datamngr.dll [1031616 2011-02-08] (Discordia, LTD)

AppInit_DLLs: C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\x64\IEBHO.dll => C:\Program Files (x86)\Shareaza Applications\MediaBar\Datamngr\x64\IEBHO.dll [1057728 2011-02-08] (Discordia, LTD)

AppInit_DLLs-x32: C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\datamngr.dll => C:\Program Files (x86)\Shareaza Applications\MediaBar\Datamngr\datamngr.dll [726464 2011-02-08] (Discordia, LTD)

AppInit_DLLs-x32: C:\PROGRA~2\SHAREA~1\MediaBar\Datamngr\IEBHO.dll => C:\Program Files (x86)\Shareaza Applications\MediaBar\Datamngr\IEBHO.dll [721856 2011-02-08] (Discordia, LTD)

C:\Program Files (x86)\Shareaza Applications

SearchScopes: HKLM-x32 - DefaultScope {71C63272-91A7-436a-843D-A1C641D1C626} URL = http://search.sharea...b&systemid=3&q={searchTerms}

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - {71C63272-91A7-436a-843D-A1C641D1C626} URL = http://search.sharea...b&systemid=3&q={searchTerms}

SearchScopes: HKCU - {71C63272-91A7-436a-843D-A1C641D1C626} URL = 

SearchScopes: HKCU - {BC8C9113-0353-4BFB-B56D-0811E37A400C} URL = 

BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File

BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files (x86)\Shareaza Applications\MediaBar\Datamngr\x64\IEBHO.dll (Discordia, LTD)

BHO-x32: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File

BHO-x32: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll No File

BHO-x32: MediaBar - {d48c9ead-f59f-4dea-ac97-7065fea79f42} - C:\Program Files (x86)\Shareaza Applications\MediaBar\ToolBar\shdtxmltbpi.dll ()

Toolbar: HKLM-x32 - MediaBar - {d48c9ead-f59f-4dea-ac97-7065fea79f42} - C:\Program Files (x86)\Shareaza Applications\MediaBar\ToolBar\shdtxmltbpi.dll ()

Toolbar: HKLM-x32 - BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll No File

C:\Program Files (x86)\BitTorrentBar

C:\Users\Eamonn\AppData\Local\Avg2014

C:\Users\Eamonn\AppData\Local\Temp\install_flashplayer12x32axau_mssd_awe_aih.exe

C:\Users\Eamonn\AppData\Local\Temp\mncrqwf5.dll

C:\Users\Eamonn\AppData\Local\Temp\Quarantine.exe

Task: {068918CE-ED98-4CA9-8D42-B1DCEB826658} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2013-10-30] (AVG)

AlternateDataStreams: C:\Users\Eamonn\Downloads:Shareaza.GUID

AlternateDataStreams: C:\Users\Eamonn\Downloads\Canon:Shareaza.GUID

AlternateDataStreams: C:\Users\Eamonn\Downloads\lide20lide30n670un676un1240uvst7031a_xpen:Shareaza.GUID

End

*****************

 

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR => Value deleted successfully.

C:\PROGRA~2\SHAREA~1 => Moved successfully.

HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dbae707e-0838-11e0-b4d7-806e6f6e6963} => Key not found.

HKCR\CLSID\{dbae707e-0838-11e0-b4d7-806e6f6e6963} => Key not found.

"C:\\PROGRA~2\\SHAREA~1\\MediaBar\\Datamngr\\x64\\datamngr.dll" => Value Data removed successfully.

"C:\\PROGRA~2\\SHAREA~1\\MediaBar\\Datamngr\\x64\\IEBHO.dll" => Value Data removed successfully.

"C:\\PROGRA~2\\SHAREA~1\\MediaBar\\Datamngr\\datamngr.dll" => Value Data removed successfully.

"C:\\PROGRA~2\\SHAREA~1\\MediaBar\\Datamngr\\IEBHO.dll" => Value Data removed successfully.

"C:\Program Files (x86)\Shareaza Applications" => File/Directory not found.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{71C63272-91A7-436a-843D-A1C641D1C626} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{71C63272-91A7-436a-843D-A1C641D1C626} => Key not found.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{71C63272-91A7-436a-843D-A1C641D1C626} => Key deleted successfully.

HKCR\CLSID\{71C63272-91A7-436a-843D-A1C641D1C626} => Key not found.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BC8C9113-0353-4BFB-B56D-0811E37A400C} => Key deleted successfully.

HKCR\CLSID\{BC8C9113-0353-4BFB-B56D-0811E37A400C} => Key not found.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully.

HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C} => Key deleted successfully.

HKCR\CLSID\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C} => Key deleted successfully.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => Key deleted successfully.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d48c9ead-f59f-4dea-ac97-7065fea79f42} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{d48c9ead-f59f-4dea-ac97-7065fea79f42} => Key deleted successfully.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{d48c9ead-f59f-4dea-ac97-7065fea79f42} => Value deleted successfully.

HKCR\Wow6432Node\CLSID\{d48c9ead-f59f-4dea-ac97-7065fea79f42} => Key not found.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => Value deleted successfully.

HKCR\Wow6432Node\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => Key not found.

"C:\Program Files (x86)\BitTorrentBar" => File/Directory not found.

C:\Users\Eamonn\AppData\Local\Avg2014 => Moved successfully.

C:\Users\Eamonn\AppData\Local\Temp\install_flashplayer12x32axau_mssd_awe_aih.exe => Moved successfully.

C:\Users\Eamonn\AppData\Local\Temp\mncrqwf5.dll => Moved successfully.

C:\Users\Eamonn\AppData\Local\Temp\Quarantine.exe => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{068918CE-ED98-4CA9-8D42-B1DCEB826658} => Error deleting key

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{068918CE-ED98-4CA9-8D42-B1DCEB826658} => Error deleting key

C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TuneUpUtilities_Task_BkGndMaintenance2013 => Error deleting key

"C:\Users\Eamonn\Downloads" => ":Shareaza.GUID" ADS not found.

C:\Users\Eamonn\Downloads\Canon => ":Shareaza.GUID" ADS removed successfully.

C:\Users\Eamonn\Downloads\lide20lide30n670un676un1240uvst7031a_xpen => ":Shareaza.GUID" ADS removed successfully.

 

==== End of Fixlog ====Malwarebytes Anti-Malware (Trial) 1.75.0.1300

www.malwarebytes.org

 

Database version: v2014.02.15.09

 

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)

Internet Explorer 11.0.9600.16476

Eamonn :: EAMONN-PC [administrator]

 

Protection: Disabled

 

16/02/2014 23:48:14

mbam-log-2014-02-16 (23-48-14).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | PUP | PUM

Scan options disabled: Heuristics/Shuriken | P2P

Objects scanned: 213594

Time elapsed: 30 minute(s), 15 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

Hope we are getting there thanks Kevin

Eamonn

Link to post
Share on other sites

We still need to run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    Click Start
  • When asked, allow the add/on to be installed
    Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

 

When the scan is complete

 

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

 

If threats were found

 

  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish

 

close program

 

copy and paste the report in next reply

 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

Let me see those two logs, also give an update on any remaining issues or concerns.....

 

Kevin.... :)

Link to post
Share on other sites

C:\AdwCleaner\Quarantine\C\Program Files (x86)\BitTorrentBar\BitTorrentBarToolbarHelper.exe.vir Win32/Toolbar.Conduit.Q potentially unwanted application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\BitTorrentBar\ldrtbBitT.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\BitTorrentBar\prxtbBitT.dll.vir Win32/Toolbar.Conduit.O potentially unwanted application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\BitTorrentBar\tbBitT.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir Win32/Toolbar.Conduit potentially unwanted application

C:\AdwCleaner\Quarantine\C\Users\Eamonn\AppData\Local\Conduit\CT2790392\BitTorrentBarAutoUpdateHelper.exe.vir Win32/Toolbar.Conduit.Q potentially unwanted application

C:\AdwCleaner\Quarantine\C\Users\Eamonn\AppData\LocalLow\BitTorrentBar\ldrtbBitT.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application

C:\AdwCleaner\Quarantine\C\Users\Eamonn\AppData\LocalLow\BitTorrentBar\tbBitT.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application

C:\FRST\Quarantine\SHAREA~116-02-2014_23-21-07\MediaBar\Datamngr\datamngr.dll Win32/Toolbar.SearchSuite potentially unwanted application

C:\FRST\Quarantine\SHAREA~116-02-2014_23-21-07\MediaBar\Datamngr\IEBHO.dll Win32/Toolbar.SearchSuite potentially unwanted application

C:\FRST\Quarantine\SHAREA~116-02-2014_23-21-07\MediaBar\Datamngr\x64\datamngr.dll a variant of Win64/Toolbar.SearchSuite.A potentially unwanted application

C:\FRST\Quarantine\SHAREA~116-02-2014_23-21-07\MediaBar\ToolBar\shbandmltbpi.dll a variant of Win32/Toolbar.Visicom.A potentially unwanted application

C:\FRST\Quarantine\SHAREA~116-02-2014_23-21-07\MediaBar\ToolBar\shdtxmltbpi.dll a variant of Win32/Toolbar.Visicom.B potentially unwanted application

C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnIC.dll a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application

C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnToolbarInstaller.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application

C:\Users\Eamonn\Downloads\ac3filter_2_6_0b.exe.jw1zduy.partial Win32/OpenCandy potentially unsafe application

C:\Users\Eamonn\Downloads\The Hangover {2009} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application Results of screen317's Security Check version 0.99.79  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 11  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Security Center service is not running! This report may not be accurate! 

 Windows Firewall Enabled!  

AVG AntiVirus Free Edition 2013      

McAfee Anti-Virus and Anti-Spyware   

avast! Internet Security             

 Antivirus up to date!  (On Access scanning disabled!) 

`````````Anti-malware/Other Utilities Check:````````` 

 AVG PC TuneUp 2014  

 AVG PC TuneUp 2014 (en-US) 

 Java 6 Update 37  

 Java 7 Update 51  

 Adobe Flash Player 11.9.900.170  

 Adobe Reader 9 Adobe Reader out of Date! 

 Google Chrome 32.0.1700.107  

 Google Chrome 32.0.1700.76  

````````Process Check: objlist.exe by Laurent````````  

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  

````````````````````End of Log`````````````````````` 

 

Hi Kevin, sorry for taking so long to get back to you, computer kept overheating trying to perform first scan and turning itself off.

I still cant seem to launch any programs in normal mode.

Thanks
Link to post
Share on other sites

The security systems mentioned may have left remnant drivers after removal was completed, that will cause major issues when trying to run other scans and possible overheating.....

 

Run the following removal tools:

 

McAfee - http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe
 

AVG     - http://www.avg.com/us-en/utilities

 

Next,

 

Download OTL from any of the following links and save to your desktop.

 

http://itxassociates.com/OT-Tools/OTL.com

http://oldtimer.geekstogo.com/OTL.exe

http://www.itxassociates.com/OT-Tools/OTL.scr

 

Double click the OTL icon to start the tool. (Note: If you are running on Vista or Windows 7 accept UAC alert)

 


  When the window appears, underneath Output at the top, make sure Standard output is selected.
Select Scan all users
Change Drivers to All
Under the Extra Registry section, check Use SafeList
In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".
Click Run Scan and let the program run uninterrupted.
When the scan is complete, two text files will be created on your Desktop.
OTL.Txt <- this one will be opened
Extras.txt <- this one will be minimized

 

Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of OTL.Txt and the Extras.txt in your next reply.

Kevin...

Link to post
Share on other sites

Hi Kevin,

Things just got worse!

Ran the McFee uninstall successfully.

Then ran the Avg uninstall. It tried to reboot in normal mode and stalled

I am now trying to boot into safe mode but it keeps hanging after

Loaded :\Windows\System32\Drivers\asRvrt.sys.

If I leave it for a while it tries to boot into normal mode.

Help!

Link to post
Share on other sites

OTL logfile created on: 2/18/2014 11:36:02 AM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Eamonn\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16428)

Locale: 00000409 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

 

3.86 Gb Total Physical Memory | 3.20 Gb Available Physical Memory | 82.70% Memory free

7.73 Gb Paging File | 7.08 Gb Available in Paging File | 91.70% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 451.01 Gb Total Space | 89.82 Gb Free Space | 19.91% Space Free | Partition Type: NTFS

Drive D: | 546.13 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: EAMONN-PC | User Name: Eamonn | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2014/02/18 11:34:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eamonn\Downloads\OTL.com

PRC - [2014/02/01 23:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2014/02/01 23:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll

MOD - [2014/02/01 23:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll

MOD - [2014/02/01 23:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll

 

 

========== Services (SafeList) ==========

 

SRV:64bit: - [2013/11/29 21:22:52 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2013/11/29 21:22:35 | 000,116,776 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)

SRV:64bit: - [2013/11/26 09:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:64bit: - [2013/10/30 10:27:00 | 000,042,808 | ---- | M] (AVG) [Auto | Stopped] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)

SRV:64bit: - [2013/05/27 05:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2012/04/01 12:21:52 | 000,957,216 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)

SRV:64bit: - [2010/01/22 18:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009/11/18 02:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)

SRV - [2014/02/05 01:55:21 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/11/27 09:12:02 | 007,393,280 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)

SRV - [2013/10/30 10:27:06 | 002,099,000 | ---- | M] (AVG) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)

SRV - [2013/10/30 10:27:00 | 000,035,640 | ---- | M] (AVG) [Auto | Stopped] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)

SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2012/11/29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)

SRV - [2011/08/18 15:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/10/01 04:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2009/10/01 04:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 

========== Driver Services (All) ==========

 

DRV:64bit: - [2014/02/10 00:37:23 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2014/02/10 00:37:23 | 000,421,704 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)

DRV:64bit: - [2014/02/10 00:37:23 | 000,207,904 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)

DRV:64bit: - [2014/02/10 00:37:23 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2013/11/29 21:23:00 | 000,065,776 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)

DRV:64bit: - [2013/11/29 21:22:59 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)

DRV:64bit: - [2013/11/29 21:22:44 | 000,028,184 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)

DRV:64bit: - [2013/11/29 21:22:35 | 000,447,888 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswNdisFlt.sys -- (aswNdisFlt)

DRV:64bit: - [2013/11/27 01:41:37 | 000,343,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbhub.sys -- (usbhub)

DRV:64bit: - [2013/11/27 01:41:15 | 000,099,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbccgp.sys -- (usbccgp)

DRV:64bit: - [2013/11/27 01:41:11 | 000,053,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci.sys -- (usbehci)

DRV:64bit: - [2013/11/27 01:41:09 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci)

DRV:64bit: - [2013/11/27 01:41:06 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbuhci.sys -- (usbuhci)

DRV:64bit: - [2013/09/28 01:09:10 | 000,497,152 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)

DRV:64bit: - [2013/09/25 02:26:40 | 000,154,560 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)

DRV:64bit: - [2013/09/25 02:26:40 | 000,095,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecdd.sys -- (KSecDD)

DRV:64bit: - [2013/09/08 02:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcpip.sys -- (TCPIP6)

DRV:64bit: - [2013/09/08 02:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)

DRV:64bit: - [2013/08/01 12:09:36 | 000,983,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)

DRV:64bit: - [2013/07/12 10:41:35 | 000,185,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo)

DRV:64bit: - [2013/07/12 10:41:12 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir)

DRV:64bit: - [2013/07/12 10:40:58 | 000,109,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBAUDIO.sys -- (usbaudio)

DRV:64bit: - [2013/07/04 12:18:29 | 000,458,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)

DRV:64bit: - [2013/07/04 10:11:35 | 000,140,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)

DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2013/06/25 22:55:52 | 000,785,624 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)

DRV:64bit: - [2013/06/15 04:32:16 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tssecsrv.sys -- (tssecsrv)

DRV:64bit: - [2013/05/03 06:18:52 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\My Dell\pcdsrvc_x64.pkms -- (PCDSRVC{D3412D80-CF3B4A27-06020200}_0)

DRV:64bit: - [2013/04/12 14:45:08 | 001,656,680 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\ntfs.sys -- (Ntfs)

DRV:64bit: - [2013/01/24 06:01:01 | 000,223,752 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)

DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012/10/03 16:07:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)

DRV:64bit: - [2012/09/28 14:15:08 | 000,024,576 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FlyUsb.sys -- (FlyUsb)

DRV:64bit: - [2012/08/23 14:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/08/23 14:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012/08/22 18:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)

DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012/07/26 02:26:45 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)

DRV:64bit: - [2012/07/26 02:26:06 | 000,198,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFRd)

DRV:64bit: - [2012/07/06 20:07:42 | 000,552,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthport.sys -- (BTHPORT)

DRV:64bit: - [2012/04/28 03:55:21 | 000,210,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpwd.sys -- (RDPWD)

DRV:64bit: - [2012/04/01 03:52:30 | 000,184,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2012/04/01 03:52:26 | 000,594,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)

DRV:64bit: - [2012/04/01 03:52:24 | 000,163,368 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)

DRV:64bit: - [2012/03/17 07:58:57 | 000,075,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)

DRV:64bit: - [2012/03/05 12:29:42 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2012/03/05 12:29:40 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2012/03/01 06:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012/02/17 04:57:32 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP)

DRV:64bit: - [2011/09/17 01:38:52 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2011/07/09 02:46:28 | 000,288,768 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb10.sys -- (mrxsmb10)

DRV:64bit: - [2011/04/29 03:06:10 | 000,467,456 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\srv.sys -- (srv)

DRV:64bit: - [2011/04/29 03:05:49 | 000,410,112 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\srv2.sys -- (srv2)

DRV:64bit: - [2011/04/29 03:05:37 | 000,168,448 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\srvnet.sys -- (srvnet)

DRV:64bit: - [2011/04/28 03:54:56 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BTHUSB.SYS -- (BTHUSB)

DRV:64bit: - [2011/04/27 02:40:40 | 000,158,208 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb.sys -- (mrxsmb)

DRV:64bit: - [2011/04/27 02:39:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb20.sys -- (mrxsmb20)

DRV:64bit: - [2011/03/11 06:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)

DRV:64bit: - [2011/03/11 06:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)

DRV:64bit: - [2011/03/11 06:41:26 | 000,410,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorV.sys -- (iaStorV)

DRV:64bit: - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/03/11 04:37:16 | 000,091,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBSTOR.SYS -- (USBSTOR)

DRV:64bit: - [2011/02/23 04:55:04 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bowser.sys -- (bowser)

DRV:64bit: - [2010/11/20 13:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)

DRV:64bit: - [2010/11/20 13:34:01 | 000,363,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)

DRV:64bit: - [2010/11/20 13:34:01 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)

DRV:64bit: - [2010/11/20 13:34:00 | 000,215,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)

DRV:64bit: - [2010/11/20 13:33:57 | 000,063,360 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\termdd.sys -- (TermDD)

DRV:64bit: - [2010/11/20 13:33:54 | 000,103,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)

DRV:64bit: - [2010/11/20 13:33:53 | 000,213,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)

DRV:64bit: - [2010/11/20 13:33:48 | 000,184,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)

DRV:64bit: - [2010/11/20 13:33:45 | 000,366,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msrpc.sys -- (MsRPC)

DRV:64bit: - [2010/11/20 13:33:45 | 000,273,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msiscsi.sys -- (iScsiPrt)

DRV:64bit: - [2010/11/20 13:33:44 | 000,155,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio)

DRV:64bit: - [2010/11/20 13:33:44 | 000,140,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm)

DRV:64bit: - [2010/11/20 13:33:44 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msahci.sys -- (msahci)

DRV:64bit: - [2010/11/20 13:33:43 | 000,094,592 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (mountmgr)

DRV:64bit: - [2010/11/20 13:33:36 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)

DRV:64bit: - [2010/11/20 13:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 13:33:34 | 000,289,664 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltMgr.sys -- (FltMgr)

DRV:64bit: - [2010/11/20 13:32:46 | 000,334,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)

DRV:64bit: - [2010/11/20 10:52:37 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\wanarp.sys -- (Wanarpv6)

DRV:64bit: - [2010/11/20 10:52:37 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wanarp.sys -- (WANARP)

DRV:64bit: - [2010/11/20 10:52:35 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rasl2tp.sys -- (Rasl2tp)

DRV:64bit: - [2010/11/20 10:52:34 | 000,164,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NdisWan)

DRV:64bit: - [2010/11/20 10:52:32 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspptp.sys -- (PptpMiniport)

DRV:64bit: - [2010/11/20 10:52:20 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pacer.sys -- (Psched)

DRV:64bit: - [2010/11/20 10:52:20 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndproxy.sys -- (NDProxy)

DRV:64bit: - [2010/11/20 10:52:19 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipfltdrv.sys -- (IpFilterDriver)

DRV:64bit: - [2010/11/20 10:51:50 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tunnel.sys -- (tunnel)

DRV:64bit: - [2010/11/20 10:50:08 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndisuio.sys -- (Ndisuio)

DRV:64bit: - [2010/11/20 10:44:56 | 000,229,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)

DRV:64bit: - [2010/11/20 10:44:37 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\umbus.sys -- (umbus)

DRV:64bit: - [2010/11/20 10:43:56 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb)

DRV:64bit: - [2010/11/20 10:43:49 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidusb.sys -- (HidUsb)

DRV:64bit: - [2010/11/20 10:43:43 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hdaudbus.sys -- (HDAudBus)

DRV:64bit: - [2010/11/20 10:34:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd)

DRV:64bit: - [2010/11/20 10:33:25 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdhid.sys -- (kbdhid)

DRV:64bit: - [2010/11/20 10:33:17 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)

DRV:64bit: - [2010/11/20 10:14:37 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)

DRV:64bit: - [2010/11/20 10:09:59 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)

DRV:64bit: - [2010/11/20 10:04:53 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IPMIDrv.sys -- (IPMIDRV)

DRV:64bit: - [2010/11/20 09:30:42 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)

DRV:64bit: - [2010/11/20 09:27:54 | 000,309,248 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\rdbss.sys -- (rdbss)

DRV:64bit: - [2010/11/20 09:26:32 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\dfsc.sys -- (DfsC)

DRV:64bit: - [2010/11/20 09:26:11 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)

DRV:64bit: - [2010/11/20 09:25:14 | 000,753,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\http.sys -- (HTTP)

DRV:64bit: - [2010/11/20 09:23:20 | 000,261,632 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\netbt.sys -- (NetBT)

DRV:64bit: - [2010/11/20 09:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tdx.sys -- (tdx)

DRV:64bit: - [2010/11/20 09:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrom.sys -- (cdrom)

DRV:64bit: - [2010/07/12 18:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2010/05/07 19:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2010/05/07 10:44:32 | 000,321,584 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010/03/04 03:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010/02/03 13:13:06 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2010/02/03 02:36:58 | 002,263,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTKVHD64.sys -- (IntcAzAudAddService)

DRV:64bit: - [2010/02/02 22:13:08 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)

DRV:64bit: - [2010/01/22 18:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)

DRV:64bit: - [2010/01/22 17:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2009/12/22 17:18:50 | 000,074,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)

DRV:64bit: - [2009/10/26 20:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2009/09/30 17:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2009/09/17 20:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)

DRV:64bit: - [2009/07/14 01:52:31 | 000,367,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\clfs.sys -- (CLFS)

DRV:64bit: - [2009/07/14 01:52:31 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\compbatt.sys -- (Compbatt)

DRV:64bit: - [2009/07/14 01:52:31 | 000,017,488 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmdide.sys -- (cmdide)

DRV:64bit: - [2009/07/14 01:52:21 | 000,491,088 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx)

DRV:64bit: - [2009/07/14 01:52:21 | 000,339,536 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci)

DRV:64bit: - [2009/07/14 01:52:21 | 000,182,864 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)

DRV:64bit: - [2009/07/14 01:52:21 | 000,097,856 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)

DRV:64bit: - [2009/07/14 01:52:21 | 000,087,632 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arc.sys -- (arc)

DRV:64bit: - [2009/07/14 01:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AGP440.sys -- (agp440)

DRV:64bit: - [2009/07/14 01:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)

DRV:64bit: - [2009/07/14 01:52:21 | 000,015,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdide.sys -- (amdide)

DRV:64bit: - [2009/07/14 01:52:21 | 000,015,440 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aliide.sys -- (aliide)

DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 01:48:27 | 000,060,496 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\mup.sys -- (Mup)

DRV:64bit: - [2009/07/14 01:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouclass.sys -- (mouclass)

DRV:64bit: - [2009/07/14 01:48:27 | 000,032,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mssmbios.sys -- (mssmbios)

DRV:64bit: - [2009/07/14 01:48:27 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)

DRV:64bit: - [2009/07/14 01:48:26 | 000,122,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NV_AGP.SYS -- (nv_agp)

DRV:64bit: - [2009/07/14 01:48:26 | 000,051,264 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960)

DRV:64bit: - [2009/07/14 01:48:04 | 000,284,736 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MegaSR.sys -- (MegaSR)

DRV:64bit: - [2009/07/14 01:48:04 | 000,115,776 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV:64bit: - [2009/07/14 01:48:04 | 000,114,752 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_fc.sys -- (LSI_FC)

DRV:64bit: - [2009/07/14 01:48:04 | 000,106,560 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)

DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 01:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdclass.sys -- (kbdclass)

DRV:64bit: - [2009/07/14 01:48:04 | 000,044,112 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp)

DRV:64bit: - [2009/07/14 01:48:04 | 000,035,392 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)

DRV:64bit: - [2009/07/14 01:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)

DRV:64bit: - [2009/07/14 01:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)

DRV:64bit: - [2009/07/14 01:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)

DRV:64bit: - [2009/07/14 01:47:48 | 000,530,496 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor)

DRV:64bit: - [2009/07/14 01:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (Disk)

DRV:64bit: - [2009/07/14 01:47:48 | 000,070,224 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)

DRV:64bit: - [2009/07/14 01:47:48 | 000,065,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GAGP30KX.SYS -- (gagp30kx)

DRV:64bit: - [2009/07/14 01:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)

DRV:64bit: - [2009/07/14 01:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)

DRV:64bit: - [2009/07/14 01:45:55 | 000,161,872 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)

DRV:64bit: - [2009/07/14 01:45:55 | 000,064,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS -- (uliagpkx)

DRV:64bit: - [2009/07/14 01:45:55 | 000,064,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UAGP35.SYS -- (uagp35)

DRV:64bit: - [2009/07/14 01:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)

DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/14 01:45:55 | 000,021,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)

DRV:64bit: - [2009/07/14 01:45:55 | 000,019,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\spldr.sys -- (spldr)

DRV:64bit: - [2009/07/14 01:45:55 | 000,017,488 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)

DRV:64bit: - [2009/07/14 01:45:55 | 000,012,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swenum.sys -- (swenum)

DRV:64bit: - [2009/07/14 01:45:46 | 001,524,816 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql2300.sys -- (ql2300)

DRV:64bit: - [2009/07/14 01:45:46 | 000,080,464 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)

DRV:64bit: - [2009/07/14 01:45:45 | 000,220,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)

DRV:64bit: - [2009/07/14 01:45:45 | 000,128,592 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql40xx.sys -- (ql40xx)

DRV:64bit: - [2009/07/14 01:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)

DRV:64bit: - [2009/07/14 01:45:45 | 000,043,584 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)

DRV:64bit: - [2009/07/14 01:45:45 | 000,012,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)

DRV:64bit: - [2009/07/14 01:19:07 | 000,286,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerId.sys -- (Brserid)

DRV:64bit: - [2009/07/14 01:01:19 | 000,651,264 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\PEAuth.sys -- (PEAUTH)

DRV:64bit: - [2009/07/14 00:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV:64bit: - [2009/07/14 00:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbprint.sys -- (usbprint)

DRV:64bit: - [2009/07/14 00:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)

DRV:64bit: - [2009/07/14 00:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)

DRV:64bit: - [2009/07/14 00:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)

DRV:64bit: - [2009/07/14 00:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)

DRV:64bit: - [2009/07/14 00:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPENCDD.sys -- (RDPENCDD)

DRV:64bit: - [2009/07/14 00:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\RDPCDD.sys -- (RDPCDD)

DRV:64bit: - [2009/07/14 00:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE)

DRV:64bit: - [2009/07/14 00:10:48 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)

DRV:64bit: - [2009/07/14 00:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)

DRV:64bit: - [2009/07/14 00:10:25 | 000,083,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rassstp.sys -- (RasSstp)

DRV:64bit: - [2009/07/14 00:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn)

DRV:64bit: - [2009/07/14 00:10:17 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspppoe.sys -- (RasPppoe)

DRV:64bit: - [2009/07/14 00:10:13 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asyncmac.sys -- (AsyncMac)

DRV:64bit: - [2009/07/14 00:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rasacd.sys -- (RasAcd)

DRV:64bit: - [2009/07/14 00:10:03 | 000,116,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipnat.sys -- (IPNAT)

DRV:64bit: - [2009/07/14 00:10:00 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndistapi.sys -- (NdisTapi)

DRV:64bit: - [2009/07/14 00:09:48 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)

DRV:64bit: - [2009/07/14 00:09:26 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\netbios.sys -- (NetBIOS)

DRV:64bit: - [2009/07/14 00:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)

DRV:64bit: - [2009/07/14 00:09:09 | 000,093,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smb.sys -- (Smb)

DRV:64bit: - [2009/07/14 00:08:59 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)

DRV:64bit: - [2009/07/14 00:08:51 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\rspndr.sys -- (rspndr)

DRV:64bit: - [2009/07/14 00:08:51 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lltdio.sys -- (lltdio)

DRV:64bit: - [2009/07/14 00:08:25 | 000,077,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)

DRV:64bit: - [2009/07/14 00:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)

DRV:64bit: - [2009/07/14 00:07:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifimp.sys -- (vwifimp)

DRV:64bit: - [2009/07/14 00:07:23 | 000,318,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nwifi.sys -- (NativeWifiP)

DRV:64bit: - [2009/07/14 00:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)

DRV:64bit: - [2009/07/14 00:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)

DRV:64bit: - [2009/07/14 00:07:00 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthpan.sys -- (BthPan)

DRV:64bit: - [2009/07/14 00:06:56 | 000,158,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rfcomm.sys -- (RFCOMM)

DRV:64bit: - [2009/07/14 00:06:53 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthenum.sys -- (BthEnum)

DRV:64bit: - [2009/07/14 00:06:52 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)

DRV:64bit: - [2009/07/14 00:06:52 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)

DRV:64bit: - [2009/07/14 00:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)

DRV:64bit: - [2009/07/14 00:06:45 | 000,072,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ohci1394.sys -- (ohci1394)

DRV:64bit: - [2009/07/14 00:06:34 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)

DRV:64bit: - [2009/07/14 00:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)

DRV:64bit: - [2009/07/14 00:06:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr)

DRV:64bit: - [2009/07/14 00:06:16 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)

DRV:64bit: - [2009/07/14 00:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)

DRV:64bit: - [2009/07/14 00:02:07 | 000,027,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)

DRV:64bit: - [2009/07/14 00:01:03 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc)

DRV:64bit: - [2009/07/14 00:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)

DRV:64bit: - [2009/07/14 00:01:01 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk)

DRV:64bit: - [2009/07/14 00:00:54 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fdc.sys -- (fdc)

DRV:64bit: - [2009/07/14 00:00:54 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\flpydisk.sys -- (flpydisk)

DRV:64bit: - [2009/07/14 00:00:41 | 000,097,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)

DRV:64bit: - [2009/07/14 00:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)

DRV:64bit: - [2009/07/14 00:00:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)

DRV:64bit: - [2009/07/14 00:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouhid.sys -- (mouhid)

DRV:64bit: - [2009/07/14 00:00:20 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)

DRV:64bit: - [2009/07/14 00:00:19 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)

DRV:64bit: - [2009/07/14 00:00:18 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mskssrv.sys -- (MSKSSRV)

DRV:64bit: - [2009/07/14 00:00:17 | 000,008,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstee.sys -- (MSTEE)

DRV:64bit: - [2009/07/14 00:00:17 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspclock.sys -- (MSPCLOCK)

DRV:64bit: - [2009/07/14 00:00:17 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspqm.sys -- (MSPQM)

DRV:64bit: - [2009/07/14 00:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)

DRV:64bit: - [2009/07/13 23:38:52 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\monitor.sys -- (monitor)

DRV:64bit: - [2009/07/13 23:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave)

DRV:64bit: - [2009/07/13 23:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vgapnp.sys -- (vga)

DRV:64bit: - [2009/07/13 23:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)

DRV:64bit: - [2009/07/13 23:35:59 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive)

DRV:64bit: - [2009/07/13 23:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)

DRV:64bit: - [2009/07/13 23:31:04 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)

DRV:64bit: - [2009/07/13 23:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)

DRV:64bit: - [2009/07/13 23:31:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wmiacpi.sys -- (WmiAcpi)

DRV:64bit: - [2009/07/13 23:26:13 | 000,113,152 | ---- | M] (Microsoft Corporation) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)

DRV:64bit: - [2009/07/13 23:25:40 | 000,034,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)

DRV:64bit: - [2009/07/13 23:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fastfat.sys -- (fastfat)

DRV:64bit: - [2009/07/13 23:23:29 | 000,195,072 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\exfat.sys -- (exfat)

DRV:64bit: - [2009/07/13 23:21:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)

DRV:64bit: - [2009/07/13 23:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\i8042prt.sys -- (i8042prt)

DRV:64bit: - [2009/07/13 23:19:48 | 000,044,032 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\npfs.sys -- (Npfs)

DRV:64bit: - [2009/07/13 23:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)

DRV:64bit: - [2009/07/13 23:19:47 | 000,026,112 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\msfs.sys -- (Msfs)

DRV:64bit: - [2009/07/13 23:19:38 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\null.sys -- (Null)

DRV:64bit: - [2009/07/13 23:19:25 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)

DRV:64bit: - [2009/07/13 23:19:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelppm.sys -- (intelppm)

DRV:64bit: - [2009/07/13 23:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)

DRV:64bit: - [2009/07/13 23:19:25 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)

DRV:64bit: - [2009/06/15 19:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)

DRV:64bit: - [2009/06/10 20:41:10 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerWdm.sys -- (BrSerWdm)

DRV:64bit: - [2009/06/10 20:41:10 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbMdm.sys -- (BrUsbMdm)

DRV:64bit: - [2009/06/10 20:41:10 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSer.sys -- (BrUsbSer)

DRV:64bit: - [2009/06/10 20:41:06 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltLo.sys -- (BrFiltLo)

DRV:64bit: - [2009/06/10 20:41:06 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltUp.sys -- (BrFiltUp)

DRV:64bit: - [2009/06/10 20:37:19 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\secdrv.sys -- (secdrv)

DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2006/11/01 18:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2013/09/18 11:14:34 | 000,014,112 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)

DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {3ECFDBFE-82F8-4EA4-9BA0-A9C67171022D}

IE:64bit: - HKLM\..\SearchScopes\{3ECFDBFE-82F8-4EA4-9BA0-A9C67171022D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{BC8C9113-0353-4BFB-B56D-0811E37A400C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 50.63.57.205:8080

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 50.63.57.205:8080

 

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen

IE - HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/

IE - HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\..\SearchScopes,DefaultScope = {F39921F5-670A-464A-A5CB-5A85CD84B0C1}

IE - HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\..\SearchScopes\{F39921F5-670A-464A-A5CB-5A85CD84B0C1}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=

IE - HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 50.63.57.205:8080

 

 

========== FireFox ==========

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll File not found

FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Eamonn\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Eamonn\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Eamonn\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Eamonn\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Eamonn\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/02/22 15:48:35 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/02/22 15:48:35 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012/12/19 21:23:47 | 000,000,000 | ---D | M]

 

[2012/02/25 22:32:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eamonn\AppData\Roaming\Mozilla\Firefox\extensions

[2012/02/25 22:32:39 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Eamonn\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}

 

========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://www.google.com

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\gcswf32.dll

CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll

CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Eamonn\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Eamonn\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll

CHR - Extension: YouTube = C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: Google Search = C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: DivX HiQ = C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\

CHR - Extension: MagicScroll eBook Reader = C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble\3.0_0\

CHR - Extension: avast! Online Security = C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\

CHR - Extension: RealDownloader = C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\

CHR - Extension: Google Wallet = C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\

CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\

CHR - Extension: Gmail = C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

 

O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)

O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)

O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)

O4 - HKLM..\Run: [startCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-4189699179-4261241995-2062581622-1001..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)

O4 - HKU\S-1-5-21-4189699179-4261241995-2062581622-1001..\Run: [HP Photosmart 5520 series (NET)] C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)

O4 - HKU\S-1-5-21-4189699179-4261241995-2062581622-1001..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)

O4 - HKU\S-1-5-21-4189699179-4261241995-2062581622-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)

O4 - HKLM..\RunOnce: [AvgRemover] C:\Users\Eamonn\Downloads\avg_remover_stf_x64_2014_4116.exe (AVG Technologies CZ, s.r.o.)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16:64bit: - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://photos.fujipix.ie/imagine/ax/ImageUploader5.cab (Image Uploader Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.51.2)

O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.51.2)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8925218-DAF2-4299-8B63-6003F8F3209F}: DhcpNameServer = 192.168.0.1

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2012/10/01 05:28:36 | 000,464,384 | R--- | M] () - D:\Autorun.exe -- [ CDFS ]

O32 - AutoRun File - [2012/12/11 02:10:42 | 000,000,058 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]

O33 - MountPoints2\{dbae707e-0838-11e0-b4d7-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{dbae707e-0838-11e0-b4d7-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2012/10/01 05:28:36 | 000,464,384 | R--- | M] ()

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2014/02/16 23:27:54 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT

[2014/02/16 14:35:54 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2014/02/16 11:13:52 | 000,000,000 | ---D | C] -- C:\FRST

[2014/02/16 10:24:15 | 000,000,000 | ---D | C] -- C:\AdwCleaner

[2014/02/16 10:10:16 | 000,000,000 | ---D | C] -- C:\Users\Eamonn\Documents\Registry files

[2014/02/15 21:32:26 | 000,000,000 | ---D | C] -- C:\Users\Eamonn\AppData\Roaming\Malwarebytes

[2014/02/15 21:32:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2014/02/15 21:32:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2014/02/15 21:32:20 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2014/02/15 21:32:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2014/02/15 21:32:01 | 000,000,000 | ---D | C] -- C:\Users\Eamonn\AppData\Local\Programs

[2014/02/11 23:02:00 | 000,000,000 | ---D | C] -- C:\Users\Eamonn\Desktop\new house plans

[2014/02/11 20:37:53 | 000,000,000 | ---D | C] -- C:\Users\Eamonn\Desktop\wall system

[2014/02/10 00:37:48 | 000,080,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys

[2014/01/20 10:08:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle

[2014/01/20 10:06:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2014/01/20 10:06:18 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2014/01/20 10:06:00 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2014/01/20 10:06:00 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2014/01/20 10:06:00 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2014/01/20 10:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2014/02/18 11:29:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2014/02/18 11:29:22 | 3111,534,592 | -HS- | M] () -- C:\hiberfil.sys

[2014/02/18 10:34:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4189699179-4261241995-2062581622-1001UA.job

[2014/02/17 07:38:31 | 000,001,946 | ---- | M] () -- C:\Users\Eamonn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5520 series (Network).lnk

[2014/02/17 07:37:13 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2014/02/16 16:55:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2014/02/16 16:11:03 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014/02/16 16:11:03 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014/02/16 15:26:01 | 000,006,512 | ---- | M] () -- C:\bootsqm.dat

[2014/02/16 12:45:29 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2014/02/16 11:43:26 | 000,780,260 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2014/02/16 11:43:26 | 000,665,000 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2014/02/16 11:43:26 | 000,125,478 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2014/02/15 21:32:22 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2014/02/14 12:34:01 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4189699179-4261241995-2062581622-1001Core.job

[2014/02/13 03:31:04 | 000,766,172 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2014/02/13 00:00:33 | 000,002,008 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk

[2014/02/10 00:39:03 | 000,002,034 | ---- | M] () -- C:\Users\Public\Desktop\avast! SafeZone.lnk

[2014/02/10 00:39:03 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk

[2014/02/10 00:37:23 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2014/02/10 00:37:23 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2014/02/10 00:37:23 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys

[2014/02/10 00:37:23 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys

[2014/02/10 00:37:23 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

[2014/02/10 00:37:22 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

[2014/02/10 00:37:21 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

[2014/02/05 01:55:20 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2014/02/05 01:55:20 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2014/02/04 03:07:15 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2014/01/20 10:05:43 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2014/01/20 10:05:35 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2014/01/20 10:05:35 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2014/01/20 10:05:33 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2014/02/16 15:26:01 | 000,006,512 | ---- | C] () -- C:\bootsqm.dat

[2014/02/15 21:32:22 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2013/11/18 21:46:37 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini

[2013/02/05 17:52:54 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe

[2013/02/05 17:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll

[2013/02/05 17:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll

[2013/02/05 17:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll

[2013/02/05 17:52:50 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll

[2011/03/04 03:43:07 | 000,011,776 | ---- | C] () -- C:\Users\Eamonn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

 

========== ZeroAccess Check ==========

 

[2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 02:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 01:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 12:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 

========== LOP Check ==========

 

[2013/01/31 11:25:52 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software

[2013/01/31 11:25:52 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software

[2013/04/23 11:47:45 | 000,000,000 | ---D | M] -- C:\Users\Eamonn\AppData\Roaming\AC3Filter

[2013/12/02 21:54:18 | 000,000,000 | ---D | M] -- C:\Users\Eamonn\AppData\Roaming\AVAST Software

[2013/12/13 08:51:51 | 000,000,000 | ---D | M] -- C:\Users\Eamonn\AppData\Roaming\AVG

[2013/05/09 22:04:53 | 000,000,000 | ---D | M] -- C:\Users\Eamonn\AppData\Roaming\calibre

[2012/03/05 00:35:49 | 000,000,000 | ---D | M] -- C:\Users\Eamonn\AppData\Roaming\DVDVideoSoft

[2011/02/18 23:28:33 | 000,000,000 | ---D | M] -- C:\Users\Eamonn\AppData\Roaming\PCDr

[2013/03/31 00:14:36 | 000,000,000 | ---D | M] -- C:\Users\Eamonn\AppData\Roaming\Samsung

[2014/02/16 17:09:17 | 000,000,000 | ---D | M] -- C:\Users\Eamonn\AppData\Roaming\Shareaza

[2014/01/24 17:49:41 | 000,000,000 | ---D | M] -- C:\Users\Eamonn\AppData\Roaming\SoftGrid Client

[2011/05/03 07:51:31 | 000,000,000 | ---D | M] -- C:\Users\Eamonn\AppData\Roaming\TP

[2013/08/05 11:56:53 | 000,000,000 | ---D | M] -- C:\Users\Eamonn\AppData\Roaming\TuneUp Software

[2013/04/26 08:21:09 | 000,000,000 | ---D | M] -- C:\Users\Eamonn\AppData\Roaming\Xilisoft

 

========== Purity Check ==========

 

 

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 16 bytes -> C:\Users\Eamonn\Downloads:Shareaza.GUID

 

< End of report >
Link to post
Share on other sites

OTL Extras logfile created on: 2/18/2014 11:36:02 AM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Eamonn\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16428)

Locale: 00000409 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy

 

3.86 Gb Total Physical Memory | 3.20 Gb Available Physical Memory | 82.70% Memory free

7.73 Gb Paging File | 7.08 Gb Available in Paging File | 91.70% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 451.01 Gb Total Space | 89.82 Gb Free Space | 19.91% Space Free | Partition Type: NTFS

Drive D: | 546.13 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: EAMONN-PC | User Name: Eamonn | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

 

[HKEY_USERS\S-1-5-21-4189699179-4261241995-2062581622-1001\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0A01B78A-81D3-4D22-80CB-DA2FF90CE494}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{37D96367-6D8C-47CD-A877-65F83F8AD0A4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{3A8981F2-E1C2-48EC-9FB8-7DD3759988F9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{4664FBB3-BD6B-4C79-BEDA-84558A5F4411}" = lport=445 | protocol=6 | dir=in | app=system | 

"{4744554F-E899-4652-B73E-58F0D2520B7B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{491393DA-B2B5-46DA-9BF9-4BBF23CCB1D8}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{6487D9EA-4943-4791-8DFA-420FF16AB19F}" = rport=138 | protocol=17 | dir=out | app=system | 

"{7301AA80-3F7A-4A21-B040-D2955583948E}" = lport=138 | protocol=17 | dir=in | app=system | 

"{80B81E62-71F8-49B9-9C2F-174D10121973}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{9004BCD0-3F99-45FE-A3A3-5F77F1366F10}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{9064A4FA-64EA-45A4-982B-0A219F305B88}" = lport=139 | protocol=6 | dir=in | app=system | 

"{906CE297-64A5-4590-B53C-04DBA72213E9}" = rport=139 | protocol=6 | dir=out | app=system | 

"{9EB059FA-9222-4923-8B73-104B1B29ABFE}" = lport=137 | protocol=17 | dir=in | app=system | 

"{9F7C00A2-4E48-4149-BB61-2D02A16A0C31}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{B225359E-05B1-4C50-904D-312AECDB9FDF}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{C608A032-C07C-4C88-982D-F9D1BD6F26C6}" = rport=137 | protocol=17 | dir=out | app=system | 

"{DE795485-434B-4505-9993-F00D4C282551}" = rport=445 | protocol=6 | dir=out | app=system | 

"{DE9CD81E-E067-4784-A549-F5ACDBDCDF9F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{E40AE473-10B9-4DD3-B683-4D92E74C6080}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{EE22113B-2CF3-4418-8923-0423C8CC7FE2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{FEA85D97-0878-41DE-B721-9610EDFD63AE}" = lport=2869 | protocol=6 | dir=in | app=system | 

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{048D7B5E-5EC4-4E19-8207-6E3CDCF912A2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{056289DD-3855-4A17-8FB8-1CF30FF04FA1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{081C8AF0-9986-48F8-B7C5-A444FDE0A251}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{0A3468A7-CB14-4374-8846-798707B16479}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | 

"{1F5542A7-6F64-4EA3-ABCE-001489B1CDE8}" = dir=in | app=c:\program files (x86)\leapfrog\leapfrog connect\leapfrogconnect.exe | 

"{229C5EE6-8C46-4386-A105-3F8BD6293F8A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{2BF0CC92-9FC9-4E8B-9E88-DFD68CE689FA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{32CAAB8B-8FB2-48CE-93A5-52C6FC41D4BB}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | 

"{352914A6-73FF-465C-AA10-E5D8C86E9D73}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{37972F50-5E57-42F6-B3A3-D05E2DD2B209}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{3A896B98-1CFE-445B-BB3B-3D86880811F4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | 

"{3ECBD08F-D355-4061-9035-0976DD611DE8}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 

"{40ADDB3A-A962-44A4-B1F8-E61136BAD38A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{4232E1EA-3C6B-4B3D-8C69-BCA942ACE481}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{4BBA3B6B-49DC-4E84-AA87-3D3B335B3ADC}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 

"{4CAE2556-1273-4B45-A0B6-BA451CFA0D72}" = dir=in | app=c:\program files\hp\hp photosmart 5520 series\bin\devicesetup.exe | 

"{554A6AB7-AADF-4D4E-B3FA-EEA9A9421333}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{5A0F37A1-6733-429B-B146-39F87CF08874}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | 

"{67880DB0-4AF0-4401-A17F-32F3F91EF879}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{6F451D4D-2CED-4846-A396-559B3EC7A355}" = protocol=6 | dir=out | app=system | 

"{74BF4EE2-2548-4C2F-946B-79C6FE3AE810}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{75043472-58EA-4E05-8BD8-9E195870A574}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 

"{7639B2BB-1966-40A0-8A3C-D5437326773D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{7896557B-F2C2-4847-9BF3-5DC44626D35A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{7FE4990E-487B-4B33-ADCB-98A2BA287EC1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{97045F57-E43E-4099-B8F2-530D58629B7E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 

"{9978E444-E450-452B-8499-4A1388161CC0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{9CED18AF-8EC1-4782-A56C-C2365714D8B1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{A26F0B7D-4286-426B-910E-0458801B671D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{A520A631-783B-4D78-B1D8-391F6EE41B6E}" = dir=in | app=c:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe | 

"{AE85B5B7-2C38-4E78-982F-A7BD65DD050C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{C03C9850-C017-4AFC-A74A-93384C93C352}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{C90A02C1-75E0-4A16-80E0-1AA373C5D295}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe | 

"{C926E43D-ED2D-401C-B9D9-0521D9FD1F82}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{D231840C-84D8-4011-85D7-9EF7B64CE3DF}" = dir=in | app=c:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe | 

"{D2E7E36B-50FC-4D75-8856-141B2948A450}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe | 

"{FB5B6A18-E3F5-49BE-B138-8465619D709E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes

"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables

"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java 6 Update 20 (64-bit)

"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support

"{3B6074E5-5823-9363-851C-25F9DDB1E477}" = ccc-utility64

"{68C0736C-3E47-43A6-B14D-236BEF198A5F}" = HP Photosmart 5520 series Basic Device Software

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer

"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010

"{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = WIDCOMM Bluetooth Software

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{DCC176F0-3CE3-4DA9-8FF9-3809C1B48C47}" = HP Photosmart 5520 series Product Improvement Study

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0)

"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012)

"DW WLAN Card" = DW WLAN Card

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"PC-Doctor for Windows" = My Dell

"SynTPDeinstKey" = Synaptics Pointing Device Driver

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01BD4FC9-2F86-4706-A62E-774BB7E9D308}" = AVG PC TuneUp 2014

"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable

"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center

"{08BFB912-8D71-4E29-9A80-18BFB385F19B}" = LeapFrog Connect

"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup

"{1170BEDA-359C-4202-A5BF-CCA919E7B917}" = CCC Help Danish

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{19DE6032-D3EE-D664-FA63-452431599161}" = CCC Help Norwegian

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{24BBD0E3-4579-9EF5-6081-DE56129D093A}" = Catalyst Control Center InstallProxy

"{26A24AE4-039D-4CA4-87B4-2F83216034FF}" = Java 6 Update 37

"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{39EFAC6A-639E-3CE3-2B62-EF8518AD8326}" = CCC Help Chinese Traditional

"{3ED3BC2E-141A-BFB0-D48C-E8DDA3A461E7}" = ccc-core-static

"{41101F0C-DBD9-321C-A6B1-E0689B495A4E}" = Google Talk Plugin

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in

"{4D8E1ADE-CEA6-4A35-8D73-963F16C40FD3}" = Document Express DjVu Plug-in

"{56D4499E-AC3E-4B8D-91C9-C700C148C44B}" = Google Drive

"{57B21E43-056F-9E58-8774-20E8A89B5347}" = CCC Help English

"{581AF03B-4008-41AE-846C-21CACF9B48A9}" = calibre

"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{65A30A52-B4CA-006E-8750-8366C9693C77}" = CCC Help Russian

"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator

"{66C5E9B6-2D87-D7E8-9B8F-BFCAD7105AD1}" = Catalyst Control Center Graphics Previews Common

"{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer

"{6F3AB64A-CC2D-C533-C5CD-30420E2DC578}" = Skins

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7137E26A-10F7-4B1C-9980-0893579E92DA}" = HP Photosmart 5520 series Help

"{71E015CC-52DA-4536-AF0C-C643BA1E45FB}" = Catalyst Control Center - Branding

"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{78AE5FAE-C641-311B-9CC8-CEBB87FAF795}" = CCC Help Japanese

"{7BCA9417-A611-CC28-9471-6250EC9666EB}" = Catalyst Control Center Graphics Full Existing

"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{8C28F118-03B5-4756-F83C-C31C851D1FF3}" = CCC Help Chinese Standard

"{8CD86D42-C4DD-4E40-9211-164DFFBCA4DB}" = AVG PC TuneUp 2014 (en-US)

"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer

"{95E58BA1-2E10-B49E-283C-3C170C098149}" = CCC Help Dutch

"{9635D462-1B39-E171-BA1C-32A036572251}" = CCC Help Spanish

"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175

"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn

"{A4147C0B-A939-B87E-A6AB-71837A52AFEC}" = Catalyst Control Center Core Implementation

"{A8ACDFFF-093C-8898-E1B8-9388277CD805}" = CCC Help Portuguese

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software

"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime

"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2

"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader

"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn

"{B47669BF-36B7-B33B-69C9-A2E7AAA36017}" = CCC Help German

"{BCE46757-7674-4416-BEDB-68205A60409E}" = CanoScan Toolbox Ver4.1

"{C52D6FF6-308B-2395-72EE-CA72216F8618}" = CCC Help Korean

"{C5422D6A-6CC4-82CA-C28F-249DC0C846B5}" = Catalyst Control Center Graphics Full New

"{CEC73671-6AFB-CC2B-203B-2A00E8901755}" = Catalyst Control Center Graphics Previews Vista

"{D7058431-BC8D-71B7-136F-6FFA32C5C7C2}" = CCC Help Swedish

"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide® Viewer ActiveX Control Release 6.5

"{ECBA603F-259F-9C33-85DE-0D7E3FCAB407}" = CCC Help Finnish

"{EE14D3B8-D4A6-EEC6-A37E-FC77CBF6A5FE}" = CCC Help Italian

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F26E3E58-D6E5-3C61-7A7C-20D61017C26A}" = CCC Help French

"{FB9F4BEA-283B-18FA-3DA4-B757214528F3}" = Catalyst Control Center Localization All

"{FC161371-B8B2-4BA7-97F7-82319C76333E}" = LeapFrog Tag Junior Plugin

"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables

"{FE6D5F28-4C11-4197-66CA-48AA4AECD833}" = Catalyst Control Center Graphics Light

"AC3Filter_is1" = AC3Filter 2.5b

"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0

"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin

"Advanced Audio FX Engine" = Advanced Audio FX Engine

"avast" = avast! Internet Security

"AVG PC TuneUp" = AVG PC TuneUp 2014

"Dell Webcam Central" = Dell Webcam Central

"DivX Setup.divx.com" = DivX Setup

"FBReader for Windows" = FBReader for Windows

"Free Video to Samsung Phones Converter_is1" = Free Video to Samsung Phones Converter version 5.0.6.221

"Google Chrome" = Google Chrome

"HP Photo Creations" = HP Photo Creations

"InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer

"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"Office14.Click2Run" = Microsoft Office Click-to-Run 2010

"RealPlayer 16.0" = RealPlayer

"Shareaza 3 MediaBar" = MediaBar

"TagJuniorPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)

"UPCShell" = LeapFrog Connect

"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-4189699179-4261241995-2062581622-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Amazon Kindle" = Amazon Kindle

 

========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 2/17/2014 3:39:13 AM | Computer Name = Eamonn-PC | Source = .NET Runtime | ID = 1026

Description = 

 

Error - 2/17/2014 3:41:23 AM | Computer Name = Eamonn-PC | Source = Application Error | ID = 1000

Description = Faulting application name: wmpnscfg.exe, version: 12.0.7600.16385,

 time stamp: 0x4a5bd026  Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229,

 time stamp: 0x51fb1677  Exception code: 0xc06d007f  Fault offset: 0x000000000000940d

Faulting

 process id: 0x1698  Faulting application start time: 0x01cf2bb39f5b1d07  Faulting application

 path: C:\Program Files\Windows Media Player\wmpnscfg.exe  Faulting module path: C:\Windows\system32\KERNELBASE.dll

Report

 Id: e5d1435a-97a6-11e3-9594-f04da2514df8

 

Error - 2/17/2014 3:41:23 AM | Computer Name = Eamonn-PC | Source = Application Error | ID = 1000

Description = Faulting application name: wmpnscfg.exe, version: 12.0.7600.16385,

 time stamp: 0x4a5bd026  Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229,

 time stamp: 0x51fb1677  Exception code: 0xc06d007f  Fault offset: 0x000000000000940d

Faulting

 process id: 0x1648  Faulting application start time: 0x01cf2bb39ef9849c  Faulting application

 path: C:\Program Files\Windows Media Player\wmpnscfg.exe  Faulting module path: C:\Windows\system32\KERNELBASE.dll

Report

 Id: e5d11c4a-97a6-11e3-9594-f04da2514df8

 

Error - 2/18/2014 7:24:47 AM | Computer Name = Eamonn-PC | Source = Application Error | ID = 1000

Error - 2/18/2014 7:24:47 AM | Computer Name = Eamonn-PC | Source = Application 

Error | ID = 1000

 

Error - 2/18/2014 7:27:14 AM | Computer Name = Eamonn-PC | Source = WinMgmt | ID = 28

Description = 

 

[ Dell Events ]

Error - 8/4/2011 3:33:19 AM | Computer Name = Eamonn-PC | Source = DataSafe | ID = 17

Description = The process was interrupted before completion.

 

Error - 8/4/2011 7:26:31 AM | Computer Name = Eamonn-PC | Source = DataSafe | ID = 17

Description = The process was interrupted before completion.

 

Error - 8/4/2011 7:26:31 AM | Computer Name = Eamonn-PC | Source = DataSafe | ID = 17

Description = The process was interrupted before completion.

 

Error - 8/4/2011 4:30:38 PM | Computer Name = Eamonn-PC | Source = DataSafe | ID = 17

Description = The process was interrupted before completion.

 

Error - 8/4/2011 4:30:38 PM | Computer Name = Eamonn-PC | Source = DataSafe | ID = 17

Description = The process was interrupted before completion.

 

Error - 8/5/2011 4:03:47 AM | Computer Name = Eamonn-PC | Source = DataSafe | ID = 17

Description = The process was interrupted before completion.

 

Error - 8/5/2011 4:03:47 AM | Computer Name = Eamonn-PC | Source = DataSafe | ID = 17

Description = The process was interrupted before completion.

 

Error - 8/17/2011 6:57:50 PM | Computer Name = Eamonn-PC | Source = DataSafe | ID = 17

Description = The process was interrupted before completion.

 

Error - 8/17/2011 6:57:50 PM | Computer Name = Eamonn-PC | Source = DataSafe | ID = 17

Description = The process was interrupted before completion.

 

Error - 8/25/2011 4:10:24 AM | Computer Name = Eamonn-PC | Source = DataSafe | ID = 17

Description = The process was interrupted before completion.

 

[ System Events ]

Error - 2/18/2014 7:44:11 AM | Computer Name = Eamonn-PC | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Server service which failed

 to start because of the following error:   %%1068

 

Error - 2/18/2014 7:44:39 AM | Computer Name = Eamonn-PC | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Server service which failed

 to start because of the following error:   %%1068

 

Error - 2/18/2014 7:44:39 AM | Computer Name = Eamonn-PC | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Server service which failed

 to start because of the following error:   %%1068

 

Error - 2/18/2014 7:44:39 AM | Computer Name = Eamonn-PC | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Server service which failed

 to start because of the following error:   %%1068

 

Error - 2/18/2014 7:46:07 AM | Computer Name = Eamonn-PC | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Server service which failed

 to start because of the following error:   %%1068

 

Error - 2/18/2014 7:46:07 AM | Computer Name = Eamonn-PC | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Server service which failed

 to start because of the following error:   %%1068

 

Error - 2/18/2014 7:46:07 AM | Computer Name = Eamonn-PC | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Server service which failed

 to start because of the following error:   %%1068

 

Error - 2/18/2014 7:46:47 AM | Computer Name = Eamonn-PC | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Server service which failed

 to start because of the following error:   %%1068

 

Error - 2/18/2014 7:46:47 AM | Computer Name = Eamonn-PC | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Server service which failed

 to start because of the following error:   %%1068

 

Error - 2/18/2014 7:46:47 AM | Computer Name = Eamonn-PC | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Server service which failed

 to start because of the following error:   %%1068

 

 

< End of report >
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-02-2014

Ran by Eamonn (administrator) on EAMONN-PC on 18-02-2014 14:26:05

Running from C:\Users\Eamonn\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Safe Mode (with Networking)

 

The only official download link for FRST:

Download link for 32-Bit version:

Download link for 64-Bit Version:

Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(OldTimer Tools) C:\Users\Eamonn\Downloads\OTL.com

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2122536 2010-05-08] (Synaptics Incorporated)

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-02-03] (Realtek Semiconductor)

HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\QuickSet.exe [3203440 2010-04-06] (Dell Inc.)

HKLM-x32\...\Run: [startCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)

HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [] - [X]

HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-29] (AVAST Software)

HKLM-x32\...\Run: [Monitor] - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [106496 2013-11-27] (LeapFrog Enterprises, Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\RunOnce: [AvgRemover] - C:\Users\Eamonn\Downloads\avg_remover_stf_x64_2014_4116.exe /run_number=2 /avgdir="C:\Program Files (x86)\AVG\AVG2013\" /avgdatadir="C:\ProgramData\AVG2013\" /ndis_nextstep=4 [3386520 2014-02-18] (AVG Technologies CZ, s.r.o.)

HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-07] (Samsung)

HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-03-20] (Samsung Electronics)

HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-07] (Samsung)

HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\...\Run: [HP Photosmart 5520 series (NET)] - C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-4189699179-4261241995-2062581622-1001\...\MountPoints2: {dbae707e-0838-11e0-b4d7-806e6f6e6963} - D:\Autorun.exe

Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

Startup: C:\Users\Eamonn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5520 series (Network).lnk

ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5520 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

 

==================== Internet (Whitelisted) ====================

 

ProxyServer: 50.63.57.205:8080

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen

URLSearchHook: HKLM-x32 - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab

DPF: HKLM-x32 {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://photos.fujipix.ie/imagine/ax/ImageUploader5.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

 

Chrome: 

=======


CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File

CHR Plugin: (Skype Click to Call) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll No File

CHR Plugin: (AVG Internet Security) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File

CHR Plugin: (Java Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File

CHR Plugin: (Google Talk Plugin) - C:\Users\Eamonn\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Eamonn\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer Version Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File

CHR Plugin: (RealJukebox NS Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll No File

CHR Extension: (YouTube) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-12]

CHR Extension: (Google Search) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-12]

CHR Extension: (DivX HiQ) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2012-05-12]

CHR Extension: (MagicScroll eBook Reader) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2013-04-28]

CHR Extension: (avast! Online Security) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-05-22]

CHR Extension: (RealDownloader) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-02-17]

CHR Extension: (Google Wallet) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]

CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-05-12]

CHR Extension: (Gmail) - C:\Users\Eamonn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-12]

CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]

CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]

CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Eamonn\AppData\Local\Temp\ccex.crx [2012-11-29]

CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]

 

==================== Services (Whitelisted) =================

 

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-29] (AVAST Software)

S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [116776 2013-11-29] (AVAST Software)

S2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()

S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2099000 2013-10-30] (AVG)

S2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [42808 2013-10-30] (AVG)

 

==================== Drivers (Whitelisted) ====================

 

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-11-29] (AVAST Software)

S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-10] (AVAST Software)

R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2013-11-29] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-29] (AVAST Software)

S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-29] ()

S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-10] (AVAST Software)

S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-10] (AVAST Software)

S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-10] ()

S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)

S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-09-28] (LeapFrog)

S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)

S2 aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [X]

S1 aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [X]

S3 dg_ssudbus; system32\DRIVERS\ssudbus.sys [X]

S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X]

S3 ssudmdm; system32\DRIVERS\ssudmdm.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-02-18 11:47 - 2014-02-18 11:47 - 00173312 _____ () C:\Users\Eamonn\Downloads\OTL.Txt

2014-02-18 11:47 - 2014-02-18 11:47 - 00057964 _____ () C:\Users\Eamonn\Downloads\Extras.Txt

2014-02-18 11:34 - 2014-02-18 11:34 - 00602112 _____ (OldTimer Tools) C:\Users\Eamonn\Downloads\OTL.com

2014-02-18 10:47 - 2014-02-18 10:49 - 00425702 _____ () C:\Users\Eamonn\Downloads\avgremover.log

2014-02-18 10:47 - 2014-02-18 10:47 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Eamonn\Downloads\avg_remover_stf_x64_2014_4116.exe

2014-02-18 10:25 - 2014-02-18 10:25 - 03218352 _____ (McAfee, Inc.) C:\Users\Eamonn\Downloads\MCPR.exe

2014-02-18 07:02 - 2014-02-18 07:02 - 00987425 _____ () C:\Users\Eamonn\Downloads\SecurityCheck.exe

2014-02-18 06:56 - 2014-02-18 06:56 - 00002792 _____ () C:\Users\Eamonn\Desktop\ESET SCAN.txt

2014-02-17 19:19 - 2014-02-17 19:20 - 02347384 _____ (ESET) C:\Users\Eamonn\Downloads\esetsmartinstaller_enu.exe

2014-02-16 23:41 - 2014-02-16 23:42 - 02152448 _____ (Farbar) C:\Users\Eamonn\Downloads\FRST64 (2).exe

2014-02-16 23:41 - 2014-02-16 23:41 - 01037530 _____ (Thisisu) C:\Users\Eamonn\Downloads\JRT (1).exe

2014-02-16 23:40 - 2014-02-16 23:40 - 00003030 _____ () C:\Users\Eamonn\Desktop\JRT.txt

2014-02-16 23:33 - 2014-02-16 23:33 - 02152448 _____ (Farbar) C:\Users\Eamonn\Downloads\FRST64 (1).exe

2014-02-16 23:27 - 2014-02-16 23:27 - 00000000 ____D () C:\Windows\ERUNT

2014-02-16 23:25 - 2014-02-16 23:25 - 01037530 _____ (Thisisu) C:\Users\Eamonn\Downloads\JRT.exe

2014-02-16 23:10 - 2014-02-16 23:10 - 00000000 ____D () C:\Users\Eamonn\Downloads\FRST-OlderVersion

2014-02-16 15:26 - 2014-02-16 15:26 - 00006512 ____N () C:\bootsqm.dat

2014-02-16 13:40 - 2014-02-16 13:40 - 00052026 _____ () C:\Users\Eamonn\Desktop\attach.txt

2014-02-16 13:40 - 2014-02-16 13:40 - 00022417 _____ () C:\Users\Eamonn\Desktop\dds.txt

2014-02-16 13:39 - 2014-02-16 13:40 - 00688992 ____R (Swearware) C:\Users\Eamonn\Downloads\dds (1).scr

2014-02-16 13:31 - 2014-02-16 13:31 - 00688992 ____R (Swearware) C:\Users\Eamonn\Downloads\dds.scr

2014-02-16 13:02 - 2014-02-16 13:02 - 00688992 ____R (Swearware) C:\Users\Eamonn\Downloads\dds.com

2014-02-16 12:47 - 2014-02-18 10:26 - 00003344 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4189699179-4261241995-2062581622-1001

2014-02-16 12:47 - 2014-02-18 10:26 - 00003212 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4189699179-4261241995-2062581622-1001

2014-02-16 12:10 - 2014-02-16 12:10 - 00003556 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - cd7538e1970a4a0cb0962f2786c3f786fe2058051a404ffe8be1c0c41cfb2813

2014-02-16 11:15 - 2014-02-16 11:15 - 00030894 _____ () C:\Users\Eamonn\Downloads\Addition.txt

2014-02-16 11:13 - 2014-02-18 14:26 - 00000000 ____D () C:\FRST

2014-02-16 11:13 - 2014-02-18 14:26 - 00000000 _____ () C:\Users\Eamonn\Downloads\FRST.txt

2014-02-16 11:12 - 2014-02-16 23:10 - 02152448 _____ (Farbar) C:\Users\Eamonn\Downloads\FRST64.exe

2014-02-16 10:59 - 2014-02-16 11:00 - 01166132 _____ () C:\Users\Eamonn\Downloads\AdwCleaner (1).exe

2014-02-16 10:24 - 2014-02-16 11:04 - 00000000 ____D () C:\AdwCleaner

2014-02-16 10:23 - 2014-02-16 10:24 - 01166132 _____ () C:\Users\Eamonn\Downloads\AdwCleaner.exe

2014-02-16 10:10 - 2014-02-16 12:41 - 00000000 ____D () C:\Users\Eamonn\Documents\Registry files

2014-02-15 21:32 - 2014-02-16 12:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-15 21:32 - 2014-02-15 21:32 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-15 21:32 - 2014-02-15 21:32 - 00000000 ____D () C:\Users\Eamonn\AppData\Roaming\Malwarebytes

2014-02-15 21:32 - 2014-02-15 21:32 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-15 21:32 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-02-15 21:31 - 2014-02-15 21:31 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Eamonn\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-15 21:31 - 2014-02-15 21:31 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Eamonn\Downloads\mbam-setup-1.75.0.1300 (1).exe

2014-02-11 23:02 - 2014-02-11 23:02 - 00000000 ____D () C:\Users\Eamonn\Desktop\new house plans

2014-02-11 20:37 - 2014-02-11 20:38 - 00000000 ____D () C:\Users\Eamonn\Desktop\wall system

2014-02-10 00:37 - 2014-02-10 00:37 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys

2014-02-01 09:57 - 2014-02-01 09:57 - 00000000 ____D () C:\Users\Eamonn\Downloads\WALT DISNEYS TINKERBELL 2008[DVDRIP][ENG]-KIDZCORNER&J.T.R

2014-01-20 10:09 - 2014-01-20 10:09 - 00921000 _____ (Oracle Corporation) C:\Users\Eamonn\Downloads\chromeinstall-7u51 (1).exe

2014-01-20 10:08 - 2014-01-20 10:08 - 00000000 ____D () C:\ProgramData\Oracle

2014-01-20 10:06 - 2014-01-20 10:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-01-20 10:06 - 2014-01-20 10:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-01-20 10:06 - 2014-01-20 10:05 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-01-20 10:06 - 2014-01-20 10:05 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-01-20 10:01 - 2014-01-20 10:01 - 00921000 _____ (Oracle Corporation) C:\Users\Eamonn\Downloads\chromeinstall-7u51.exe

 

==================== One Month Modified Files and Folders =======

 

2014-02-18 14:26 - 2014-02-16 11:13 - 00000000 ____D () C:\FRST

2014-02-18 14:26 - 2014-02-16 11:13 - 00000000 _____ () C:\Users\Eamonn\Downloads\FRST.txt

2014-02-18 11:47 - 2014-02-18 11:47 - 00173312 _____ () C:\Users\Eamonn\Downloads\OTL.Txt

2014-02-18 11:47 - 2014-02-18 11:47 - 00057964 _____ () C:\Users\Eamonn\Downloads\Extras.Txt

2014-02-18 11:34 - 2014-02-18 11:34 - 00602112 _____ (OldTimer Tools) C:\Users\Eamonn\Downloads\OTL.com

2014-02-18 11:23 - 2010-12-15 09:11 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks

2014-02-18 11:23 - 2010-12-15 09:11 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks

2014-02-18 11:23 - 2010-12-15 09:02 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup

2014-02-18 11:22 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-02-18 11:22 - 2009-07-14 04:51 - 00077747 _____ () C:\Windows\setupact.log

2014-02-18 10:50 - 2010-12-15 10:48 - 00582678 _____ () C:\Windows\PFRO.log

2014-02-18 10:49 - 2014-02-18 10:47 - 00425702 _____ () C:\Users\Eamonn\Downloads\avgremover.log

2014-02-18 10:49 - 2012-03-13 02:44 - 00000000 ____D () C:\Program Files (x86)\AVG

2014-02-18 10:47 - 2014-02-18 10:47 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Eamonn\Downloads\avg_remover_stf_x64_2014_4116.exe

2014-02-18 10:34 - 2011-08-12 12:34 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4189699179-4261241995-2062581622-1001UA.job

2014-02-18 10:33 - 2009-07-14 05:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-02-18 10:26 - 2014-02-16 12:47 - 00003344 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4189699179-4261241995-2062581622-1001

2014-02-18 10:26 - 2014-02-16 12:47 - 00003212 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4189699179-4261241995-2062581622-1001

2014-02-18 10:25 - 2014-02-18 10:25 - 03218352 _____ (McAfee, Inc.) C:\Users\Eamonn\Downloads\MCPR.exe

2014-02-18 07:02 - 2014-02-18 07:02 - 00987425 _____ () C:\Users\Eamonn\Downloads\SecurityCheck.exe

2014-02-18 06:56 - 2014-02-18 06:56 - 00002792 _____ () C:\Users\Eamonn\Desktop\ESET SCAN.txt

2014-02-18 04:01 - 2009-07-14 05:10 - 01657279 _____ () C:\Windows\WindowsUpdate.log

2014-02-17 19:20 - 2014-02-17 19:19 - 02347384 _____ (ESET) C:\Users\Eamonn\Downloads\esetsmartinstaller_enu.exe

2014-02-17 07:37 - 2011-10-29 20:53 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-16 23:42 - 2014-02-16 23:41 - 02152448 _____ (Farbar) C:\Users\Eamonn\Downloads\FRST64 (2).exe

2014-02-16 23:41 - 2014-02-16 23:41 - 01037530 _____ (Thisisu) C:\Users\Eamonn\Downloads\JRT (1).exe

2014-02-16 23:40 - 2014-02-16 23:40 - 00003030 _____ () C:\Users\Eamonn\Desktop\JRT.txt

2014-02-16 23:33 - 2014-02-16 23:33 - 02152448 _____ (Farbar) C:\Users\Eamonn\Downloads\FRST64 (1).exe

2014-02-16 23:27 - 2014-02-16 23:27 - 00000000 ____D () C:\Windows\ERUNT

2014-02-16 23:25 - 2014-02-16 23:25 - 01037530 _____ (Thisisu) C:\Users\Eamonn\Downloads\JRT.exe

2014-02-16 23:10 - 2014-02-16 23:10 - 00000000 ____D () C:\Users\Eamonn\Downloads\FRST-OlderVersion

2014-02-16 23:10 - 2014-02-16 11:12 - 02152448 _____ (Farbar) C:\Users\Eamonn\Downloads\FRST64.exe

2014-02-16 17:21 - 2013-04-30 00:05 - 00000000 ____D () C:\Users\Eamonn\.FBReader

2014-02-16 17:09 - 2011-05-12 23:12 - 00000000 ____D () C:\Users\Eamonn\AppData\Roaming\Shareaza

2014-02-16 16:55 - 2013-02-08 09:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-02-16 16:11 - 2009-07-14 04:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-02-16 16:11 - 2009-07-14 04:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-16 15:26 - 2014-02-16 15:26 - 00006512 ____N () C:\bootsqm.dat

2014-02-16 13:40 - 2014-02-16 13:40 - 00052026 _____ () C:\Users\Eamonn\Desktop\attach.txt

2014-02-16 13:40 - 2014-02-16 13:40 - 00022417 _____ () C:\Users\Eamonn\Desktop\dds.txt

2014-02-16 13:40 - 2014-02-16 13:39 - 00688992 ____R (Swearware) C:\Users\Eamonn\Downloads\dds (1).scr

2014-02-16 13:34 - 2013-01-15 14:52 - 00000000 ____D () C:\Users\Eamonn\Desktop\Printing

2014-02-16 13:31 - 2014-02-16 13:31 - 00688992 ____R (Swearware) C:\Users\Eamonn\Downloads\dds.scr

2014-02-16 13:02 - 2014-02-16 13:02 - 00688992 ____R (Swearware) C:\Users\Eamonn\Downloads\dds.com

2014-02-16 12:45 - 2011-10-29 20:53 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-16 12:42 - 2014-02-15 21:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-16 12:41 - 2014-02-16 10:10 - 00000000 ____D () C:\Users\Eamonn\Documents\Registry files

2014-02-16 12:41 - 2012-01-11 18:18 - 00000000 ____D () C:\Users\Eamonn\AppData\Roaming\Mozilla

2014-02-16 12:41 - 2011-02-18 22:57 - 00000000 ___RD () C:\Users\Eamonn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-02-16 12:41 - 2011-02-18 22:52 - 00000000 ____D () C:\Users\Eamonn

2014-02-16 12:41 - 2009-07-14 07:44 - 00000000 ___RD () C:\Users\Public\Recorded TV

2014-02-16 12:40 - 2010-12-15 08:54 - 00000000 ____D () C:\Windows\SysWOW64\Macromed

2014-02-16 12:40 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache

2014-02-16 12:40 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\registration

2014-02-16 12:10 - 2014-02-16 12:10 - 00003556 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - cd7538e1970a4a0cb0962f2786c3f786fe2058051a404ffe8be1c0c41cfb2813

2014-02-16 11:43 - 2009-07-14 05:13 - 00780260 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-02-16 11:15 - 2014-02-16 11:15 - 00030894 _____ () C:\Users\Eamonn\Downloads\Addition.txt

2014-02-16 11:04 - 2014-02-16 10:24 - 00000000 ____D () C:\AdwCleaner

2014-02-16 11:00 - 2014-02-16 10:59 - 01166132 _____ () C:\Users\Eamonn\Downloads\AdwCleaner (1).exe

2014-02-16 10:52 - 2012-07-09 11:55 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update

2014-02-16 10:24 - 2014-02-16 10:23 - 01166132 _____ () C:\Users\Eamonn\Downloads\AdwCleaner.exe

2014-02-15 21:32 - 2014-02-15 21:32 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-15 21:32 - 2014-02-15 21:32 - 00000000 ____D () C:\Users\Eamonn\AppData\Roaming\Malwarebytes

2014-02-15 21:32 - 2014-02-15 21:32 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-15 21:31 - 2014-02-15 21:31 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Eamonn\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-15 21:31 - 2014-02-15 21:31 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Eamonn\Downloads\mbam-setup-1.75.0.1300 (1).exe

2014-02-15 21:02 - 2010-12-15 08:59 - 00000000 ____D () C:\ProgramData\Adobe

2014-02-15 21:01 - 2011-02-21 09:45 - 00000000 ____D () C:\Users\Eamonn\AppData\Local\Adobe

2014-02-14 12:34 - 2011-08-12 12:34 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4189699179-4261241995-2062581622-1001Core.job

2014-02-13 03:31 - 2011-05-03 07:50 - 00766172 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-02-13 03:03 - 2011-10-29 20:53 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-02-13 03:03 - 2011-10-29 20:53 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-02-13 00:00 - 2013-03-04 20:39 - 00002008 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk

2014-02-12 14:39 - 2013-06-17 10:12 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask

2014-02-11 23:02 - 2014-02-11 23:02 - 00000000 ____D () C:\Users\Eamonn\Desktop\new house plans

2014-02-11 20:38 - 2014-02-11 20:37 - 00000000 ____D () C:\Users\Eamonn\Desktop\wall system

2014-02-10 00:39 - 2013-11-29 21:24 - 00002034 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk

2014-02-10 00:39 - 2013-11-29 21:12 - 00001974 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk

2014-02-10 00:37 - 2014-02-10 00:37 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys

2014-02-10 00:37 - 2013-03-16 09:00 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2014-02-10 00:37 - 2012-05-12 13:29 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

2014-02-10 00:37 - 2012-05-12 13:29 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2014-02-10 00:37 - 2012-05-12 13:29 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2014-02-10 00:37 - 2012-05-12 13:29 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2014-02-10 00:37 - 2012-05-12 13:28 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-02-05 01:55 - 2013-02-08 09:34 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-02-05 01:55 - 2012-04-12 11:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-02-05 01:55 - 2011-06-16 06:21 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-02-04 03:07 - 2012-05-12 13:35 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-02-02 22:33 - 2014-01-16 01:19 - 00000000 ____D () C:\Users\Eamonn\Desktop\House design

2014-02-01 10:02 - 2013-05-19 22:45 - 00000000 ____D () C:\Users\Eamonn\Downloads\Dr Seuss eBooks in PDF and CBZ

2014-02-01 09:57 - 2014-02-01 09:57 - 00000000 ____D () C:\Users\Eamonn\Downloads\WALT DISNEYS TINKERBELL 2008[DVDRIP][ENG]-KIDZCORNER&J.T.R

2014-01-24 17:49 - 2011-05-03 07:51 - 00000000 ____D () C:\Users\Eamonn\AppData\Roaming\SoftGrid Client

2014-01-20 10:09 - 2014-01-20 10:09 - 00921000 _____ (Oracle Corporation) C:\Users\Eamonn\Downloads\chromeinstall-7u51 (1).exe

2014-01-20 10:08 - 2014-01-20 10:08 - 00000000 ____D () C:\ProgramData\Oracle

2014-01-20 10:05 - 2014-01-20 10:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-01-20 10:05 - 2014-01-20 10:06 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-01-20 10:05 - 2014-01-20 10:06 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-01-20 10:05 - 2014-01-20 10:06 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-01-20 10:05 - 2012-08-17 21:22 - 00000000 ____D () C:\Program Files (x86)\Java

2014-01-20 10:01 - 2014-01-20 10:01 - 00921000 _____ (Oracle Corporation) C:\Users\Eamonn\Downloads\chromeinstall-7u51.exe

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2014-02-16 18:05

 

==================== End Of Log ============================

Link to post
Share on other sites

Hi,

Got passed putting my password in in normal mode. It then gave me the message

DELL DATASAFE LOCAL BACKUP has stopped working

Windows is checking for a solution to the problem.

It got over that then went with

RunDLL

C\Program Files\HP\HP Photosmart 5520 series\bin\HPStatusBl.dll

Operation did not complete successfully because the file contains a virus

 

Tried launching IE and Chrome and got

CHROME.exe Application Error

The application was unable to start correctly (0xc0000906)

click ok to close the application

and

RunDll

There was a problem starting C:\Windows\system32\WerConCpl.dll

and the same message about a virus as above.

Gave up at that.

 

As for the proxy thing not really sure what that means.

 

Are we winning?

Link to post
Share on other sites

Security Check indicated earlier that Windows Firewall was active, Avast Security also appears to have a Firewall, is that correct. The recent logs do not show any obvious malware/infection. If two FW are active there maybe major issues from that.

 

The Proxy looks ok, check this link: https://ipdb.at/ip/50.63.57.205 do you recognize the ISP...

 

Can you turn off one of the firewalls, re-boot and see if there is an improvement..

Link to post
Share on other sites

In safe mode avast says firewall off so I turned off windows firewall.

Got to after password again and got a series of error messages the front one being

dwm.exe-Application error

The application was unable to start correctly(0xc0000906)

Click ok to close the application

It completely hanged.

What next?

Link to post
Share on other sites

Hi Kevin,

Good news! I think we are all sorted.

I successfully got into a clean boot state and entered the process of elimination to find what program was causing the problem. I was able to turn avast off from booting but could not turn it back on again. I uninstalled it and reinstalled it and have had no problems since!

Have since ran a full virus scan and malwarebytes scan and have found nothing.

I presume that's everything I need to do done? ( bar make a donation perhaps)

Link to post
Share on other sites

Donations are always welcomed and appreciated.... Do not forget to return to Normal boot state when clean boot is completed...

 

I guess if your system is back to normal and no issues/concerns we can clean up, do the following:

 

We need to remove FRST,  first it is very important to deal with its own Quarantine folder by using FRST itself..

 

OK, we continue:

 

Delete any fixlist.txt file previously used, continue:

 

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

 

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). That will confirm the removal action, delete if successful.

 

Next,

 

Delete FRST.exe from your Desktop or the folder it was saved to, navigate to and delete its folder C:\FRST

 

Next,

 

OTL Cleanup

  • Re-open otlDesktopIcon.png to run it. (Vista and Win 7 users accept UAC alert)
  • Click on the btnCleanUp.png button.
  • Click Yes to begin the cleanup process and remove tools, including this application
  • You may be asked to reboot the machine to finish the cleanup process - if so, choose Yes

 

Next,

 

Download "Delfix by Xplode" and save it to your desktop.

 

"Delfix link mirror"

 

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

 

Make Sure the following items are checked:

 


  •    
  • Remove disinfection tools
       
  • Purge System Restore
       
  • Reset system settings

 

Now click on "Run" and wait patiently until the tool has completed.

 

The tool will create a log when it has completed. We don't need you to post this.

 

Let me know if those steps complete OK, also if no remaining issues are we ok to close out?

 

Read the following link to fully understand PC security and best practices, you may find it useful....

 

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629

 

Kevin....

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.