Jump to content

Recommended Posts

When I run MBAM it seems to stop responding around 19 minutes in every time. I've randomly been getting blue screen of death related to acedrv09.sys which I can't find anywhere. Here are the DDS and Attach logs, thanks.

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29

Run by Ingram at 15:53:27 on 2011-11-13

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4023.1893 [GMT 0:00]

.

AV: AVG Internet Security 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Internet Security 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG10\avgchsva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG10\avgfws.exe

C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files (x86)\AVG\AVG10\avgam.exe

C:\Program Files (x86)\AVG\AVG10\avgnsa.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files (x86)\AVG\AVG10\avgemca.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\PROGRA~2\AVG\AVG10\avgrsa.exe

C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\SysWOW64\werfault.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\MindMaster\MindMasterV2.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\AVG\AVG10\avgtray.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.animenewsnetwork.com/

uSearch Bar = Preserve

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

mWinlogon: Userinit=userinit.exe,

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [Reminder] C:\Program Files (x86)\TTG\Reminder\Reminder.exe

uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

uRun: [Recovery Backup Wizard] C:\Program Files (x86)\TTG\Reminder\Reminder.exe

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [MindMaster] C:\MindMaster\MindMasterV2.exe

uRun: [DriverFinder] C:\Program Files (x86)\DriverFinder\DriverFinder.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 194.168.4.100 194.168.8.100

TCP: Interfaces\{2D31FF00-B526-4D6D-B89A-5902FE28FD4C} : DhcpNameServer = 194.168.4.100 194.168.8.100

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO-X64: HP Print Enhancer - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

BHO-X64: HP Smart BHO Class - No File

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

TB-X64: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

mRun-x64: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe

mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Ingram\AppData\Roaming\Mozilla\Firefox\Profiles\79lwzoq0.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4dd76716&v=6.103.018.001&i=26&tp=ab&iy=&ychte=uk&lng=en-GB&q=

FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Sony\Media Go\npmediago.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R0 pe3ajbeb;L Ile Noyee Environment Driver (pe3ajbeb);C:\Windows\system32\drivers\pe3ajbeb.sys --> C:\Windows\system32\drivers\pe3ajbeb.sys [?]

R0 ps7ajbeb;L Ile Noyee Synchronization Driver (ps7ajbeb);C:\Windows\system32\drivers\ps7ajbeb.sys --> C:\Windows\system32\drivers\ps7ajbeb.sys [?]

R1 acedrv09;acedrv09;\??\C:\Windows\system32\drivers\acedrv09.sys --> C:\Windows\system32\drivers\acedrv09.sys [?]

R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]

R1 RapportCerberus_32301;RapportCerberus_32301;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_32301.sys [2011-11-7 396944]

R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2011-11-7 55056]

R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2011-11-7 61712]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2011-3-9 2708024]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-8-18 7390560]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]

R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2011-11-7 931640]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-3-10 1153368]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-26 136176]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-11-13 366152]

S2 pr2ajbeb;L Ile Noyee Drivers Auto Removal (pr2ajbeb);C:\Windows\system32\pr2ajbeb.exe svc --> C:\Windows\system32\pr2ajbeb.exe svc [?]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-5-21 947528]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-26 136176]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RapportKE64;RapportKE64;C:\Windows\system32\Drivers\RapportKE64.sys --> C:\Windows\system32\Drivers\RapportKE64.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2011-11-13 15:50:13 -------- d-----w- C:\Users\Ingram\AppData\Local\{A9F07859-4A01-4891-A6D5-D49205FC76DE}

2011-11-13 15:49:50 -------- d-----w- C:\Users\Ingram\AppData\Local\{8B778B79-FF9D-4319-9A8F-96E4341F18E6}

2011-11-13 15:08:33 709456 ----a-w- C:\Windows\isRS-000.tmp

2011-11-13 14:30:42 -------- d-----w- C:\Users\Ingram\AppData\Local\{1D22ACB9-CDB0-4B21-BE5D-EB9D48C8C995}

2011-11-13 14:30:21 -------- d-----w- C:\Users\Ingram\AppData\Local\{3D7AE66B-1B03-4C5D-9DD2-25BF930B82C6}

2011-11-13 14:00:01 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE

2011-11-13 01:01:49 -------- d-----w- C:\Users\Ingram\AppData\Local\{E42B08BD-1C29-4DAF-BBE3-379035570EA3}

2011-11-13 01:01:27 -------- d-----w- C:\Users\Ingram\AppData\Local\{7560777A-0D72-4755-AB89-916E693C8283}

2011-11-12 16:29:03 -------- d-----w- C:\Users\Ingram\AppData\Local\Skyrim

2011-11-12 16:26:19 519000 ----a-w- C:\Windows\System32\d3dx10_40.dll

2011-11-12 16:26:19 452440 ----a-w- C:\Windows\SysWow64\d3dx10_40.dll

2011-11-12 16:26:19 2605920 ----a-w- C:\Windows\System32\D3DCompiler_40.dll

2011-11-12 16:26:19 2036576 ----a-w- C:\Windows\SysWow64\D3DCompiler_40.dll

2011-11-12 16:26:18 5631312 ----a-w- C:\Windows\System32\D3DX9_40.dll

2011-11-12 16:26:18 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll

2011-11-12 16:19:16 -------- d-----w- C:\Program Files (x86)\The Elder Scrolls V Skyrim

2011-11-12 13:00:54 -------- d-----w- C:\Users\Ingram\AppData\Local\{828FF9D4-5E62-484A-B117-130DD2C5EF6E}

2011-11-12 13:00:43 -------- d-----w- C:\Users\Ingram\AppData\Local\{BABA40EF-A448-4678-A63C-8906813BF209}

2011-11-12 08:17:59 476904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

2011-11-12 00:40:38 -------- d-----w- C:\Users\Ingram\AppData\Local\{91253895-079F-453B-A828-5CA550EEE2A8}

2011-11-12 00:40:15 -------- d-----w- C:\Users\Ingram\AppData\Local\{D9B73A76-AAA6-4AFB-8970-C07457E46520}

2011-11-11 12:39:50 -------- d-----w- C:\Users\Ingram\AppData\Local\{8E73B70F-3AD4-413D-BA78-9B7AAB3167EC}

2011-11-11 12:39:39 -------- d-----w- C:\Users\Ingram\AppData\Local\{8FF63CEA-4877-4DDC-B258-76A5B072E8E4}

2011-11-10 16:18:28 -------- d-----w- C:\Users\Ingram\AppData\Local\{83223E52-BEAE-4722-9EB3-69C694546F3C}

2011-11-10 16:18:15 -------- d-----w- C:\Users\Ingram\AppData\Local\{D4411300-6FB6-4E06-A944-E163B301C69B}

2011-11-10 01:03:36 -------- d-----w- C:\Users\Ingram\AppData\Local\{18379ABF-1974-48BE-9F98-AA94696CA3CF}

2011-11-10 01:03:15 -------- d-----w- C:\Users\Ingram\AppData\Local\{3764DAFB-8644-4257-8F51-E58D81370383}

2011-11-09 23:00:53 -------- d-----w- C:\Program Files (x86)\Sony Media Go Install

2011-11-09 16:29:27 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2011-11-09 16:29:25 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll

2011-11-09 16:29:25 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll

2011-11-09 16:29:25 3144704 ----a-w- C:\Windows\System32\win32k.sys

2011-11-09 13:02:50 -------- d-----w- C:\Users\Ingram\AppData\Local\{002F819E-A717-4AB5-863C-FCA780FC7485}

2011-11-09 13:02:39 -------- d-----w- C:\Users\Ingram\AppData\Local\{2A394F82-BBEE-4BF3-84D5-16E5E8CA576F}

2011-11-08 14:53:48 -------- d-----w- C:\Users\Ingram\AppData\Local\{53919B3F-CB6B-432E-90D7-3F0D8298AC08}

2011-11-08 14:53:26 -------- d-----w- C:\Users\Ingram\AppData\Local\{17907764-027A-4322-9852-F6984C034C59}

2011-11-08 02:53:01 -------- d-----w- C:\Users\Ingram\AppData\Local\{83A31DD9-F3A1-471B-B834-7B9E4484E67D}

2011-11-08 02:52:40 -------- d-----w- C:\Users\Ingram\AppData\Local\{A011CBD9-016F-47BB-91E9-A4AA219912B3}

2011-11-07 14:52:15 -------- d-----w- C:\Users\Ingram\AppData\Local\{6C331BC6-EB51-41AD-9B0A-D4F4958F05DE}

2011-11-07 14:52:04 -------- d-----w- C:\Users\Ingram\AppData\Local\{14D949BD-C330-42AE-897D-71CFB0D32816}

2011-11-06 18:12:17 -------- d-----w- C:\Users\Ingram\AppData\Local\{4FA5E53C-FB7C-43D0-973E-962307D63040}

2011-11-06 18:11:55 -------- d-----w- C:\Users\Ingram\AppData\Local\{550AF4B3-9345-46D1-B295-6297374B8A17}

2011-11-06 02:33:58 -------- d-----w- C:\Users\Ingram\AppData\Local\{C0A6CB0B-2A2F-4A47-B435-49FA8CC49DE9}

2011-11-06 02:33:37 -------- d-----w- C:\Users\Ingram\AppData\Local\{636CD70B-2E3A-4594-80BC-96574B65882A}

2011-11-05 14:33:07 -------- d-----w- C:\Users\Ingram\AppData\Local\{DDB6D63C-2326-4DC0-B878-D5C172869948}

2011-11-05 14:32:45 -------- d-----w- C:\Users\Ingram\AppData\Local\{74B326D3-34B3-4241-A745-7F374EB9E506}

2011-11-05 02:32:20 -------- d-----w- C:\Users\Ingram\AppData\Local\{B4C158D4-10BE-447C-8AAE-A1414EBAF315}

2011-11-05 02:31:59 -------- d-----w- C:\Users\Ingram\AppData\Local\{574EB0EB-B2FB-4D49-A283-8440B6C2A218}

2011-11-04 14:31:34 -------- d-----w- C:\Users\Ingram\AppData\Local\{E3038D4D-0A01-485C-82B7-867FD091B279}

2011-11-04 14:31:13 -------- d-----w- C:\Users\Ingram\AppData\Local\{C2D7004E-82F3-4997-B82F-A3AA879E9B6E}

2011-11-04 02:30:49 -------- d-----w- C:\Users\Ingram\AppData\Local\{0AE509F0-29F9-4E21-A0F9-34D13CB0CF99}

2011-11-04 02:30:27 -------- d-----w- C:\Users\Ingram\AppData\Local\{36E5D318-CA4C-492C-8ED0-5F38DE0B2E18}

2011-11-03 14:30:02 -------- d-----w- C:\Users\Ingram\AppData\Local\{A4A25B2E-A6DD-4EC7-A3EC-C5A9B3EFEA2E}

2011-11-03 14:29:52 -------- d-----w- C:\Users\Ingram\AppData\Local\{5DFDD2CF-E8C3-4F61-AB68-599FB17A681B}

2011-11-02 23:59:45 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-11-02 22:43:27 -------- d-----w- C:\Users\Ingram\AppData\Local\{4C69E3A8-F7C8-4551-9F17-A1676B98C9B1}

2011-11-02 22:43:06 -------- d-----w- C:\Users\Ingram\AppData\Local\{20034FE8-351F-4D49-B8F0-BDDD762C3C63}

2011-11-02 10:42:41 -------- d-----w- C:\Users\Ingram\AppData\Local\{66137153-3FCD-423F-B80F-4E6883E6253C}

2011-11-02 10:42:15 -------- d-----w- C:\Users\Ingram\AppData\Local\{0C3C841A-04EE-42AE-9293-33C1733701BD}

2011-11-01 13:37:23 -------- d-----w- C:\Users\Ingram\AppData\Local\{4D11F40F-C3CF-46AD-8204-58F67DC231E9}

2011-11-01 13:37:12 -------- d-----w- C:\Users\Ingram\AppData\Local\{CAFE18E5-5F54-4433-B899-E64C41197C58}

2011-10-31 22:30:54 -------- d-----w- C:\Program Files (x86)\Doctor Who - The Gunpowder Plot

2011-10-31 14:21:20 -------- d-----w- C:\Users\Ingram\AppData\Local\{90EEDB31-1926-4D2E-9590-213FC1E2272D}

2011-10-31 14:20:53 -------- d-----w- C:\Users\Ingram\AppData\Local\{BD1C50CA-59EC-47B3-B286-B9BB2560D026}

2011-10-30 21:35:59 -------- d-----w- C:\Users\Ingram\AppData\Local\{390CDF35-6D5D-4DC0-BD22-36BF49802BE8}

2011-10-30 21:35:48 -------- d-----w- C:\Users\Ingram\AppData\Local\{E2DA6D31-E3D4-4F95-9907-EC3A4827FBF9}

2011-10-29 15:47:52 -------- d-----w- C:\Users\Ingram\AppData\Local\{1CFF239E-9A78-46AC-9AEC-FF194BC251D0}

2011-10-29 15:47:41 -------- d-----w- C:\Users\Ingram\AppData\Local\{9D973E80-3495-4667-A2E4-DC6196A7B20C}

2011-10-28 10:53:07 -------- d-----w- C:\Users\Ingram\AppData\Local\{FA11A19E-73AB-4C14-8566-D585D154AC6C}

2011-10-28 10:52:52 -------- d-----w- C:\Users\Ingram\AppData\Local\{1943E050-7977-42F0-9E39-AF6F065DE3AE}

2011-10-27 21:16:09 89312 ----a-w- C:\Windows\SysWow64\acedrv09.dll

2011-10-27 21:16:09 134880 ----a-w- C:\Windows\System32\drivers\acedrv09.sys

2011-10-27 14:24:14 -------- d-----w- C:\Users\Ingram\AppData\Local\{16FBDADB-16DA-43EE-BFF3-8AD9D1289D35}

2011-10-27 14:24:00 -------- d-----w- C:\Users\Ingram\AppData\Local\{2CA8B336-3A5B-4B7E-A3AC-7FDB8985FD0B}

2011-10-26 13:57:53 -------- d-----w- C:\Users\Ingram\AppData\Local\{C3DC6AE0-5869-41D7-8E98-D51EB30E3E75}

2011-10-26 13:57:40 -------- d-----w- C:\Users\Ingram\AppData\Local\{D8A05A02-A12C-4BA5-A06F-2C3CE2E647D0}

2011-10-25 20:33:43 -------- d-----w- C:\Users\Ingram\AppData\Local\{F0C63D02-9CC6-4932-902A-C277A21B7510}

2011-10-25 20:33:32 -------- d-----w- C:\Users\Ingram\AppData\Local\{6E6DCB44-3303-4FC2-8D8C-D7A1DBCAF34C}

2011-10-25 01:31:22 -------- d-----w- C:\Users\Ingram\AppData\Local\{10C4C448-8D7A-444D-A41B-6324401E6BC3}

2011-10-25 01:31:00 -------- d-----w- C:\Users\Ingram\AppData\Local\{2C36B9F4-CFEF-43FA-A58F-F8B9CF13156B}

2011-10-24 13:30:36 -------- d-----w- C:\Users\Ingram\AppData\Local\{D0138C6E-19B3-443E-A248-4316207BD176}

2011-10-24 13:30:24 -------- d-----w- C:\Users\Ingram\AppData\Local\{248B70EF-E627-4140-82DE-113228A4068E}

2011-10-23 22:17:12 -------- d-----w- C:\Users\Ingram\AppData\Local\{E7956C70-95F8-49F7-A7EB-15DBC0E84857}

2011-10-23 22:17:01 -------- d-----w- C:\Users\Ingram\AppData\Local\{3A14E25B-7FDA-4C6E-905E-0334DF5DF07A}

2011-10-23 11:53:18 -------- d-----w- C:\Users\Ingram\AppData\Local\{85E85958-AEBF-491D-8F99-EEA8B9919972}

2011-10-23 11:53:07 -------- d-----w- C:\Users\Ingram\AppData\Local\{6ABDD961-5E24-4317-A51C-1233523849A4}

2011-10-22 21:15:13 -------- d-----w- C:\Users\Ingram\AppData\Local\{49741CB3-5E4F-433D-A4A5-22A7C287F3F2}

2011-10-22 21:14:51 -------- d-----w- C:\Users\Ingram\AppData\Local\{F7A77372-8505-42E8-9BC4-3580FC16570D}

2011-10-22 12:04:50 63760 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys

2011-10-22 12:04:40 -------- d-----w- C:\Program Files (x86)\Trusteer

2011-10-22 04:08:55 -------- d-----w- C:\Users\Ingram\AppData\Local\{612A6A13-807F-483A-A7FE-9A3CAE350917}

2011-10-22 04:08:33 -------- d-----w- C:\Users\Ingram\AppData\Local\{340B2C35-7093-44B4-B641-10287E78D21B}

2011-10-21 13:15:35 -------- d-----w- C:\Users\Ingram\AppData\Local\{B39A41F1-926B-4FBD-9850-13B2FE873FB6}

2011-10-21 13:15:20 -------- d-----w- C:\Users\Ingram\AppData\Local\{20F28AE7-D33F-4B70-9D52-BD790E6C8401}

2011-10-21 01:14:53 -------- d-----w- C:\Users\Ingram\AppData\Local\{808BC569-23DF-4FD4-9018-671A1295E724}

2011-10-21 01:14:32 -------- d-----w- C:\Users\Ingram\AppData\Local\{DBEBE7C4-A58D-4C81-A277-4E8E2FF5B10A}

2011-10-20 13:03:38 -------- d-----w- C:\Users\Ingram\AppData\Local\{B073F1F3-3F09-4205-B388-CC4A089381E0}

2011-10-20 13:03:26 -------- d-----w- C:\Users\Ingram\AppData\Local\{E8744BEA-B729-49FB-A68F-B36E931ABC4F}

2011-10-19 23:43:42 -------- d-----w- C:\Users\Ingram\AppData\Local\{D84CD36B-EE01-4778-AA8F-1C259DAA7F60}

2011-10-19 23:43:21 -------- d-----w- C:\Users\Ingram\AppData\Local\{8876CFD1-7DE8-4E56-B85A-43B04BC02D57}

2011-10-19 11:42:56 -------- d-----w- C:\Users\Ingram\AppData\Local\{EBD31224-F100-470A-B953-D106C80C59D9}

2011-10-19 11:42:42 -------- d-----w- C:\Users\Ingram\AppData\Local\{30EE62CD-4B96-4CF3-9D73-21CE2D8C9CCC}

2011-10-18 13:33:37 -------- d-----w- C:\Users\Ingram\AppData\Local\{2FEBC8E1-9418-4550-B9B4-FDA1A6619F70}

2011-10-18 13:33:25 -------- d-----w- C:\Users\Ingram\AppData\Local\{20AE55E2-8300-4A7F-97D7-E863156ED946}

2011-10-17 13:30:39 -------- d-----w- C:\Users\Ingram\AppData\Local\{E604425C-CE70-42B3-A49F-25746BAF46A7}

2011-10-17 13:30:28 -------- d-----w- C:\Users\Ingram\AppData\Local\{3F59500E-87BC-48E6-8B1A-0D9BDA6EBCAF}

2011-10-17 00:42:11 -------- d-----w- C:\Users\Ingram\AppData\Local\{7285D842-7FF2-4A5F-ABA2-54E4CB985B1E}

2011-10-17 00:41:50 -------- d-----w- C:\Users\Ingram\AppData\Local\{B2041332-1BA8-433B-8AEC-543D9CE04FED}

2011-10-16 09:14:23 -------- d-----w- C:\Users\Ingram\AppData\Local\{D468FB41-0D9F-4712-8B1D-C399FD53B431}

2011-10-16 09:13:57 -------- d-----w- C:\Users\Ingram\AppData\Local\{0053907D-B267-4A8F-BEB9-CFE0E7A69214}

2011-10-15 15:21:29 -------- d-----w- C:\Users\Ingram\AppData\Local\{31466B0F-28DF-4112-8104-FB42335D1FDE}

2011-10-15 15:21:08 -------- d-----w- C:\Users\Ingram\AppData\Local\{FC30146C-5FFD-41CF-BCCB-58A5210E234E}

2011-10-15 03:20:42 -------- d-----w- C:\Users\Ingram\AppData\Local\{565B17DA-8F0A-4081-88B1-EE9D29E89935}

2011-10-15 03:20:22 -------- d-----w- C:\Users\Ingram\AppData\Local\{0ACB6814-6EF0-45B0-8354-F4BF60C4611C}

.

==================== Find3M ====================

.

2011-10-21 09:23:33 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-10-03 05:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-09-23 01:27:38 320040 ----a-w- C:\Windows\System32\drivers\k57nd60a.sys

2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll

2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll

2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-08-31 17:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-08-27 05:37:49 861696 ----a-w- C:\Windows\System32\oleaut32.dll

2011-08-27 05:37:48 331776 ----a-w- C:\Windows\System32\oleacc.dll

2011-08-27 04:26:27 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-08-27 04:26:27 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll

2011-08-17 05:26:46 613888 ----a-w- C:\Windows\System32\psisdecd.dll

2011-08-17 05:25:08 108032 ----a-w- C:\Windows\System32\psisrndr.ax

2011-08-17 04:24:12 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll

2011-08-17 04:19:27 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax

2010-07-22 02:19:04 3450216 --sh--w- C:\Windows\h2.exe

2010-07-22 02:19:06 5792768 --sh--w- C:\Windows\TheThing.exe

.

============= FINISH: 15:54:11.16 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 10/03/2011 14:39:08

System Uptime: 13/11/2011 15:15:49 (0 hours ago)

.

Motherboard: FOXCONN | | P55A Series

Processor: Intel® Core i5 CPU 650 @ 3.20GHz | CPU 1 | 3201/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 588 GiB total, 36.048 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

G: is Removable

H: is Removable

I: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Adobe AIR

Adobe Flash Player 10 Plugin

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.1)

AMD DnD V1.0.20

Amerzone

Apple Application Support

Apple Software Update

Application Profiles

Back to the Future The Game - Episode 1

Broken Sword - The Angel of Death

BufferChm

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center HydraVision Full

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Combined Community Codec Pack 2011-07-30

Copy

D3DX10

DAEMON Tools Lite

Destinations

DeviceDiscovery

DJ_AIO_03_F4200_Software_Min

Doctor Who: The Gunpowder Plot

DVD Shrink 3.2

EA Shared Game Component: Activation

F4200

Fallout 3

Far Cry (Patch 1)

Far Cry (Patch 1.3)

Far Cry (Patch 1.31)

Far Cry (Patch 1.32)

GIMP 2.6.11

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

GPBaseService2

Hitman - Codename 47

Hitman 2: Silent Assassin

Hitman Blood Money

Hitman: Contracts

HP Update

HPDiagnosticAlert

HPPhotoGadget

HPPhotoSmartDiscLabelContent1

HPPhotosmartEssential

HPProductAssistant

HPSSupply

HydraVision

Java Auto Updater

Java 6 Update 29

Junk Mail filter update

Malwarebytes' Anti-Malware

MarketResearch

Media Go

Media Go Video Playback Engine 1.84.104.07010

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office 2010

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Click-to-Run 2010

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Starter 2010 - English

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable - KB2467175

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MindMaster

MKVtoolnix 4.6.0

Morrowind

Mozilla Firefox 4.0.1 (x86 en-GB)

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero Burning ROM 10

Nero BurningROM 10 Help (CHM)

Nero BurnRights 10

Nero BurnRights 10 Help (CHM)

Nero Control Center 10

Nero ControlCenter 10 Help (CHM)

Nero Core Components 10

NVIDIA PhysX

Oblivion

Oblivion - Horse Armor Pack

Oblivion - Knights of the Nine

Oblivion - Mehrunes Razor

Oblivion - Orrery

Oblivion - Spell Tomes

Oblivion - The Fighter's Stronghold

Oblivion - Thieves Den

Oblivion - Vile Lair

Oblivion - Wizard's Tower

Paradise

Platform

PlayStation®Network Downloader

PlayStation®Store

Portal

QuickTime

Rapport

Scan

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553074)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2553073)

Security Update for Microsoft Office Groove 2007 (KB2552997)

Security Update for Microsoft Office InfoPath 2007 (KB2510061)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2535818)

Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

SILENT HILL 3

Sinking Island

Skype™ 5.3

SmartWebPrinting

SolutionCenter

Spybot - Search & Destroy

Star Wars Jedi Knight Jedi Academy

Star Wars: Knights of the Old Republic

Status

Steam

Syberia

Syberia2

Tales of Monkey Island - Launch of the Screaming Narwhal

TES Construction Set

Toolbox

TrayApp

Ultimate Paint 2.88

UnloadSupport

Unofficial Oblivion Patch v3.2.0

Unofficial Official Mods Patch v11

Update for 2007 Microsoft Office System (KB2284654)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2583910)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update for Outlook 2007 Junk Email Filter (KB2596560)

VIA Platform Device Manager

Visual IRC 2.0

Visual Studio 2008 x64 Redistributables

VLC media player 1.1.9

WebReg

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR 4.00 (32-bit)

Wolfenstein

Wolfenstein 1.11 Patch

Wolfenstein 1.2 Patch

Yahoo! Messenger

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

13/11/2011 15:42:16, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).

13/11/2011 15:16:22, Error: Service Control Manager [7000] - The atksgt service failed to start due to the following error: This driver has been blocked from loading

13/11/2011 15:16:22, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading.

13/11/2011 15:16:21, Error: Service Control Manager [7000] - The AffinegyService service failed to start due to the following error: The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.

13/11/2011 13:49:49, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00d263000, 0x0000000000000000, 0xfffff880040a5c02, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111311-47159-01.

13/11/2011 13:49:37, Error: volsnap [25] - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.

12/11/2011 00:56:25, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {B3EDE298-AE75-4A1C-AB7E-1B9229B77BBE} as /. The error: "740" Happened while starting this command: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -Embedding

10/11/2011 21:36:42, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Ingram-PC\Ingram SID (S-1-5-21-2352999235-1548520390-3874988718-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

09/11/2011 16:45:50, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a0125bf000, 0x0000000000000000, 0xfffff88004383c02, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 110911-25272-01.

09/11/2011 10:32:36, Error: Service Control Manager [7034] - The Rapport Management Service service terminated unexpectedly. It has done this 1 time(s).

.

==== End Of File ===========================

Link to post
Share on other sites

Here are the logs, I assume you don't need the Attach log?

ComboFix 11-11-18.02 - Ingram 19/11/2011 2:28.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4023.2311 [GMT 0:00]

Running from: c:\users\Ingram\Desktop\ComboFix.exe

AV: AVG Internet Security 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}

SP: AVG Internet Security 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\TTG\Reminder\Reminder.exe

c:\windows\h2.exe

c:\windows\isRS-000.tmp

c:\windows\system32\drivers\etc\lmhosts

.

.

((((((((((((((((((((((((( Files Created from 2011-10-19 to 2011-11-19 )))))))))))))))))))))))))))))))

.

.

2011-11-19 02:35 . 2011-11-19 02:35 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-11-13 14:00 . 2011-11-13 14:00 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE

2011-11-12 16:29 . 2011-11-12 16:29 -------- d-----w- c:\users\Ingram\AppData\Local\Skyrim

2011-11-12 16:26 . 2008-10-15 06:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll

2011-11-12 16:26 . 2008-10-15 06:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll

2011-11-12 16:26 . 2008-10-15 06:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll

2011-11-12 16:26 . 2008-10-15 06:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll

2011-11-12 16:26 . 2008-10-15 06:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll

2011-11-12 16:26 . 2008-10-15 06:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll

2011-11-12 16:19 . 2011-11-18 02:25 -------- d-----w- c:\program files (x86)\The Elder Scrolls V Skyrim

2011-11-12 08:18 . 2011-11-12 08:18 -------- d-----w- c:\program files (x86)\Common Files\Java

2011-11-12 08:17 . 2011-10-03 05:06 476904 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

2011-11-09 23:00 . 2011-11-09 23:04 -------- d-----w- c:\program files (x86)\Sony Media Go Install

2011-11-09 16:29 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-11-09 16:29 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll

2011-11-09 16:29 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll

2011-11-09 16:29 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys

2011-11-03 06:59 . 2011-11-03 06:59 917816 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll

2011-11-02 23:59 . 2011-11-15 01:36 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-10-31 22:30 . 2011-10-31 22:34 -------- d-----w- c:\program files (x86)\Doctor Who - The Gunpowder Plot

2011-10-27 21:16 . 2011-10-27 21:16 89312 ----a-w- c:\windows\SysWow64\acedrv09.dll

2011-10-27 21:16 . 2011-10-27 21:16 134880 ----a-w- c:\windows\system32\drivers\acedrv09.sys

2011-10-22 12:04 . 2011-11-07 21:28 63760 ----a-w- c:\windows\system32\drivers\RapportKE64.sys

2011-10-22 12:04 . 2011-10-22 12:04 -------- d-----w- c:\program files (x86)\Trusteer

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-21 09:23 . 2011-05-20 08:11 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-10-03 05:06 . 2011-04-12 13:56 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2011-09-23 01:27 . 2011-09-23 01:27 320040 ----a-w- c:\windows\system32\drivers\k57nd60a.sys

2011-09-08 17:44 . 2011-09-08 17:44 2301208 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2011-09-01 05:24 . 2011-10-14 02:00 2309120 ----a-w- c:\windows\system32\jscript9.dll

2011-09-01 05:17 . 2011-10-14 02:00 1389056 ----a-w- c:\windows\system32\wininet.dll

2011-09-01 05:12 . 2011-10-14 02:00 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-09-01 02:35 . 2011-10-14 02:00 1798144 ----a-w- c:\windows\SysWow64\jscript9.dll

2011-09-01 02:28 . 2011-10-14 02:00 1126912 ----a-w- c:\windows\SysWow64\wininet.dll

2011-09-01 02:22 . 2011-10-14 02:00 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2011-08-31 17:00 . 2011-03-10 15:58 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-27 05:37 . 2011-10-13 14:58 861696 ----a-w- c:\windows\system32\oleaut32.dll

2011-08-27 05:37 . 2011-10-13 14:58 331776 ----a-w- c:\windows\system32\oleacc.dll

2011-08-27 04:26 . 2011-10-13 14:58 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll

2011-08-27 04:26 . 2011-10-13 14:58 233472 ----a-w- c:\windows\SysWow64\oleacc.dll

2011-08-21 04:29 . 2011-08-21 04:29 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2011-08-21 04:29 . 2011-08-21 04:29 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2011-08-21 04:29 . 2011-08-21 04:29 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2011-08-21 04:29 . 2011-08-21 04:29 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2011-08-21 04:29 . 2011-08-21 04:29 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2011-08-21 04:29 . 2011-08-21 04:29 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2011-08-21 04:29 . 2011-08-21 04:29 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2011-08-21 04:29 . 2011-08-21 04:29 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2011-08-21 04:29 . 2011-08-21 04:29 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2011-08-21 04:29 . 2011-08-21 04:29 367104 ----a-w- c:\windows\SysWow64\html.iec

2011-08-21 04:29 . 2011-08-21 04:29 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2011-08-21 04:29 . 2011-08-21 04:29 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2011-08-21 04:29 . 2011-08-21 04:29 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2011-08-21 04:29 . 2011-08-21 04:29 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2011-08-21 04:29 . 2011-08-21 04:29 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2011-08-21 04:29 . 2011-08-21 04:29 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2011-08-21 04:29 . 2011-08-21 04:29 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2011-08-21 04:29 . 2011-08-21 04:29 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2011-08-21 04:29 . 2011-08-21 04:29 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2011-08-21 04:29 . 2011-08-21 04:29 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2011-08-21 04:29 . 2011-08-21 04:29 76800 ----a-w- c:\windows\system32\tdc.ocx

2011-08-21 04:29 . 2011-08-21 04:29 49664 ----a-w- c:\windows\system32\imgutil.dll

2011-08-21 04:29 . 2011-08-21 04:29 48640 ----a-w- c:\windows\system32\mshtmler.dll

2011-08-21 04:29 . 2011-08-21 04:29 448512 ----a-w- c:\windows\system32\html.iec

2011-08-21 04:29 . 2011-08-21 04:29 222208 ----a-w- c:\windows\system32\msls31.dll

2011-08-21 04:29 . 2011-08-21 04:29 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2011-08-21 04:29 . 2011-08-21 04:29 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2011-08-21 04:29 . 2011-08-21 04:29 12288 ----a-w- c:\windows\system32\mshta.exe

2011-08-21 04:29 . 2011-08-21 04:29 114176 ----a-w- c:\windows\system32\admparse.dll

2011-08-21 04:29 . 2011-08-21 04:29 111616 ----a-w- c:\windows\system32\iesysprep.dll

2011-08-21 04:29 . 2011-08-21 04:29 85504 ----a-w- c:\windows\system32\iesetup.dll

2011-08-21 04:29 . 2011-08-21 04:29 603648 ----a-w- c:\windows\system32\vbscript.dll

2011-08-21 04:29 . 2011-08-21 04:29 30720 ----a-w- c:\windows\system32\licmgr10.dll

2011-08-21 04:29 . 2011-08-21 04:29 165888 ----a-w- c:\windows\system32\iexpress.exe

2011-08-21 04:29 . 2011-08-21 04:29 160256 ----a-w- c:\windows\system32\wextract.exe

2011-08-21 04:29 . 2011-08-21 04:29 1492992 ----a-w- c:\windows\system32\inetcpl.cpl

2010-07-22 02:19 5792768 --sh--w- c:\windows\TheThing.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]

2011-03-18 07:11 2471240 ----a-w- c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-03-18 2471240]

.

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-26 39408]

"MindMaster"="c:\mindmaster\MindMasterV2.exe" [2010-09-07 3870720]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-02 98304]

"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-18 2787840]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG10\avgtray.exe" [2011-09-10 2338656]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG10\avgchsva.exe /sync\0c:\progra~2\AVG\AVG10\avgrsa.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-26 136176]

R2 pr2ajbeb;L Ile Noyee Drivers Auto Removal (pr2ajbeb);c:\windows\system32\pr2ajbeb.exe svc [x]

R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-03-18 947528]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-26 136176]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 RapportKE64;RapportKE64;c:\windows\system32\Drivers\RapportKE64.sys [x]

R3 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]

S0 pe3ajbeb;L Ile Noyee Environment Driver (pe3ajbeb);c:\windows\system32\drivers\pe3ajbeb.sys [x]

S0 ps7ajbeb;L Ile Noyee Synchronization Driver (ps7ajbeb);c:\windows\system32\drivers\ps7ajbeb.sys [x]

S1 acedrv09;acedrv09;c:\windows\system32\drivers\acedrv09.sys [x]

S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [x]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

S1 RapportCerberus_32301;RapportCerberus_32301;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_32301.sys [2011-11-07 396944]

S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2011-11-07 55056]

S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2011-11-07 61712]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG10\avgfws.exe [2011-03-09 2708024]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-08-18 7390560]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]

S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2011-11-07 931640]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]

S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]

2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe

.

Contents of the 'Scheduled Tasks' folder

.

2011-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-26 11:14]

.

2011-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-26 11:14]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.animenewsnetwork.com/

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 194.168.4.100 194.168.8.100

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

FF - ProfilePath - c:\users\Ingram\AppData\Roaming\Mozilla\Firefox\Profiles\79lwzoq0.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4dd76716&v=6.103.018.001&i=26&tp=ab&iy=&ychte=uk&lng=en-GB&q=

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKCU-Run-Reminder - c:\program files (x86)\TTG\Reminder\Reminder.exe

Wow6432Node-HKCU-Run-Recovery Backup Wizard - c:\program files (x86)\TTG\Reminder\Reminder.exe

Wow6432Node-HKCU-Run-DriverFinder - c:\program files (x86)\DriverFinder\DriverFinder.exe

Toolbar-Locked - (no file)

HKLM-Run-VIAAUD - c:\program files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-2352999235-1548520390-3874988718-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-2352999235-1548520390-3874988718-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_USERS\S-1-5-21-2352999235-1548520390-3874988718-1001\Software\SecuROM\License information*]

"datasecu"=hex:c9,08,f0,17,eb,eb,e3,24,3f,90,a9,86,5b,68,4d,c6,2f,8f,43,8e,d9,

53,2b,e6,44,e7,6a,96,12,39,4c,3d,cf,1c,a4,83,b2,6e,28,7c,98,5c,44,7c,f8,67,\

"rkeysecu"=hex:16,b8,0d,11,ec,d5,1b,f9,3b,16,16,12,19,44,72,89

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Trusteer\Rapport\bin\RapportService.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\AVG\AVG10\avgam.exe

.

**************************************************************************

.

Completion time: 2011-11-19 02:43:42 - machine was rebooted

ComboFix-quarantined-files.txt 2011-11-19 02:43

.

Pre-Run: 100,606,816,256 bytes free

Post-Run: 100,598,362,112 bytes free

.

- - End Of File - - 41AB9F6DD5F8FCCE4C28021B6A83318E

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29

Run by Ingram at 2:47:53 on 2011-11-19

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4023.2270 [GMT 0:00]

.

AV: AVG Internet Security 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Internet Security 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG10\avgchsva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG10\avgfws.exe

C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files (x86)\AVG\AVG10\avgam.exe

C:\Program Files (x86)\AVG\AVG10\avgnsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\AVG\AVG10\avgemca.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\PROGRA~2\AVG\AVG10\avgrsa.exe

C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe

C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\AVG\AVG10\avgtray.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.animenewsnetwork.com/

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [MindMaster] C:\MindMaster\MindMasterV2.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 194.168.4.100 194.168.8.100

TCP: Interfaces\{2D31FF00-B526-4D6D-B89A-5902FE28FD4C} : DhcpNameServer = 194.168.4.100 194.168.8.100

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO-X64: HP Print Enhancer - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

BHO-X64: HP Smart BHO Class - No File

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

TB-X64: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

mRun-x64: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe

mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Ingram\AppData\Roaming\Mozilla\Firefox\Profiles\79lwzoq0.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4dd76716&v=6.103.018.001&i=26&tp=ab&iy=&ychte=uk&lng=en-GB&q=

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R0 pe3ajbeb;L Ile Noyee Environment Driver (pe3ajbeb);C:\Windows\system32\drivers\pe3ajbeb.sys --> C:\Windows\system32\drivers\pe3ajbeb.sys [?]

R0 ps7ajbeb;L Ile Noyee Synchronization Driver (ps7ajbeb);C:\Windows\system32\drivers\ps7ajbeb.sys --> C:\Windows\system32\drivers\ps7ajbeb.sys [?]

R1 acedrv09;acedrv09;\??\C:\Windows\system32\drivers\acedrv09.sys --> C:\Windows\system32\drivers\acedrv09.sys [?]

R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]

R1 RapportCerberus_32301;RapportCerberus_32301;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_32301.sys [2011-11-7 396944]

R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2011-11-7 55056]

R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2011-11-7 61712]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2011-3-9 2708024]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-8-18 7390560]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-11-13 366152]

R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2011-11-7 931640]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-3-10 1153368]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-26 136176]

S2 pr2ajbeb;L Ile Noyee Drivers Auto Removal (pr2ajbeb);C:\Windows\system32\pr2ajbeb.exe svc --> C:\Windows\system32\pr2ajbeb.exe svc [?]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-5-21 947528]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-26 136176]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RapportKE64;RapportKE64;C:\Windows\system32\Drivers\RapportKE64.sys --> C:\Windows\system32\Drivers\RapportKE64.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2011-11-19 02:46:54 -------- d-sh--w- C:\$RECYCLE.BIN

2011-11-19 02:26:58 98816 ----a-w- C:\Windows\sed.exe

2011-11-19 02:26:58 518144 ----a-w- C:\Windows\SWREG.exe

2011-11-19 02:26:58 256000 ----a-w- C:\Windows\PEV.exe

2011-11-19 02:26:58 208896 ----a-w- C:\Windows\MBR.exe

2011-11-19 01:52:40 -------- d-----w- C:\Users\Ingram\AppData\Local\{02E83FCE-0583-4F93-B98C-F704DA0FBDCA}

2011-11-18 13:52:06 -------- d-----w- C:\Users\Ingram\AppData\Local\{3DF21684-4EA7-407F-9002-76D2DAE53C0F}

2011-11-18 13:51:55 -------- d-----w- C:\Users\Ingram\AppData\Local\{A72E0544-62FE-4B71-81AD-1D106A6B983E}

2011-11-17 12:57:10 -------- d-----w- C:\Users\Ingram\AppData\Local\{66670651-4447-4EA3-ABEB-BC618F508ED0}

2011-11-17 12:56:58 -------- d-----w- C:\Users\Ingram\AppData\Local\{DC27C6E3-CAA0-4726-911E-BDCEE7C6F948}

2011-11-16 11:50:37 -------- d-----w- C:\Users\Ingram\AppData\Local\{0388AE62-AFA0-475E-8EB9-332EDD823466}

2011-11-16 11:50:25 -------- d-----w- C:\Users\Ingram\AppData\Local\{A07BBA61-CE5A-4FDA-BF64-586ED1E7062D}

2011-11-15 15:23:53 -------- d-----w- C:\Users\Ingram\AppData\Local\{172C0CA3-3A47-492F-9CB8-D670F9738A2C}

2011-11-15 15:23:43 -------- d-----w- C:\Users\Ingram\AppData\Local\{A2AB154D-EE97-44BB-A7CB-355D1447F695}

2011-11-15 03:23:17 -------- d-----w- C:\Users\Ingram\AppData\Local\{EB627A47-F2A1-4127-A5B4-25FD693CA956}

2011-11-15 03:23:04 -------- d-----w- C:\Users\Ingram\AppData\Local\{B275F6C7-B844-40A7-BE7F-61C63743E2CD}

2011-11-14 15:21:15 -------- d-----w- C:\Users\Ingram\AppData\Local\{FEE3AC2C-07A1-4AAC-8800-14E76B6274BB}

2011-11-14 15:21:03 -------- d-----w- C:\Users\Ingram\AppData\Local\{7C8EEB4B-CD81-4590-8E2D-F1999D9BCECA}

2011-11-13 15:50:13 -------- d-----w- C:\Users\Ingram\AppData\Local\{A9F07859-4A01-4891-A6D5-D49205FC76DE}

2011-11-13 15:49:50 -------- d-----w- C:\Users\Ingram\AppData\Local\{8B778B79-FF9D-4319-9A8F-96E4341F18E6}

2011-11-13 14:30:42 -------- d-----w- C:\Users\Ingram\AppData\Local\{1D22ACB9-CDB0-4B21-BE5D-EB9D48C8C995}

2011-11-13 14:30:21 -------- d-----w- C:\Users\Ingram\AppData\Local\{3D7AE66B-1B03-4C5D-9DD2-25BF930B82C6}

2011-11-13 14:00:01 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE

2011-11-13 01:01:49 -------- d-----w- C:\Users\Ingram\AppData\Local\{E42B08BD-1C29-4DAF-BBE3-379035570EA3}

2011-11-13 01:01:27 -------- d-----w- C:\Users\Ingram\AppData\Local\{7560777A-0D72-4755-AB89-916E693C8283}

2011-11-12 16:29:03 -------- d-----w- C:\Users\Ingram\AppData\Local\Skyrim

2011-11-12 16:26:19 519000 ----a-w- C:\Windows\System32\d3dx10_40.dll

2011-11-12 16:26:19 452440 ----a-w- C:\Windows\SysWow64\d3dx10_40.dll

2011-11-12 16:26:19 2605920 ----a-w- C:\Windows\System32\D3DCompiler_40.dll

2011-11-12 16:26:19 2036576 ----a-w- C:\Windows\SysWow64\D3DCompiler_40.dll

2011-11-12 16:26:18 5631312 ----a-w- C:\Windows\System32\D3DX9_40.dll

2011-11-12 16:26:18 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll

2011-11-12 16:19:16 -------- d-----w- C:\Program Files (x86)\The Elder Scrolls V Skyrim

2011-11-12 13:00:54 -------- d-----w- C:\Users\Ingram\AppData\Local\{828FF9D4-5E62-484A-B117-130DD2C5EF6E}

2011-11-12 13:00:43 -------- d-----w- C:\Users\Ingram\AppData\Local\{BABA40EF-A448-4678-A63C-8906813BF209}

2011-11-12 08:17:59 476904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

2011-11-12 00:40:38 -------- d-----w- C:\Users\Ingram\AppData\Local\{91253895-079F-453B-A828-5CA550EEE2A8}

2011-11-12 00:40:15 -------- d-----w- C:\Users\Ingram\AppData\Local\{D9B73A76-AAA6-4AFB-8970-C07457E46520}

2011-11-11 12:39:50 -------- d-----w- C:\Users\Ingram\AppData\Local\{8E73B70F-3AD4-413D-BA78-9B7AAB3167EC}

2011-11-11 12:39:39 -------- d-----w- C:\Users\Ingram\AppData\Local\{8FF63CEA-4877-4DDC-B258-76A5B072E8E4}

2011-11-10 16:18:28 -------- d-----w- C:\Users\Ingram\AppData\Local\{83223E52-BEAE-4722-9EB3-69C694546F3C}

2011-11-10 16:18:15 -------- d-----w- C:\Users\Ingram\AppData\Local\{D4411300-6FB6-4E06-A944-E163B301C69B}

2011-11-10 01:03:36 -------- d-----w- C:\Users\Ingram\AppData\Local\{18379ABF-1974-48BE-9F98-AA94696CA3CF}

2011-11-10 01:03:15 -------- d-----w- C:\Users\Ingram\AppData\Local\{3764DAFB-8644-4257-8F51-E58D81370383}

2011-11-09 23:00:53 -------- d-----w- C:\Program Files (x86)\Sony Media Go Install

2011-11-09 16:29:27 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2011-11-09 16:29:25 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll

2011-11-09 16:29:25 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll

2011-11-09 16:29:25 3144704 ----a-w- C:\Windows\System32\win32k.sys

2011-11-09 13:02:50 -------- d-----w- C:\Users\Ingram\AppData\Local\{002F819E-A717-4AB5-863C-FCA780FC7485}

2011-11-09 13:02:39 -------- d-----w- C:\Users\Ingram\AppData\Local\{2A394F82-BBEE-4BF3-84D5-16E5E8CA576F}

2011-11-08 14:53:48 -------- d-----w- C:\Users\Ingram\AppData\Local\{53919B3F-CB6B-432E-90D7-3F0D8298AC08}

2011-11-08 14:53:26 -------- d-----w- C:\Users\Ingram\AppData\Local\{17907764-027A-4322-9852-F6984C034C59}

2011-11-08 02:53:01 -------- d-----w- C:\Users\Ingram\AppData\Local\{83A31DD9-F3A1-471B-B834-7B9E4484E67D}

2011-11-08 02:52:40 -------- d-----w- C:\Users\Ingram\AppData\Local\{A011CBD9-016F-47BB-91E9-A4AA219912B3}

2011-11-07 14:52:15 -------- d-----w- C:\Users\Ingram\AppData\Local\{6C331BC6-EB51-41AD-9B0A-D4F4958F05DE}

2011-11-07 14:52:04 -------- d-----w- C:\Users\Ingram\AppData\Local\{14D949BD-C330-42AE-897D-71CFB0D32816}

2011-11-06 18:12:17 -------- d-----w- C:\Users\Ingram\AppData\Local\{4FA5E53C-FB7C-43D0-973E-962307D63040}

2011-11-06 18:11:55 -------- d-----w- C:\Users\Ingram\AppData\Local\{550AF4B3-9345-46D1-B295-6297374B8A17}

2011-11-06 02:33:58 -------- d-----w- C:\Users\Ingram\AppData\Local\{C0A6CB0B-2A2F-4A47-B435-49FA8CC49DE9}

2011-11-06 02:33:37 -------- d-----w- C:\Users\Ingram\AppData\Local\{636CD70B-2E3A-4594-80BC-96574B65882A}

2011-11-05 14:33:07 -------- d-----w- C:\Users\Ingram\AppData\Local\{DDB6D63C-2326-4DC0-B878-D5C172869948}

2011-11-05 14:32:45 -------- d-----w- C:\Users\Ingram\AppData\Local\{74B326D3-34B3-4241-A745-7F374EB9E506}

2011-11-05 02:32:20 -------- d-----w- C:\Users\Ingram\AppData\Local\{B4C158D4-10BE-447C-8AAE-A1414EBAF315}

2011-11-05 02:31:59 -------- d-----w- C:\Users\Ingram\AppData\Local\{574EB0EB-B2FB-4D49-A283-8440B6C2A218}

2011-11-04 14:31:34 -------- d-----w- C:\Users\Ingram\AppData\Local\{E3038D4D-0A01-485C-82B7-867FD091B279}

2011-11-04 14:31:13 -------- d-----w- C:\Users\Ingram\AppData\Local\{C2D7004E-82F3-4997-B82F-A3AA879E9B6E}

2011-11-04 02:30:49 -------- d-----w- C:\Users\Ingram\AppData\Local\{0AE509F0-29F9-4E21-A0F9-34D13CB0CF99}

2011-11-04 02:30:27 -------- d-----w- C:\Users\Ingram\AppData\Local\{36E5D318-CA4C-492C-8ED0-5F38DE0B2E18}

2011-11-03 14:30:02 -------- d-----w- C:\Users\Ingram\AppData\Local\{A4A25B2E-A6DD-4EC7-A3EC-C5A9B3EFEA2E}

2011-11-03 14:29:52 -------- d-----w- C:\Users\Ingram\AppData\Local\{5DFDD2CF-E8C3-4F61-AB68-599FB17A681B}

2011-11-03 06:59:20 917816 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll

2011-11-02 23:59:45 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-11-02 22:43:27 -------- d-----w- C:\Users\Ingram\AppData\Local\{4C69E3A8-F7C8-4551-9F17-A1676B98C9B1}

2011-11-02 22:43:06 -------- d-----w- C:\Users\Ingram\AppData\Local\{20034FE8-351F-4D49-B8F0-BDDD762C3C63}

2011-11-02 10:42:41 -------- d-----w- C:\Users\Ingram\AppData\Local\{66137153-3FCD-423F-B80F-4E6883E6253C}

2011-11-02 10:42:15 -------- d-----w- C:\Users\Ingram\AppData\Local\{0C3C841A-04EE-42AE-9293-33C1733701BD}

2011-11-01 13:37:23 -------- d-----w- C:\Users\Ingram\AppData\Local\{4D11F40F-C3CF-46AD-8204-58F67DC231E9}

2011-11-01 13:37:12 -------- d-----w- C:\Users\Ingram\AppData\Local\{CAFE18E5-5F54-4433-B899-E64C41197C58}

2011-10-31 22:30:54 -------- d-----w- C:\Program Files (x86)\Doctor Who - The Gunpowder Plot

2011-10-31 14:21:20 -------- d-----w- C:\Users\Ingram\AppData\Local\{90EEDB31-1926-4D2E-9590-213FC1E2272D}

2011-10-31 14:20:53 -------- d-----w- C:\Users\Ingram\AppData\Local\{BD1C50CA-59EC-47B3-B286-B9BB2560D026}

2011-10-30 21:35:59 -------- d-----w- C:\Users\Ingram\AppData\Local\{390CDF35-6D5D-4DC0-BD22-36BF49802BE8}

2011-10-30 21:35:48 -------- d-----w- C:\Users\Ingram\AppData\Local\{E2DA6D31-E3D4-4F95-9907-EC3A4827FBF9}

2011-10-29 15:47:52 -------- d-----w- C:\Users\Ingram\AppData\Local\{1CFF239E-9A78-46AC-9AEC-FF194BC251D0}

2011-10-29 15:47:41 -------- d-----w- C:\Users\Ingram\AppData\Local\{9D973E80-3495-4667-A2E4-DC6196A7B20C}

2011-10-28 10:53:07 -------- d-----w- C:\Users\Ingram\AppData\Local\{FA11A19E-73AB-4C14-8566-D585D154AC6C}

2011-10-28 10:52:52 -------- d-----w- C:\Users\Ingram\AppData\Local\{1943E050-7977-42F0-9E39-AF6F065DE3AE}

2011-10-27 21:16:09 89312 ----a-w- C:\Windows\SysWow64\acedrv09.dll

2011-10-27 21:16:09 134880 ----a-w- C:\Windows\System32\drivers\acedrv09.sys

2011-10-27 14:24:14 -------- d-----w- C:\Users\Ingram\AppData\Local\{16FBDADB-16DA-43EE-BFF3-8AD9D1289D35}

2011-10-27 14:24:00 -------- d-----w- C:\Users\Ingram\AppData\Local\{2CA8B336-3A5B-4B7E-A3AC-7FDB8985FD0B}

2011-10-26 13:57:53 -------- d-----w- C:\Users\Ingram\AppData\Local\{C3DC6AE0-5869-41D7-8E98-D51EB30E3E75}

2011-10-26 13:57:40 -------- d-----w- C:\Users\Ingram\AppData\Local\{D8A05A02-A12C-4BA5-A06F-2C3CE2E647D0}

2011-10-25 20:33:43 -------- d-----w- C:\Users\Ingram\AppData\Local\{F0C63D02-9CC6-4932-902A-C277A21B7510}

2011-10-25 20:33:32 -------- d-----w- C:\Users\Ingram\AppData\Local\{6E6DCB44-3303-4FC2-8D8C-D7A1DBCAF34C}

2011-10-25 01:31:22 -------- d-----w- C:\Users\Ingram\AppData\Local\{10C4C448-8D7A-444D-A41B-6324401E6BC3}

2011-10-25 01:31:00 -------- d-----w- C:\Users\Ingram\AppData\Local\{2C36B9F4-CFEF-43FA-A58F-F8B9CF13156B}

2011-10-24 13:30:36 -------- d-----w- C:\Users\Ingram\AppData\Local\{D0138C6E-19B3-443E-A248-4316207BD176}

2011-10-24 13:30:24 -------- d-----w- C:\Users\Ingram\AppData\Local\{248B70EF-E627-4140-82DE-113228A4068E}

2011-10-23 22:17:12 -------- d-----w- C:\Users\Ingram\AppData\Local\{E7956C70-95F8-49F7-A7EB-15DBC0E84857}

2011-10-23 22:17:01 -------- d-----w- C:\Users\Ingram\AppData\Local\{3A14E25B-7FDA-4C6E-905E-0334DF5DF07A}

2011-10-23 11:53:18 -------- d-----w- C:\Users\Ingram\AppData\Local\{85E85958-AEBF-491D-8F99-EEA8B9919972}

2011-10-23 11:53:07 -------- d-----w- C:\Users\Ingram\AppData\Local\{6ABDD961-5E24-4317-A51C-1233523849A4}

2011-10-22 21:15:13 -------- d-----w- C:\Users\Ingram\AppData\Local\{49741CB3-5E4F-433D-A4A5-22A7C287F3F2}

2011-10-22 21:14:51 -------- d-----w- C:\Users\Ingram\AppData\Local\{F7A77372-8505-42E8-9BC4-3580FC16570D}

2011-10-22 12:04:50 63760 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys

2011-10-22 12:04:40 -------- d-----w- C:\Program Files (x86)\Trusteer

2011-10-22 04:08:55 -------- d-----w- C:\Users\Ingram\AppData\Local\{612A6A13-807F-483A-A7FE-9A3CAE350917}

2011-10-22 04:08:33 -------- d-----w- C:\Users\Ingram\AppData\Local\{340B2C35-7093-44B4-B641-10287E78D21B}

2011-10-21 13:15:35 -------- d-----w- C:\Users\Ingram\AppData\Local\{B39A41F1-926B-4FBD-9850-13B2FE873FB6}

2011-10-21 13:15:20 -------- d-----w- C:\Users\Ingram\AppData\Local\{20F28AE7-D33F-4B70-9D52-BD790E6C8401}

2011-10-21 01:14:53 -------- d-----w- C:\Users\Ingram\AppData\Local\{808BC569-23DF-4FD4-9018-671A1295E724}

2011-10-21 01:14:32 -------- d-----w- C:\Users\Ingram\AppData\Local\{DBEBE7C4-A58D-4C81-A277-4E8E2FF5B10A}

2011-10-20 13:03:38 -------- d-----w- C:\Users\Ingram\AppData\Local\{B073F1F3-3F09-4205-B388-CC4A089381E0}

2011-10-20 13:03:26 -------- d-----w- C:\Users\Ingram\AppData\Local\{E8744BEA-B729-49FB-A68F-B36E931ABC4F}

.

==================== Find3M ====================

.

2011-10-21 09:23:33 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-10-03 05:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-09-23 01:27:38 320040 ----a-w- C:\Windows\System32\drivers\k57nd60a.sys

2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll

2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll

2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-08-31 17:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-08-27 05:37:49 861696 ----a-w- C:\Windows\System32\oleaut32.dll

2011-08-27 05:37:48 331776 ----a-w- C:\Windows\System32\oleacc.dll

2011-08-27 04:26:27 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-08-27 04:26:27 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll

2010-07-22 02:19:06 5792768 --sh--w- C:\Windows\TheThing.exe

.

============= FINISH: 2:48:22.69 ===============

Link to post
Share on other sites

  • Staff

Hi,

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

Link to post
Share on other sites

Should I try the first scan again? The log in the folder is rather short. Last I checked MBAM was still not responding after awhile.

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

Results of screen317's Security Check version 0.99.28

Windows 7 x64 (UAC is enabled)

Internet Explorer 9

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Disabled!

ESET Online Scanner v3

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

MVPS Hosts File

Malwarebytes' Anti-Malware

Java 6 Update 29

Adobe Flash Player ( 10.1.82.76) Flash Player out of Date!

Adobe Reader X (10.1.1)

Mozilla Firefox (4.0.1) Firefox out of Date!

````````````````````````````````

Process Check:

objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe

AVG avgwdsvc.exe

AVG avgtray.exe

``````````End of Log````````````

Link to post
Share on other sites

  • Staff

Hi,

Great!

Navigate to Start --> Run, and type Combofix /uninstall in the box that appears. Click OK afterward. Notice the space between the X and the /uninstall

This uninstalls all of ComboFix's components.

Delete SecurityCheck.

After that, navigate to Start --> Control Panel --> Add or Remove Programs, and uninstall the following program(s) (if present):

ESET Online Scanner v3

Adobe Flash Player ( 10.1.82.76)

Mozilla Firefox (4.0.1)

Restart your computer.

Get the latest version of Adobe Flash Player, and Firefox.

Let me know what issues remain.

-screen317

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.