Author Topic: [Inactive] About msn free games and something with direct x  (Read 7060 times)

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27117
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] About msn free games and something with direct x
« Reply #15 on: September 26, 2014, 09:00:58 AM »
No worries here.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline albert60

  • Bronze Member
  • Posts: 32
Re: [In Progress] About msn free games and something with direct x
« Reply #16 on: September 26, 2014, 08:38:12 PM »
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 7/16/2014 1:45:32 AM
System Uptime: 9/26/2014 5:39:40 PM (2 hours ago)
.
Motherboard: TOSHIBA |  | NDU11
Processor: AMD Turion(tm) II Neo K625 Dual-Core Processor | Socket M2/S1G1 | 795/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 242.505 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP20: 9/19/2014 3:49:35 PM - Windows Update
RP21: 9/19/2014 5:33:24 PM - Windows Update
RP22: 9/20/2014 4:15:44 PM - Windows Update
RP23: 9/22/2014 1:17:55 PM - Restore Operation
RP24: 9/22/2014 8:23:52 PM - Windows Update
RP25: 9/24/2014 12:37:52 AM - Windows Update
RP26: 9/24/2014 12:03:58 PM - Windows Update
RP27: 9/24/2014 1:16:45 PM - Windows Update
RP28: 9/25/2014 1:35:59 AM - Installed TOSHIBA Service Station
RP29: 9/25/2014 2:50:48 AM - Removed Quickbooks Financial Center
RP30: 9/25/2014 2:53:10 AM - Removed Amazon Links
.
==== Installed Programs ======================
.
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader 9.3
Atheros Driver Installation Program
ATI Catalyst Install Manager
AVG 2015
Bejeweled 2 Deluxe
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Chuzzle Deluxe
Compatibility Pack for the 2007 Office system
DriverUpdate
Escape Rosecliff Island
FATE - The Traitor Soul
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Office (KB975927)
Java(TM) 6 Update 17
Jewel Quest 3
JMicron Flash Media Controller Driver
Junk Mail filter update
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
MSVCRT
Penguins!
PlayReady PC Runtime amd64
Polar Bowler
Realtek Ethernet Controller Driver For Windows 7
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Skype Launcher
Synaptics Pointing Device Driver
TOSHIBA Application Installer
TOSHIBA Assist
TOSHIBA Bulletin Board
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA Flash Cards Support Utility
TOSHIBA Hardware Setup
TOSHIBA HDD Protection
TOSHIBA HDD/SSD Alert
Toshiba Laptop Checkup
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
Toshiba Online Backup
TOSHIBA PC Health Monitor
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Sleep Utility
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
Update for Microsoft Office Word 2007 (KB974631)
Utility Common Driver
Virtual Families
Virtual Villagers - The Secret City
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
WildTangent Games
WildTangent ORB Game Console
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
9/26/2014 5:42:05 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  cdrom
9/26/2014 4:14:02 PM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
9/26/2014 3:39:53 AM, Error: ACPI [13]  - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
9/26/2014 2:18:29 AM, Error: Service Control Manager [7043]  - The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.
9/26/2014 2:09:32 AM, Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for Start with the following error:  Access is denied.
9/24/2014 12:09:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4.5 and 4.5.1 on Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB2894854).
9/23/2014 1:23:55 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.
9/23/2014 1:03:59 PM, Error: Service Control Manager [7022]  - The Windows Search service hung on starting.
9/22/2014 9:32:13 PM, Error: Service Control Manager [7043]  - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
9/19/2014 7:32:22 PM, Error: Microsoft-Windows-WMPNSS-Service [14324]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(WindowsMediaPlayer) encountered error '0x80004002'. If possible, reinstall Windows Media Player.
9/19/2014 7:32:15 PM, Error: Service Control Manager [7023]  - The Windows Defender service terminated with the following error:  The process cannot access the file because it is being used by another process.
9/19/2014 7:32:12 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
9/19/2014 7:32:12 PM, Error: Service Control Manager [7000]  - The Google Update Service (gupdate) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
9/19/2014 7:32:10 PM, Error: Service Control Manager [7023]  - The Windows Font Cache Service service terminated with the following error:  The process cannot access the file because it is being used by another process.
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17280
Run by albert60 at 19:35:04 on 2014-09-26
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3836.2141 [GMT -7:00]
.
AV: AVG Internet Security 2015 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2015 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2015 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
C:\windows\system32\ThpSrv.exe
C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\windows\System32\MsSpellCheckingFacility.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.google.com/ig?brand=TSNA&bmod=TSNA
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
dRunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} - hxxp://zone.msn.com/bingame/zpagames/zpa_hrtz.cab99160.cab
DPF: {A4110378-789B-455F-AE86-3A1BFC402853} - hxxp://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{F888A251-39DE-453F-9500-CE63C40AD36B} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{F888A251-39DE-453F-9500-CE63C40AD36B}\84F4D454 : DHCPNameServer = 68.87.66.246 162.150.8.37
TCP: Interfaces\{F888A251-39DE-453F-9500-CE63C40AD36B}\876696E696479777966696 : DHCPNameServer = 75.75.75.75 75.75.76.76
SSODL: WebCheck - <orphaned>
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll
x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [ThpSrv] C:\windows\System32\thpsrv /logon
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [SmartFaceVWatcher] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2014-6-18 190744]
R0 Avgloga;AVG Logging Driver;C:\windows\System32\drivers\avgloga.sys [2014-7-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2014-8-6 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2014-6-18 31512]
R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\System32\drivers\thpdrv.sys [2009-6-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\System32\drivers\Thpevm.sys [2009-6-29 14784]
R1 Avgdiska;AVG Disk Driver;C:\windows\System32\drivers\avgdiska.sys [2014-6-18 153368]
R1 Avgfwfd;AVG network filter service;C:\windows\System32\drivers\avgfwd6a.sys [2013-9-26 57144]
R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2014-7-24 247576]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2014-8-20 243480]
R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2014-7-2 270616]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2014-7-16 202752]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-9-5 1459872]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-9-5 3364368]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-9-5 293448]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-16 1809720]
R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [2014-7-16 103792]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [2014-7-16 126392]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2014-7-16 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\drivers\MBAMSwissArmy.sys [2014-7-16 122584]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2014-7-16 35008]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2014-7-16 325152]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2014-7-16 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-16 860472]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-9-19 111616]
S3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2009-9-23 144496]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\drivers\mwac.sys [2014-7-16 63704]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2014-9-22 19456]
S3 SWDUMon;SWDUMon;C:\windows\System32\drivers\SWDUMon.sys [2014-9-26 16152]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2014-9-22 56832]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2014-9-9 1255736]
.
=============== Created Last 30 ================
.
2014-09-27 01:55:41   --------   d-----w-   C:\Program Files\CCleaner
2014-09-27 01:41:34   11578928   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DAAE2921-D637-4B94-B97A-6A31F0A0BE32}\mpengine.dll
2014-09-26 23:54:36   16152   ----a-w-   C:\windows\System32\drivers\SWDUMon.sys
2014-09-26 23:54:34   --------   d-----w-   C:\Users\albert60\AppData\Local\SlimWare Utilities Inc
2014-09-26 23:54:30   --------   d-----w-   C:\Program Files (x86)\DriverUpdate
2014-09-25 09:46:25   --------   d-----w-   C:\Users\albert60\AppData\Local\IsolatedStorage
2014-09-25 09:44:18   20296   ----a-w-   C:\windows\System32\roboot64.exe
2014-09-25 09:44:02   --------   d-----w-   C:\Users\albert60\AppData\Roaming\UpdaterEX
2014-09-25 09:40:44   --------   d-----w-   C:\Users\albert60\AppData\Local\Adobe
2014-09-24 07:38:34   --------   d-----w-   C:\0afba7a1ce7d5c34e6f84f
2014-09-24 05:50:01   3178496   ----a-w-   C:\windows\System32\rdpcorets.dll
2014-09-24 05:50:01   16384   ----a-w-   C:\windows\System32\RdpGroupPolicyExtension.dll
2014-09-23 03:57:29   167424   ----a-w-   C:\Program Files\Windows Media Player\wmplayer.exe
2014-09-23 03:57:29   164864   ----a-w-   C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-09-23 03:57:27   12625920   ----a-w-   C:\windows\System32\wmploc.DLL
2014-09-23 03:57:26   12625408   ----a-w-   C:\windows\SysWow64\wmploc.DLL
2014-09-23 03:50:09   --------   d-----w-   C:\windows\Migration
2014-09-23 03:38:54   2560   ----a-w-   C:\windows\System32\drivers\en-US\wdf01000.sys.mui
2014-09-23 03:35:32   19456   ----a-w-   C:\windows\System32\drivers\rdpvideominiport.sys
2014-09-23 03:35:29   192000   ----a-w-   C:\windows\SysWow64\rdpendp_winip.dll
2014-09-23 03:35:28   243200   ----a-w-   C:\windows\System32\rdpudd.dll
2014-09-23 03:35:27   228864   ----a-w-   C:\windows\System32\rdpendp_winip.dll
2014-09-23 03:29:28   87040   ----a-w-   C:\windows\System32\drivers\WUDFPf.sys
2014-09-23 03:29:28   198656   ----a-w-   C:\windows\System32\drivers\WUDFRd.sys
2014-09-23 03:29:27   84992   ----a-w-   C:\windows\System32\WUDFSvc.dll
2014-09-23 03:29:27   194048   ----a-w-   C:\windows\System32\WUDFPlatform.dll
2014-09-23 03:29:25   744448   ----a-w-   C:\windows\System32\WUDFx.dll
2014-09-23 03:29:25   45056   ----a-w-   C:\windows\System32\WUDFCoinstaller.dll
2014-09-23 03:29:25   229888   ----a-w-   C:\windows\System32\WUDFHost.exe
2014-09-23 03:25:04   2777088   ----a-w-   C:\windows\System32\msmpeg2vdec.dll
2014-09-23 03:25:04   2285056   ----a-w-   C:\windows\SysWow64\msmpeg2vdec.dll
2014-09-23 03:22:00   2315776   ----a-w-   C:\windows\System32\tquery.dll
2014-09-23 03:20:19   658432   ----a-w-   C:\windows\System32\RMActivate_isv.exe
2014-09-23 03:19:44   45568   ----a-w-   C:\windows\SysWow64\oflc-nz.rs
2014-09-23 03:18:58   7168   ----a-w-   C:\windows\SysWow64\KBDYAK.DLL
2014-09-23 03:17:41   569344   ----a-w-   C:\windows\System32\iphlpsvc.dll
2014-09-23 03:17:41   246272   ----a-w-   C:\windows\System32\netcorehc.dll
2014-09-23 03:17:41   216576   ----a-w-   C:\windows\System32\ncsi.dll
2014-09-23 03:17:41   156672   ----a-w-   C:\windows\SysWow64\ncsi.dll
2014-09-23 03:17:40   70656   ----a-w-   C:\windows\System32\nlaapi.dll
2014-09-23 03:17:40   52224   ----a-w-   C:\windows\SysWow64\nlaapi.dll
2014-09-23 03:17:40   45568   ----a-w-   C:\windows\System32\drivers\tcpipreg.sys
2014-09-23 03:17:40   303104   ----a-w-   C:\windows\System32\nlasvc.dll
2014-09-23 03:17:40   18944   ----a-w-   C:\windows\SysWow64\netevent.dll
2014-09-23 03:17:40   18944   ----a-w-   C:\windows\System32\netevent.dll
2014-09-23 03:17:40   175104   ----a-w-   C:\windows\SysWow64\netcorehc.dll
2014-09-23 03:17:11   509952   ----a-w-   C:\windows\System32\ntshrui.dll
2014-09-23 03:17:10   442880   ----a-w-   C:\windows\SysWow64\ntshrui.dll
2014-09-23 03:16:43   1684928   ----a-w-   C:\windows\System32\drivers\ntfs.sys
2014-09-23 03:16:33   793600   ----a-w-   C:\windows\SysWow64\TSWorkspace.dll
2014-09-23 03:16:33   1031168   ----a-w-   C:\windows\System32\TSWorkspace.dll
2014-09-23 03:16:15   55296   ----a-w-   C:\windows\System32\dhcpcsvc6.dll
2014-09-23 03:16:15   44032   ----a-w-   C:\windows\SysWow64\dhcpcsvc6.dll
2014-09-23 03:16:15   226816   ----a-w-   C:\windows\System32\dhcpcore6.dll
2014-09-23 03:16:15   193536   ----a-w-   C:\windows\SysWow64\dhcpcore6.dll
2014-09-23 03:16:09   81920   ----a-w-   C:\windows\SysWow64\davclnt.dll
2014-09-23 03:16:09   259584   ----a-w-   C:\windows\System32\WebClnt.dll
2014-09-23 03:16:09   205824   ----a-w-   C:\windows\SysWow64\WebClnt.dll
2014-09-23 03:16:09   140800   ----a-w-   C:\windows\System32\drivers\mrxdav.sys
2014-09-23 03:16:09   102400   ----a-w-   C:\windows\System32\davclnt.dll
2014-09-23 03:15:57   30720   ----a-w-   C:\windows\System32\cryptdlg.dll
2014-09-23 03:15:57   24576   ----a-w-   C:\windows\SysWow64\cryptdlg.dll
2014-09-23 03:15:30   950128   ----a-w-   C:\windows\System32\drivers\ndis.sys
2014-09-23 03:15:30   41472   ----a-w-   C:\windows\System32\drivers\RNDISMP.sys
2014-09-23 03:15:27   1424384   ----a-w-   C:\windows\System32\WindowsCodecs.dll
2014-09-23 03:15:27   1230336   ----a-w-   C:\windows\SysWow64\WindowsCodecs.dll
2014-09-23 03:15:22   245760   ----a-w-   C:\windows\System32\OxpsConverter.exe
2014-09-23 03:15:16   228864   ----a-w-   C:\windows\System32\wwansvc.dll
2014-09-23 03:15:15   48640   ----a-w-   C:\windows\System32\wwanprotdim.dll
2014-09-23 03:15:14   223752   ----a-w-   C:\windows\System32\drivers\fvevol.sys
2014-09-23 03:13:58   31232   ----a-w-   C:\windows\SysWow64\prevhost.exe
2014-09-23 03:13:58   31232   ----a-w-   C:\windows\System32\prevhost.exe
2014-09-23 03:13:55   503808   ----a-w-   C:\windows\System32\srcore.dll
2014-09-23 03:13:53   43008   ----a-w-   C:\windows\SysWow64\srclient.dll
2014-09-23 02:53:51   461312   ----a-w-   C:\windows\System32\scavengeui.dll
2014-09-22 00:26:42   --------   d-----w-   C:\Users\albert60\AppData\Roaming\Systweak
2014-09-20 23:40:01   940032   ----a-w-   C:\windows\System32\MsSpellCheckingFacility.exe
2014-09-20 22:57:26   3928064   ----a-w-   C:\windows\System32\d2d1.dll
2014-09-20 22:57:25   3419136   ----a-w-   C:\windows\SysWow64\d2d1.dll
2014-09-20 06:07:07   --------   d-----w-   C:\Program Files (x86)\File Download ActiveX
2014-09-20 04:29:59   --------   d-----w-   C:\Users\albert60\AppData\Local\ElevatedDiagnostics
2014-09-20 02:56:23   --------   d-sh--w-   C:\Users\albert60\AppData\Local\EmieUserList
2014-09-20 02:56:23   --------   d-sh--w-   C:\Users\albert60\AppData\Local\EmieSiteList
2014-09-20 01:51:19   859648   ----a-w-   C:\windows\System32\tdh.dll
2014-09-20 01:51:18   878080   ----a-w-   C:\windows\System32\advapi32.dll
2014-09-20 01:51:18   1732032   ----a-w-   C:\windows\System32\ntdll.dll
2014-09-20 01:51:02   640512   ----a-w-   C:\windows\SysWow64\advapi32.dll
2014-09-20 01:51:02   619520   ----a-w-   C:\windows\SysWow64\tdh.dll
2014-09-20 01:51:02   1292192   ----a-w-   C:\windows\SysWow64\ntdll.dll
2014-09-20 01:49:01   327168   ----a-w-   C:\windows\System32\mswsock.dll
2014-09-20 01:49:01   231424   ----a-w-   C:\windows\SysWow64\mswsock.dll
2014-09-20 01:42:39   1887232   ----a-w-   C:\windows\System32\d3d11.dll
2014-09-20 01:42:39   1505280   ----a-w-   C:\windows\SysWow64\d3d11.dll
2014-09-20 00:35:04   99480   ----a-w-   C:\windows\SysWow64\infocardapi.dll
2014-09-20 00:35:04   619672   ----a-w-   C:\windows\SysWow64\icardagt.exe
2014-09-20 00:35:04   171160   ----a-w-   C:\windows\System32\infocardapi.dll
2014-09-20 00:35:04   1389208   ----a-w-   C:\windows\System32\icardagt.exe
2014-09-20 00:35:03   8856   ----a-w-   C:\windows\SysWow64\icardres.dll
2014-09-20 00:35:03   8856   ----a-w-   C:\windows\System32\icardres.dll
2014-09-20 00:34:48   35480   ----a-w-   C:\windows\SysWow64\TsWpfWrp.exe
2014-09-20 00:34:48   35480   ----a-w-   C:\windows\System32\TsWpfWrp.exe
2014-09-19 23:57:58   633856   ----a-w-   C:\windows\System32\comctl32.dll
2014-09-19 23:57:58   530432   ----a-w-   C:\windows\SysWow64\comctl32.dll
2014-09-19 23:57:41   224256   ----a-w-   C:\windows\System32\wintrust.dll
2014-09-19 23:57:41   175104   ----a-w-   C:\windows\SysWow64\wintrust.dll
2014-09-19 23:55:40   1719296   ----a-w-   C:\Program Files\Windows Journal\NBDoc.DLL
2014-09-19 23:55:39   936960   ----a-w-   C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-09-19 23:55:39   1389568   ----a-w-   C:\Program Files\Windows Journal\JNWDRV.dll
2014-09-19 23:55:39   1380864   ----a-w-   C:\Program Files\Windows Journal\JNTFiltr.dll
2014-09-19 23:55:39   1354240   ----a-w-   C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2014-09-19 23:55:36   801280   ----a-w-   C:\windows\System32\usp10.dll
2014-09-19 23:55:36   626688   ----a-w-   C:\windows\SysWow64\usp10.dll
2014-09-19 23:53:28   2002432   ----a-w-   C:\windows\System32\msxml6.dll
2014-09-19 23:52:55   99840   ----a-w-   C:\windows\System32\drivers\usbccgp.sys
2014-09-19 23:51:53   2048   ----a-w-   C:\windows\SysWow64\tzres.dll
2014-09-19 23:50:15   961024   ----a-w-   C:\windows\System32\CPFilters.dll
2014-09-19 23:50:15   642048   ----a-w-   C:\windows\SysWow64\CPFilters.dll
2014-09-19 23:50:15   1118720   ----a-w-   C:\windows\System32\sbe.dll
2014-09-19 23:50:14   850944   ----a-w-   C:\windows\SysWow64\sbe.dll
2014-09-19 23:50:14   259072   ----a-w-   C:\windows\System32\mpg2splt.ax
2014-09-19 23:50:14   199680   ----a-w-   C:\windows\SysWow64\mpg2splt.ax
2014-09-19 23:50:07   1572864   ----a-w-   C:\windows\System32\quartz.dll
2014-09-19 23:50:07   1328128   ----a-w-   C:\windows\SysWow64\quartz.dll
2014-09-19 23:50:03   1359872   ----a-w-   C:\windows\System32\mfc42u.dll
2014-09-19 23:50:02   1395712   ----a-w-   C:\windows\System32\mfc42.dll
2014-09-19 23:50:02   1164288   ----a-w-   C:\windows\SysWow64\mfc42u.dll
2014-09-19 23:50:02   1137664   ----a-w-   C:\windows\SysWow64\mfc42.dll
2014-09-19 23:48:10   985536   ----a-w-   C:\windows\System32\drivers\dxgkrnl.sys
2014-09-19 23:48:10   265064   ----a-w-   C:\windows\System32\drivers\dxgmms1.sys
2014-09-19 23:48:10   144384   ----a-w-   C:\windows\System32\cdd.dll
2014-09-19 23:48:05   39936   ----a-w-   C:\windows\System32\drivers\tssecsrv.sys
2014-09-19 23:46:15   68608   ----a-w-   C:\windows\System32\taskhost.exe
2014-09-19 23:46:13   751104   ----a-w-   C:\windows\System32\win32spl.dll
2014-09-19 23:46:12   492544   ----a-w-   C:\windows\SysWow64\win32spl.dll
2014-09-19 23:45:18   903168   ----a-w-   C:\windows\SysWow64\certutil.exe
2014-09-19 23:45:18   1192448   ----a-w-   C:\windows\System32\certutil.exe
2014-09-19 23:45:16   52224   ----a-w-   C:\windows\System32\certenc.dll
2014-09-19 23:45:16   43008   ----a-w-   C:\windows\SysWow64\certenc.dll
2014-09-19 23:43:58   458712   ----a-w-   C:\windows\System32\drivers\cng.sys
2014-09-19 23:43:57   95680   ----a-w-   C:\windows\System32\drivers\ksecdd.sys
2014-09-19 23:43:57   155072   ----a-w-   C:\windows\System32\drivers\ksecpkg.sys
2014-09-19 23:43:56   31232   ----a-w-   C:\windows\System32\lsass.exe
2014-09-19 23:43:56   29184   ----a-w-   C:\windows\System32\sspisrv.dll
2014-09-19 23:43:56   28160   ----a-w-   C:\windows\System32\secur32.dll
2014-09-19 23:43:56   136192   ----a-w-   C:\windows\System32\sspicli.dll
2014-09-19 23:43:06   3163648   ----a-w-   C:\windows\System32\win32k.sys
2014-09-19 23:43:05   404480   ----a-w-   C:\windows\System32\gdi32.dll
2014-09-19 23:43:05   311808   ----a-w-   C:\windows\SysWow64\gdi32.dll
2014-09-19 23:31:40   288768   ----a-w-   C:\windows\System32\drivers\mrxsmb10.sys
2014-09-19 23:31:38   128000   ----a-w-   C:\windows\System32\drivers\mrxsmb20.sys
2014-09-19 23:31:36   158208   ----a-w-   C:\windows\System32\drivers\mrxsmb.sys
2014-09-19 23:31:22   395776   ----a-w-   C:\windows\System32\webio.dll
2014-09-19 23:31:21   314880   ----a-w-   C:\windows\SysWow64\webio.dll
2014-09-19 23:31:04   859648   ----a-w-   C:\windows\System32\IKEEXT.DLL
2014-09-19 23:31:00   324096   ----a-w-   C:\windows\System32\FWPUCLNT.DLL
2014-09-19 23:30:59   830464   ----a-w-   C:\windows\System32\nshwfp.dll
2014-09-19 23:30:59   656896   ----a-w-   C:\windows\SysWow64\nshwfp.dll
2014-09-19 23:30:59   216576   ----a-w-   C:\windows\SysWow64\FWPUCLNT.DLL
2014-09-19 23:30:05   664064   ----a-w-   C:\windows\SysWow64\rpcrt4.dll
2014-09-19 23:30:05   1216000   ----a-w-   C:\windows\System32\rpcrt4.dll
2014-09-19 23:04:19   183296   ----a-w-   C:\windows\System32\dnsrslvr.dll
2014-09-19 23:04:18   30208   ----a-w-   C:\windows\System32\dnscacheugc.exe
2014-09-19 23:04:17   28672   ----a-w-   C:\windows\SysWow64\dnscacheugc.exe
2014-09-19 22:51:55   2620928   ----a-w-   C:\windows\System32\wucltux.dll
2014-09-19 22:51:37   97792   ----a-w-   C:\windows\System32\wudriver.dll
2014-09-19 22:51:37   92672   ----a-w-   C:\windows\SysWow64\wudriver.dll
2014-09-19 22:50:30   36864   ----a-w-   C:\windows\System32\wuapp.exe
2014-09-19 22:50:30   33792   ----a-w-   C:\windows\SysWow64\wuapp.exe
2014-09-19 22:50:30   198600   ----a-w-   C:\windows\System32\wuwebv.dll
2014-09-19 22:50:30   179656   ----a-w-   C:\windows\SysWow64\wuwebv.dll
2014-09-19 05:13:08   --------   d-----w-   C:\windows\System32\SPReview
2014-09-19 00:39:47   --------   d-----w-   C:\windows\System32\EventProviders
2014-09-19 00:16:59   67584   ----a-w-   C:\windows\SysWow64\asycfilt.dll
2014-09-19 00:15:59   50176   ----a-w-   C:\windows\SysWow64\iyuv_32.dll
2014-09-19 00:12:52   577536   ----a-w-   C:\windows\System32\WSDApi.dll
2014-09-19 00:11:59   88576   ----a-w-   C:\windows\System32\setupcl.exe
2014-09-19 00:10:55   91648   ----a-w-   C:\windows\System32\isoburn.exe
2014-09-19 00:09:59   128512   ----a-w-   C:\windows\System32\dwmredir.dll
2014-09-17 21:42:12   --------   d-----w-   C:\Users\albert60\AppData\Roaming\AVG2015
2014-09-17 21:40:46   --------   d-----w-   C:\Users\albert60\AppData\Roaming\TuneUp Software
2014-09-17 21:39:16   --------   d--h--w-   C:\$AVG
2014-09-17 21:39:15   --------   d-----w-   C:\ProgramData\AVG2015
2014-09-17 21:37:18   --------   d-----w-   C:\Program Files (x86)\AVG
2014-09-17 21:33:46   --------   d--h--w-   C:\ProgramData\Common Files
2014-09-17 21:33:46   --------   d-----w-   C:\Users\albert60\AppData\Local\MFAData
2014-09-17 21:33:46   --------   d-----w-   C:\Users\albert60\AppData\Local\Avg2015
2014-09-17 21:33:46   --------   d-----w-   C:\ProgramData\MFAData
2014-09-17 20:16:58   142336   ----a-w-   C:\windows\System32\poqexec.exe
2014-09-17 20:16:57   123904   ----a-w-   C:\windows\SysWow64\poqexec.exe
2014-09-17 03:53:30   71344   ----a-w-   C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-17 03:53:30   701104   ----a-w-   C:\windows\SysWow64\FlashPlayerApp.exe
2014-09-17 03:50:13   --------   d-----w-   C:\Users\albert60\AppData\Local\CrashDumps
2014-09-17 03:50:00   --------   d-----w-   C:\ProgramData\UlsoWfij
2014-09-16 23:25:58   --------   d-----w-   C:\Program Files (x86)\iMesh
2014-09-16 23:00:13   21504   ----a-w-   C:\Program Files (x86)\Internet Explorer\version1.dll
2014-09-16 22:29:52   --------   d-----w-   C:\windows\System32\MRT
2014-09-14 21:17:52   11578928   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-09-14 21:08:19   736952   ----a-w-   C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2014-09-14 21:07:39   2876528   ----a-w-   C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2014-09-14 21:06:56   42168   ----a-w-   C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2014-09-14 21:06:38   539984   ----a-w-   C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-09-14 21:05:54   19968   ----a-w-   C:\windows\System32\drivers\usb8023.sys
2014-09-14 21:05:52   9216   ----a-w-   C:\windows\System32\rdrmemptylst.exe
2014-09-14 21:05:52   77312   ----a-w-   C:\windows\System32\rdpwsx.dll
2014-09-14 21:05:52   149504   ----a-w-   C:\windows\System32\rdpcorekmts.dll
2014-09-09 10:44:22   --------   d-----w-   C:\windows\SysWow64\Wat
2014-09-09 10:44:22   --------   d-----w-   C:\windows\System32\Wat
.
==================== Find3M  ====================
.
2014-09-27 01:40:43   122584   ----a-w-   C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-09-20 01:55:32   194048   ----a-w-   C:\windows\SysWow64\elshyph.dll
2014-09-20 01:55:08   645120   ----a-w-   C:\windows\SysWow64\jsIntl.dll
2014-09-20 01:55:08   235008   ----a-w-   C:\windows\System32\elshyph.dll
2014-09-20 01:55:06   71680   ----a-w-   C:\windows\SysWow64\RegisterIEPKEYs.exe
2014-09-20 01:55:05   182272   ----a-w-   C:\windows\SysWow64\msls31.dll
2014-09-20 01:55:05   1812992   ----a-w-   C:\windows\SysWow64\wininet.dll
2014-09-20 01:55:02   60416   ----a-w-   C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-09-20 01:55:01   62464   ----a-w-   C:\windows\SysWow64\tdc.ocx
2014-09-20 01:55:01   337408   ----a-w-   C:\windows\SysWow64\html.iec
2014-09-20 01:45:38   9728   ---ha-w-   C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-19 05:38:58   152576   ----a-w-   C:\windows\SysWow64\msclmd.dll
2014-09-19 05:38:57   175616   ----a-w-   C:\windows\System32\msclmd.dll
2014-09-15 16:06:02   278152   ------w-   C:\windows\System32\MpSigStub.exe
2014-08-21 04:45:10   243480   ----a-w-   C:\windows\System32\drivers\avgldx64.sys
2014-08-07 04:39:52   123672   ----a-w-   C:\windows\System32\drivers\avgmfx64.sys
2014-07-25 09:35:46   875688   ----a-w-   C:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 06:47:06   869544   ----a-w-   C:\windows\System32\msvcr120_clr0400.dll
2014-07-24 21:06:36   247576   ----a-w-   C:\windows\System32\drivers\avgidsdrivera.sys
2014-07-18 22:53:26   313624   ----a-w-   C:\windows\System32\drivers\avgloga.sys
2014-07-16 08:05:51   0   ----a-w-   C:\windows\ativpsrm.bin
2014-07-16 03:23:41   2048   ----a-w-   C:\windows\System32\tzres.dll
2014-07-09 02:03:23   7168   ----a-w-   C:\windows\System32\KBDYAK.DLL
2014-07-09 02:03:22   7168   ----a-w-   C:\windows\System32\KBDBASH.DLL
2014-07-09 01:31:41   6656   ----a-w-   C:\windows\SysWow64\KBDBASH.DLL
2014-07-07 02:06:35   728064   ----a-w-   C:\windows\System32\kerberos.dll
2014-07-07 02:06:35   1460736   ----a-w-   C:\windows\System32\lsasrv.dll
2014-07-07 01:40:21   22016   ----a-w-   C:\windows\SysWow64\secur32.dll
2014-07-07 01:40:12   550912   ----a-w-   C:\windows\SysWow64\kerberos.dll
2014-07-07 01:39:16   96768   ----a-w-   C:\windows\SysWow64\sspicli.dll
2014-07-02 16:58:24   270616   ----a-w-   C:\windows\System32\drivers\avgtdia.sys
.
============= FINISH: 19:36:33.24 ===============

Offline albert60

  • Bronze Member
  • Posts: 32
Re: [In Progress] About msn free games and something with direct x
« Reply #17 on: September 26, 2014, 08:44:34 PM »
did u get both the dds files? or just one?      also u wont believe this my computer doesn't have a clipboard, but malware found nothing wrong,    there were no malware and yesterday a few pups .

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27117
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] About msn free games and something with direct x
« Reply #18 on: September 26, 2014, 08:53:00 PM »
Both of them posted, thanks. I will try and get thru your logs tonight, but may not get you something until the morning.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27117
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] About msn free games and something with direct x
« Reply #19 on: September 26, 2014, 09:11:58 PM »
* Anyone other than the originator of this thread, you would be best advised to not run combofix without guidance from someone trained in its use. It is a very powerful tool that can cause damage to your computer if used wrong.

Run comboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Also make sure you close all your browsers just before the instructions tell you to start the scanner.

Please include the C:\ComboFix.txt in your next reply for further review.

Note:
Do not mouseclick combofix''s window while it''s running. That may cause it to stall


Also I want to get a look at your event viewer logs. The peek I got at them in DDS is showing a few devices with problems.

I need you to go to the administration tools in Vista / Windows 7. They are in the Control Panel. Open the Admin tools, then open the event viewer. Over on the left hand side expand the window category and then click on  System. Then up at the top click on Action and then click on Save Events As, type in system as the file name,  make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Over on the left hand side and click on Application. Then up at the top click on Action and then click on Save Events As, type in application as the file name,  make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Zip them both up into a single zip file, post them back here in your next reply as attachments. If the files are to big to attach, let me know and I will send you a PM on what to do with them.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline albert60

  • Bronze Member
  • Posts: 32
Re: [In Progress] About msn free games and something with direct x
« Reply #20 on: September 27, 2014, 03:34:54 AM »
I will do this   in afternoon thank you Hoov,    just don't know how to-do a zip file can you explain thanks......albert60

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27117
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] About msn free games and something with direct x
« Reply #21 on: September 27, 2014, 07:58:09 AM »
Select both files (click on one, hold the control key down and click on the other) then right click on either file and select Send To and then select compressed Folder. It will create a zip file with both files in it.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline albert60

  • Bronze Member
  • Posts: 32
Re: [In Progress] About msn free games and something with direct x
« Reply #22 on: September 28, 2014, 03:12:43 AM »
sorry hoov couldn't get to it today had to work late will do this Sunday afternoon.     thank  you albert60

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27117
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] About msn free games and something with direct x
« Reply #23 on: September 28, 2014, 05:38:09 PM »
I am here whenever you can get it done.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline albert60

  • Bronze Member
  • Posts: 32
Re: [In Progress] About msn free games and something with direct x
« Reply #24 on: September 30, 2014, 06:53:45 PM »
how do I paste the zip file?

Offline albert60

  • Bronze Member
  • Posts: 32
Re: [In Progress] About msn free games and something with direct x
« Reply #25 on: September 30, 2014, 07:00:07 PM »
I think I got the files of viewer logs into a compressed zip folder, yet I don't know how to send it?    It wont allow me too

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27117
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] About msn free games and something with direct x
« Reply #26 on: September 30, 2014, 07:35:56 PM »
I have sent you a PM on what to do with the file.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline albert60

  • Bronze Member
  • Posts: 32
Re: [In Progress] About msn free games and something with direct x
« Reply #27 on: September 30, 2014, 09:00:25 PM »
went to combo fix.      turned off defender, turned off malware bytes................but for some reason I clicked disable AVG and it wont let combo fix go through..............what do I do?   I even unclicked firewall, and it says combo fix is a threat to AVG...........It is finding it a threat and I Clicked to let it go through.................No Go..................Is there another way to disable it?

                                                                 Thanks Albert60

Offline albert60

  • Bronze Member
  • Posts: 32
Re: [In Progress] About msn free games and something with direct x
« Reply #28 on: September 30, 2014, 10:11:14 PM »
here is combo fix   I figured out how to disComboFix 14-09-29.02 - albert60 09/30/2014  20:56:23.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3836.1644 [GMT -7:00]
Running from: c:\users\albert60\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OL9A9B5V\ComboFix.exe
AV: AVG Internet Security 2015 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2015 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2015 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\albert60\Desktop\Internet Explorer.lnk
.
.
(((((((((((((((((((((((((   Files Created from 2014-09-01 to 2014-10-01  )))))))))))))))))))))))))))))))
.
.
2014-10-01 04:04 . 2014-10-01 04:04   --------   d-----w-   c:\users\Default\AppData\Local\temp
2014-09-30 17:52 . 2014-09-09 02:05   11578928   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{31DD44AC-BEC4-49BB-A285-E11863D3ADD8}\mpengine.dll
2014-09-27 01:55 . 2014-09-27 01:56   --------   d-----w-   c:\program files\CCleaner
2014-09-26 23:54 . 2014-10-01 00:03   16152   ----a-w-   c:\windows\system32\drivers\SWDUMon.sys
2014-09-26 23:54 . 2014-09-26 23:54   --------   d-----w-   c:\users\albert60\AppData\Local\SlimWare Utilities Inc
2014-09-26 23:54 . 2014-09-26 23:54   --------   d-----w-   c:\program files (x86)\DriverUpdate
2014-09-25 09:46 . 2014-09-25 09:46   --------   d-----w-   c:\users\albert60\AppData\Local\IsolatedStorage
2014-09-25 09:44 . 2014-08-30 00:02   20296   ----a-w-   c:\windows\system32\roboot64.exe
2014-09-25 09:44 . 2014-09-26 08:34   --------   d-----w-   c:\users\albert60\AppData\Roaming\UpdaterEX
2014-09-25 09:40 . 2014-09-25 09:41   --------   d-----w-   c:\users\albert60\AppData\Local\Adobe
2014-09-24 07:38 . 2014-09-24 07:38   --------   d-----w-   C:\0afba7a1ce7d5c34e6f84f
2014-09-24 05:50 . 2014-05-08 09:32   3178496   ----a-w-   c:\windows\system32\rdpcorets.dll
2014-09-24 05:50 . 2014-05-08 09:32   16384   ----a-w-   c:\windows\system32\RdpGroupPolicyExtension.dll
2014-09-23 03:57 . 2013-05-10 04:30   167424   ----a-w-   c:\program files\Windows Media Player\wmplayer.exe
2014-09-23 03:57 . 2013-05-10 03:48   164864   ----a-w-   c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-09-23 03:57 . 2013-05-10 05:56   12625920   ----a-w-   c:\windows\system32\wmploc.DLL
2014-09-23 03:57 . 2013-05-10 04:56   12625408   ----a-w-   c:\windows\SysWow64\wmploc.DLL
2014-09-23 03:57 . 2013-05-10 05:56   14631424   ----a-w-   c:\windows\system32\wmp.dll
2014-09-23 03:50 . 2014-09-24 18:00   --------   d-----w-   c:\windows\Migration
2014-09-23 03:38 . 2012-07-26 04:47   2560   ----a-w-   c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2014-09-23 03:35 . 2012-08-23 14:10   19456   ----a-w-   c:\windows\system32\drivers\rdpvideominiport.sys
2014-09-23 03:35 . 2012-08-23 11:12   192000   ----a-w-   c:\windows\SysWow64\rdpendp_winip.dll
2014-09-23 03:35 . 2012-08-23 14:13   243200   ----a-w-   c:\windows\system32\rdpudd.dll
2014-09-23 03:35 . 2012-08-23 10:51   228864   ----a-w-   c:\windows\system32\rdpendp_winip.dll
2014-09-23 03:29 . 2012-07-26 02:26   87040   ----a-w-   c:\windows\system32\drivers\WUDFPf.sys
2014-09-23 03:29 . 2012-07-26 02:26   198656   ----a-w-   c:\windows\system32\drivers\WUDFRd.sys
2014-09-23 03:29 . 2012-07-26 03:08   84992   ----a-w-   c:\windows\system32\WUDFSvc.dll
2014-09-23 03:29 . 2012-07-26 03:08   194048   ----a-w-   c:\windows\system32\WUDFPlatform.dll
2014-09-23 03:29 . 2012-07-26 03:08   229888   ----a-w-   c:\windows\system32\WUDFHost.exe
2014-09-23 03:29 . 2012-07-26 03:08   744448   ----a-w-   c:\windows\system32\WUDFx.dll
2014-09-23 03:29 . 2012-07-26 03:08   45056   ----a-w-   c:\windows\system32\WUDFCoinstaller.dll
2014-09-23 03:25 . 2014-06-27 02:08   2777088   ----a-w-   c:\windows\system32\msmpeg2vdec.dll
2014-09-23 03:25 . 2014-06-27 01:45   2285056   ----a-w-   c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-23 03:22 . 2011-05-04 05:25   2315776   ----a-w-   c:\windows\system32\tquery.dll
2014-09-23 03:20 . 2013-12-04 02:16   658432   ----a-w-   c:\windows\system32\RMActivate_isv.exe
2014-09-23 03:19 . 2012-12-07 10:46   45568   ----a-w-   c:\windows\SysWow64\oflc-nz.rs
2014-09-23 03:18 . 2014-07-09 02:03   7168   ----a-w-   c:\windows\system32\KBDTAT.DLL
2014-09-23 03:17 . 2012-10-03 17:44   246272   ----a-w-   c:\windows\system32\netcorehc.dll
2014-09-23 03:17 . 2012-10-03 17:44   216576   ----a-w-   c:\windows\system32\ncsi.dll
2014-09-23 03:17 . 2012-10-03 17:42   569344   ----a-w-   c:\windows\system32\iphlpsvc.dll
2014-09-23 03:17 . 2012-10-03 16:42   156672   ----a-w-   c:\windows\SysWow64\ncsi.dll
2014-09-23 03:17 . 2012-10-03 17:44   70656   ----a-w-   c:\windows\system32\nlaapi.dll
2014-09-23 03:17 . 2012-10-03 17:44   303104   ----a-w-   c:\windows\system32\nlasvc.dll
2014-09-23 03:17 . 2012-10-03 17:44   18944   ----a-w-   c:\windows\system32\netevent.dll
2014-09-23 03:17 . 2012-10-03 16:42   18944   ----a-w-   c:\windows\SysWow64\netevent.dll
2014-09-23 03:17 . 2012-10-03 16:42   175104   ----a-w-   c:\windows\SysWow64\netcorehc.dll
2014-09-23 03:17 . 2012-10-03 16:07   45568   ----a-w-   c:\windows\system32\drivers\tcpipreg.sys
2014-09-23 03:17 . 2012-01-13 07:12   52224   ----a-w-   c:\windows\SysWow64\nlaapi.dll
2014-09-23 03:17 . 2012-01-04 10:44   509952   ----a-w-   c:\windows\system32\ntshrui.dll
2014-09-23 03:17 . 2012-01-04 08:58   442880   ----a-w-   c:\windows\SysWow64\ntshrui.dll
2014-09-23 03:16 . 2014-01-24 02:37   1684928   ----a-w-   c:\windows\system32\drivers\ntfs.sys
2014-09-23 03:16 . 2014-08-01 11:53   1031168   ----a-w-   c:\windows\system32\TSWorkspace.dll
2014-09-23 03:16 . 2014-08-01 11:35   793600   ----a-w-   c:\windows\SysWow64\TSWorkspace.dll
2014-09-23 03:16 . 2012-10-09 18:17   55296   ----a-w-   c:\windows\system32\dhcpcsvc6.dll
2014-09-23 03:16 . 2012-10-09 18:17   226816   ----a-w-   c:\windows\system32\dhcpcore6.dll
2014-09-23 03:16 . 2012-10-09 17:40   44032   ----a-w-   c:\windows\SysWow64\dhcpcsvc6.dll
2014-09-23 03:16 . 2012-10-09 17:40   193536   ----a-w-   c:\windows\SysWow64\dhcpcore6.dll
2014-09-23 03:16 . 2013-07-04 12:57   259584   ----a-w-   c:\windows\system32\WebClnt.dll
2014-09-23 03:16 . 2013-07-04 12:50   102400   ----a-w-   c:\windows\system32\davclnt.dll
2014-09-23 03:16 . 2013-07-04 11:57   205824   ----a-w-   c:\windows\SysWow64\WebClnt.dll
2014-09-23 03:16 . 2013-07-04 11:51   81920   ----a-w-   c:\windows\SysWow64\davclnt.dll
2014-09-23 03:16 . 2013-07-04 10:11   140800   ----a-w-   c:\windows\system32\drivers\mrxdav.sys
2014-09-23 03:15 . 2013-05-10 05:49   30720   ----a-w-   c:\windows\system32\cryptdlg.dll
2014-09-23 03:15 . 2013-05-10 03:20   24576   ----a-w-   c:\windows\SysWow64\cryptdlg.dll
2014-09-23 03:15 . 2012-08-22 18:12   950128   ----a-w-   c:\windows\system32\drivers\ndis.sys
2014-09-23 03:15 . 2012-07-04 20:26   41472   ----a-w-   c:\windows\system32\drivers\RNDISMP.sys
2014-09-23 03:15 . 2014-02-04 02:32   1424384   ----a-w-   c:\windows\system32\WindowsCodecs.dll
2014-09-23 03:15 . 2014-02-04 02:04   1230336   ----a-w-   c:\windows\SysWow64\WindowsCodecs.dll
2014-09-23 03:15 . 2012-08-21 21:01   245760   ----a-w-   c:\windows\system32\OxpsConverter.exe
2014-09-23 03:15 . 2014-01-28 02:32   228864   ----a-w-   c:\windows\system32\wwansvc.dll
2014-09-23 03:15 . 2013-03-19 05:53   48640   ----a-w-   c:\windows\system32\wwanprotdim.dll
2014-09-23 03:15 . 2013-01-24 06:01   223752   ----a-w-   c:\windows\system32\drivers\fvevol.sys
2014-09-23 03:15 . 2014-06-25 02:05   14175744   ----a-w-   c:\windows\system32\shell32.dll
2014-09-23 03:13 . 2011-02-18 10:51   31232   ----a-w-   c:\windows\system32\prevhost.exe
2014-09-23 03:13 . 2011-02-18 05:39   31232   ----a-w-   c:\windows\SysWow64\prevhost.exe
2014-09-23 03:13 . 2012-05-05 08:36   503808   ----a-w-   c:\windows\system32\srcore.dll
2014-09-23 03:13 . 2012-05-05 07:46   43008   ----a-w-   c:\windows\SysWow64\srclient.dll
2014-09-23 02:53 . 2013-08-28 01:12   461312   ----a-w-   c:\windows\system32\scavengeui.dll
2014-09-22 01:13 . 2014-09-22 01:13   --------   d-----w-   c:\users\albert60\AppData\Roaming\InstallShield
2014-09-22 00:26 . 2014-09-25 09:49   --------   d-----w-   c:\users\albert60\AppData\Roaming\Systweak
2014-09-20 23:40 . 2014-08-18 21:56   940032   ----a-w-   c:\windows\system32\MsSpellCheckingFacility.exe
2014-09-20 22:57 . 2013-11-22 22:48   3928064   ----a-w-   c:\windows\system32\d2d1.dll
2014-09-20 22:57 . 2013-11-26 08:16   3419136   ----a-w-   c:\windows\SysWow64\d2d1.dll
2014-09-20 06:07 . 2014-09-27 02:29   --------   d-----w-   c:\program files (x86)\File Download ActiveX
2014-09-20 04:29 . 2014-09-24 20:09   --------   d-----w-   c:\users\albert60\AppData\Local\ElevatedDiagnostics
2014-09-20 02:56 . 2014-09-20 02:56   --------   d-sh--w-   c:\users\albert60\AppData\Local\EmieUserList
2014-09-20 02:56 . 2014-09-20 02:56   --------   d-sh--w-   c:\users\albert60\AppData\Local\EmieSiteList
2014-09-20 02:03 . 2013-10-15 01:00   28368   ----a-w-   c:\windows\system32\IEUDINIT.EXE
2014-09-20 01:51 . 2014-09-20 01:51   859648   ----a-w-   c:\windows\system32\tdh.dll
2014-09-20 01:51 . 2014-09-20 01:51   878080   ----a-w-   c:\windows\system32\advapi32.dll
2014-09-20 01:51 . 2014-09-20 01:51   1732032   ----a-w-   c:\windows\system32\ntdll.dll
2014-09-20 01:51 . 2014-09-20 01:51   640512   ----a-w-   c:\windows\SysWow64\advapi32.dll
2014-09-20 01:51 . 2014-09-20 01:51   619520   ----a-w-   c:\windows\SysWow64\tdh.dll
2014-09-20 01:51 . 2014-09-20 01:51   1292192   ----a-w-   c:\windows\SysWow64\ntdll.dll
2014-09-20 01:49 . 2014-09-20 01:49   327168   ----a-w-   c:\windows\system32\mswsock.dll
2014-09-20 01:49 . 2014-09-20 01:49   231424   ----a-w-   c:\windows\SysWow64\mswsock.dll
2014-09-20 01:42 . 2014-09-20 01:42   1887232   ----a-w-   c:\windows\system32\d3d11.dll
2014-09-20 01:42 . 2014-09-20 01:42   1505280   ----a-w-   c:\windows\SysWow64\d3d11.dll
2014-09-20 00:35 . 2014-03-09 21:48   171160   ----a-w-   c:\windows\system32\infocardapi.dll
2014-09-20 00:35 . 2014-03-09 21:48   1389208   ----a-w-   c:\windows\system32\icardagt.exe
2014-09-20 00:35 . 2014-03-09 21:47   99480   ----a-w-   c:\windows\SysWow64\infocardapi.dll
2014-09-20 00:35 . 2014-03-09 21:47   619672   ----a-w-   c:\windows\SysWow64\icardagt.exe
2014-09-20 00:35 . 2014-06-30 22:24   8856   ----a-w-   c:\windows\system32\icardres.dll
2014-09-20 00:35 . 2014-06-30 22:14   8856   ----a-w-   c:\windows\SysWow64\icardres.dll
2014-09-20 00:34 . 2014-06-06 06:16   35480   ----a-w-   c:\windows\SysWow64\TsWpfWrp.exe
2014-09-20 00:34 . 2014-06-06 06:12   35480   ----a-w-   c:\windows\system32\TsWpfWrp.exe
2014-09-19 23:57 . 2013-07-04 12:50   633856   ----a-w-   c:\windows\system32\comctl32.dll
2014-09-19 23:57 . 2013-07-04 11:50   530432   ----a-w-   c:\windows\SysWow64\comctl32.dll
2014-09-19 23:57 . 2013-07-09 05:52   224256   ----a-w-   c:\windows\system32\wintrust.dll
2014-09-19 23:57 . 2013-07-09 04:52   175104   ----a-w-   c:\windows\SysWow64\wintrust.dll
2014-09-19 23:55 . 2014-06-03 10:02   1719296   ----a-w-   c:\program files\Windows Journal\NBDoc.DLL
2014-09-19 23:55 . 2014-06-03 10:02   1389568   ----a-w-   c:\program files\Windows Journal\JNWDRV.dll
2014-09-19 23:55 . 2014-06-03 10:02   1380864   ----a-w-   c:\program files\Windows Journal\JNTFiltr.dll
2014-09-19 23:55 . 2014-06-03 10:02   1354240   ----a-w-   c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-09-19 23:55 . 2014-06-03 09:29   936960   ----a-w-   c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-09-19 23:55 . 2014-04-25 02:34   801280   ----a-w-   c:\windows\system32\usp10.dll
2014-09-19 23:55 . 2014-04-25 02:06   626688   ----a-w-   c:\windows\SysWow64\usp10.dll
2014-09-19 23:53 . 2014-03-26 14:44   2002432   ----a-w-   c:\windows\system32\msxml6.dll
2014-09-19 23:52 . 2013-11-27 01:41   99840   ----a-w-   c:\windows\system32\drivers\usbccgp.sys
2014-09-19 23:51 . 2014-07-16 03:23   2048   ----a-w-   c:\windows\system32\tzres.dll
2014-09-19 23:50 . 2010-12-23 10:42   1118720   ----a-w-   c:\windows\system32\sbe.dll
2014-09-19 23:50 . 2010-12-23 10:42   961024   ----a-w-   c:\windows\system32\CPFilters.dll
2014-09-19 23:50 . 2010-12-23 05:54   642048   ----a-w-   c:\windows\SysWow64\CPFilters.dll
2014-09-19 23:50 . 2010-12-23 10:36   259072   ----a-w-   c:\windows\system32\mpg2splt.ax
2014-09-19 23:50 . 2010-12-23 05:54   850944   ----a-w-   c:\windows\SysWow64\sbe.dll
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-01 00:50 . 2014-07-16 09:19   122584   ----a-w-   c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-19 05:38 . 2009-07-14 02:36   152576   ----a-w-   c:\windows\SysWow64\msclmd.dll
2014-09-19 05:38 . 2009-07-14 02:36   175616   ----a-w-   c:\windows\system32\msclmd.dll
2014-09-17 00:11 . 2014-07-16 09:28   736952   ----a-w-   c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2014-09-17 00:11 . 2014-07-16 09:28   2876528   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2014-09-17 00:11 . 2014-07-16 09:28   42168   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2014-09-17 00:11 . 2014-07-16 09:28   539984   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-09-15 16:06 . 2014-07-16 09:00   278152   ------w-   c:\windows\system32\MpSigStub.exe
2014-08-21 04:45 . 2014-08-21 04:45   243480   ----a-w-   c:\windows\system32\drivers\avgldx64.sys
2014-08-07 04:39 . 2014-08-07 04:39   123672   ----a-w-   c:\windows\system32\drivers\avgmfx64.sys
2014-07-25 09:35 . 2014-07-25 09:35   875688   ----a-w-   c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 06:47 . 2014-07-25 06:47   869544   ----a-w-   c:\windows\system32\msvcr120_clr0400.dll
2014-07-24 21:06 . 2014-07-24 21:06   247576   ----a-w-   c:\windows\system32\drivers\avgidsdrivera.sys
2014-07-18 22:53 . 2014-07-18 22:53   313624   ----a-w-   c:\windows\system32\drivers\avgloga.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-09 39408]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-09-26 6482200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-15 98304]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-02-23 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-12-25 34160]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840]
"TSleepSrv"="c:\program files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe" [2010-03-17 252728]
"NortonOnlineBackupReminder"="c:\program files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" [2009-08-10 529256]
"AVG_UI"="c:\program files (x86)\AVG\AVG2015\avgui.exe" [2014-09-05 3593744]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe

R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys

R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys

R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys

S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys

S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys

S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys;c:\windows\SYSNATIVE\DRIVERS\thpdrv.sys

S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS;c:\windows\SYSNATIVE\DRIVERS\Thpevm.SYS

S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys

S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe

S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2015\avgfws.exe;c:\program files (x86)\AVG\AVG2015\avgfws.exe

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe

S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys

S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys

S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe

.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
.
Contents of the 'Scheduled Tasks' folder
.
2014-10-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-17 09:46]
.
2014-09-27 c:\windows\Tasks\DriverUpdate Scan.job
- c:\program files (x86)\DriverUpdate\DriverUpdate.exe [2014-09-11 15:13]
.
2014-10-01 c:\windows\Tasks\DriverUpdate Startup.job
- c:\program files (x86)\DriverUpdate\DriverUpdate.exe [2014-09-11 15:13]
.
2014-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-16 09:16]
.
2014-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-16 09:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-20 10134560]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-20 896032]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976]
"TosWaitSrv"="c:\program files\TOSHIBA\TPHM\TosWaitSrv.exe" [2010-02-24 705368]
"SmartFaceVWatcher"="c:\program files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [2009-10-20 238080]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
Trusted Zone: msn.games\zone
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
AddRemove-{1B9604EE-B104-45C8-8551-5F63BA631E23} - c:\programdata\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-09-30  21:07:50
ComboFix-quarantined-files.txt  2014-10-01 04:07
.
Pre-Run: 263,428,898,816 bytes free
Post-Run: 263,026,188,288 bytes free
.
- - End Of File - - D99C77EBE5E056C74CEEB81DECAA849D
5B5E648D12FCADC244C1EC30318E1EB9
able it temp.....

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27117
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] About msn free games and something with direct x
« Reply #29 on: October 01, 2014, 03:08:14 PM »
I have looked at your logs and I see a few things. First that application log only had one entry in it. Please try that one again.  Second, are you having any hardware issues, like a CD-ROM or when you are trying to turn the computer off? Have you disabled the UPnP Host?

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!