Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: All Scan Menu Items Italicised

  1. #1
    Junior Member
    Join Date
    Nov 2005
    Posts
    23

    Cool

    At the advice of Zenobia in another forum located at (edited out) am posting my problems here. I quick review of that link should bring you up to speed on my problem.

    As per instructions in the sticky, I'm attaching the three requested files for analysis: dds, attach, and aswMBR

    Attachment 10514

    Attachment 10515

    Attachment 10516

    I messed up the link.

    It should be http://forums.spybot.info/showthread...529#post439529 or (edited out)


    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16537
    Run by paulmhine at 22:05:43 on 2013-04-11
    Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.6032.4107 [GMT -7:00]
    .
    AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}
    SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files\Webroot\WRSA.exe
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\dwm.exe
    C:\Program Files\Classic Shell\ClassicShellService.exe
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\windows\system32\taskhostex.exe
    C:\Program Files\Classic Shell\ClassicStartMenu.exe
    C:\windows\Explorer.EXE
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
    C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
    C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
    C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
    C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
    C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
    C:\windows\system32\dashost.exe
    C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
    C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
    C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    C:\Program Files (x86)\Samsung\Settings\sSettings.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\windows\system32\igfxext.exe
    C:\Program Files\Webroot\WRSA.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
    C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    C:\windows\system32\SearchIndexer.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
    C:\Program Files\RFA 9\rfagent64.exe
    C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
    C:\Windows\System32\hkcmd.exe
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\System32\RuntimeBroker.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
    C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
    C:\Users\paulmhine\AppData\Local\Plaxo\3.35.0.5\PlaxoHelper_en.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
    C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
    C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
    C:\Program Files (x86)\TimeLeft3\TimeLeft.exe
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
    C:\Program Files\Samsung\S Agent\CommonAgent.exe
    C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\windows\system32\SearchProtocolHost.exe
    C:\windows\explorer.exe
    C:\windows\system32\vssvc.exe
    C:\windows\System32\svchost.exe -k swprv
    C:\Program Files\Windows Defender\MpCmdRun.exe
    C:\windows\system32\SearchFilterHost.exe
    C:\windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uLocal Page = C:\Program Files (x86)\gsak\BLANK.HTM
    uSearch Bar = hxxp://www.google.com/ie
    uSearch Page = hxxp://www.google.com
    uDefault_Page_URL = hxxp://samsung13.msn.com
    uDefault_Search_URL = hxxp://www.google.com/ie
    mLocal Page = C:\Program Files (x86)\gsak\BLANK.HTM
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mWinlogon: Userinit = userinit.exe
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
    BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
    BHO: ClassicIE9BHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
    uRun: [FileHippo.com] "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
    uRun: [PlaxoUpdate] C:\Users\paulmhine\AppData\Local\Plaxo\3.35.0.5\PlaxoHelper_en.exe -a
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    mRun: [Intel AppUp(R) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
    mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
    mRun: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    mRun: [ACSW14EN] "C:\Program Files (x86)\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe" /pid ACSW14EN
    mRun: ["C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe"] "C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe"
    mRun: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
    mRun: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    StartupFolder: C:\Users\PAULMH~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
    StartupFolder: C:\Users\paulmhine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mlord_paul - Yahoo! Mail.url
    StartupFolder: C:\Users\PAULMH~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\TimeLeft.lnk - C:\Program Files (x86)\TimeLeft3\TimeLeft.exe
    mPolicies-System: PromptOnSecureDesktop = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: DisableCAD = dword:1
    IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
    IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
    IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    TCP: NameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{CB24BDFD-5009-4BA7-B1BC-C6ECD3744C65} : DHCPNameServer = 209.18.47.61 209.18.47.62
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    Notify: SDWinLogon - SDWinLogon.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-mLocal Page = C:\Program Files (x86)\gsak\BLANK.HTM
    x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
    x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-BHO: ClassicIE9BHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll
    x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
    x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
    x64-Run: [BtTray] "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
    x64-Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
    x64-Run: [rfagent] "C:\Program Files\RFA 9\rfagent64.exe"
    x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
    x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /S3HpProtect
    x64-mPolicies-System: PromptOnSecureDesktop = dword:0
    x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    x64-mPolicies-System: DisableCAD = dword:1
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
    x64-IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
    x64-IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
    x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    .
    INFO: x64-HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\paulmhine\AppData\Roaming\Mozilla\Firefox\Profiles\enl8y8qu.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll
    FF - plugin: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
    FF - plugin: C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
    FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\windows\SysWOW64\npmproxy.dll
    FF - ExtSQL: 2013-03-30 12:11; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF - ExtSQL: 2013-04-08 11:04; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 WRkrn;WRkrn;C:\windows\System32\Drivers\WRkrn.sys [2013-1-20 112104]
    R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2013/01/24 21:39:39];C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-10-4 147704]
    R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-8-10 211584]
    R2 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2013-3-22 168536]
    R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-1-24 90640]
    R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-1-24 78352]
    R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-1-24 295440]
    R2 Easy Launcher;Easy Launcher;C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [2012-10-19 1593976]
    R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-3-27 185688]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-19 635104]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-11-18 165760]
    R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-1-24 83704]
    R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-3-6 39056]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-4-11 1103392]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-4-11 1369624]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-4-11 168384]
    R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-3-19 3289208]
    R2 SWUpdateService;SW Update Service;C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2013-3-14 2912304]
    R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-1-24 3560288]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-18 364416]
    R2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2013-1-20 729528]
    R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-8-10 323584]
    R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\windows\System32\Drivers\btath_flt.sys [2012-11-18 88728]
    R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\Drivers\btath_a2dp.sys [2012-11-18 344216]
    R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\windows\System32\Drivers\btath_avdt.sys [2012-11-18 114840]
    R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\windows\System32\Drivers\btath_bus.sys [2012-11-18 33944]
    R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\Drivers\btath_hcrp.sys [2012-11-18 178840]
    R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\Drivers\btath_lwflt.sys [2012-11-18 76952]
    R3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\Drivers\btath_rcp.sys [2012-11-18 135832]
    R3 BtFilter;BtFilter;C:\windows\System32\Drivers\btfilter.sys [2012-11-18 567808]
    R3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
    R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\Drivers\IntcDAud.sys [2012-6-18 342528]
    R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2012-11-18 683664]
    R3 WSDScan;WSD Scan Support;C:\windows\System32\Drivers\WSDScan.sys [2013-1-20 23552]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
    S3 CompFilter64;UVCCompositeFilter;C:\windows\System32\Drivers\lvbflt64.sys [2012-10-26 26784]
    S3 LVRS64;Logitech RightSound Filter Driver;C:\windows\System32\Drivers\lvrs64.sys [2012-10-26 351520]
    S3 LVUVC64;@oem25.inf,%PID_0826_DD%(UVC);Logitech HD Webcam C525(UVC);C:\windows\System32\Drivers\lvuvc64.sys [2012-10-26 4758176]
    .
    =============== Created Last 30 ================
    .
    2013-04-12 04:44:59 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0A9D929F-6A94-47EB-A69A-193644E51EEF}\mpengine.dll
    2013-04-11 20:41:24 206000 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10198.bin
    2013-04-11 16:22:04 17272 ----a-w- C:\windows\System32\sdnclean64.exe
    2013-04-11 16:11:59 817664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
    2013-04-11 16:10:51 4041728 ----a-w- C:\windows\System32\win32k.sys
    2013-04-11 16:10:45 6991592 ----a-w- C:\windows\System32\ntoskrnl.exe
    2013-04-11 16:10:19 1011200 ----a-w- C:\windows\System32\reseteng.dll
    2013-04-11 16:10:18 375808 ----a-w- C:\windows\SysWow64\ReAgent.dll
    2013-04-11 16:07:11 282744 ------w- C:\windows\System32\MpSigStub.exe
    2013-04-09 15:52:01 -------- d-----w- C:\Program Files\Classic Shell
    2013-04-03 17:52:35 -------- d-----w- C:\Users\paulmhine\AppData\Local\Sony Online Entertainment
    2013-04-02 16:09:33 26520 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-hang-ui.exe
    2013-04-02 16:09:33 263064 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
    2013-04-02 16:06:13 -------- d-----w- C:\windows\pss
    2013-04-02 14:09:52 4550656 ----a-w- C:\windows\SysWow64\GPhotos.scr
    2013-03-30 19:11:01 -------- d-----w- C:\Program Files (x86)\RealNetworks
    2013-03-30 19:10:00 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
    2013-03-30 18:01:15 -------- d-----w- C:\Users\paulmhine\AppData\Local\Garmin
    2013-03-30 17:55:56 20992 ----a-w- C:\windows\System32\drivers\usb8023.sys
    2013-03-30 17:54:00 -------- d-----w- C:\ProgramData\Package Cache
    2013-03-22 23:00:02 5664768 ----a-w- C:\ProgramData\Microsoft\BingDesktop\Updater\BingDesktop.msi
    2013-03-20 05:30:46 6066296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
    2013-03-14 08:00:04 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
    2013-03-13 06:32:24 10115072 ----a-w- C:\windows\System32\twinui.dll
    2013-03-13 06:32:23 8856576 ----a-w- C:\windows\SysWow64\twinui.dll
    2013-03-13 06:32:22 754176 ----a-w- C:\windows\SysWow64\actxprxy.dll
    2013-03-13 06:32:22 69864 ----a-w- C:\windows\System32\drivers\pdc.sys
    2013-03-13 06:32:22 2302464 ----a-w- C:\windows\System32\authui.dll
    2013-03-13 06:32:22 2146816 ----a-w- C:\windows\System32\actxprxy.dll
    2013-03-13 06:32:22 2033664 ----a-w- C:\windows\SysWow64\authui.dll
    2013-03-13 06:32:01 53760 ----a-w- C:\windows\System32\UXInit.dll
    2013-03-13 06:32:01 44032 ----a-w- C:\windows\SysWow64\UXInit.dll
    2013-03-13 06:29:25 622080 ----a-w- C:\windows\System32\drivers\srv2.sys
    2013-03-13 06:29:25 370688 ----a-w- C:\windows\System32\drivers\mrxsmb.sys
    2013-03-13 06:29:24 247808 ----a-w- C:\windows\System32\drivers\srvnet.sys
    2013-03-13 06:29:24 215552 ----a-w- C:\windows\System32\drivers\mrxsmb20.sys
    2013-03-13 06:29:18 1690624 ----a-w- C:\windows\System32\GdiPlus.dll
    2013-03-13 06:29:18 1437184 ----a-w- C:\windows\SysWow64\GdiPlus.dll
    .
    ==================== Find3M ====================
    .
    2013-04-04 21:50:32 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
    2013-04-02 22:08:01 78176 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-04-02 22:08:01 692576 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
    2013-03-30 19:09:47 499712 ----a-w- C:\windows\SysWow64\msvcp71.dll
    2013-03-30 17:49:05 150160 ----a-w- C:\windows\SysWow64\WRusr.dll
    2013-03-30 17:49:05 112104 ----a-w- C:\windows\System32\drivers\WRkrn.sys
    2013-03-30 17:49:05 102280 ----a-w- C:\windows\System32\WRusr.dll
    2013-03-05 16:46:13 108448 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll
    2013-03-05 16:46:12 963488 ----a-w- C:\windows\System32\deployJava1.dll
    2013-03-05 16:46:12 1085344 ----a-w- C:\windows\System32\npDeployJava1.dll
    2013-03-02 08:22:18 361984 ----a-w- C:\windows\SysWow64\MFMediaEngine.dll
    2013-03-02 02:44:30 468992 ----a-w- C:\windows\System32\MFMediaEngine.dll
    2013-02-22 00:59:08 2063240 ----a-w- C:\ProgramData\MakeMarkerFile.exe
    2013-02-21 10:30:16 1766912 ----a-w- C:\windows\SysWow64\wininet.dll
    2013-02-21 10:29:39 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll
    2013-02-21 10:29:37 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
    2013-02-21 10:29:37 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
    2013-02-21 10:15:07 2240512 ----a-w- C:\windows\System32\wininet.dll
    2013-02-21 10:15:00 915968 ----a-w- C:\windows\System32\uxtheme.dll
    2013-02-21 10:14:09 3958784 ----a-w- C:\windows\System32\jscript9.dll
    2013-02-21 10:14:05 136704 ----a-w- C:\windows\System32\iesysprep.dll
    2013-02-19 09:53:00 534528 ----a-w- C:\windows\SysWow64\uxtheme.dll
    2013-02-15 07:58:59 39936 ----a-w- C:\windows\apppatch\apppatch64\acspecfc.dll
    2013-02-15 06:35:40 444416 ----a-w- C:\windows\apppatch\AcSpecfc.dll
    2013-02-02 11:19:44 496872 ----a-w- C:\windows\System32\drivers\usbhub.sys
    2013-02-02 11:19:44 446184 ----a-w- C:\windows\System32\drivers\USBHUB3.SYS
    2013-02-02 11:19:41 329960 ----a-w- C:\windows\System32\drivers\storport.sys
    2013-02-02 11:19:33 61672 ----a-w- C:\windows\System32\drivers\crashdmp.sys
    2013-02-02 10:54:54 1933544 ----a-w- C:\windows\System32\drivers\ntfs.sys
    2013-02-02 10:28:54 993512 ----a-w- C:\windows\System32\drivers\ndis.sys
    2013-02-02 10:28:54 2226408 ----a-w- C:\windows\System32\drivers\tcpip.sys
    2013-02-02 09:42:07 2207232 ----a-w- C:\windows\SysWow64\PrintConfig.dll
    2013-02-02 08:40:58 375808 ----a-w- C:\windows\SysWow64\wbem\WmiPrvSE.exe
    2013-02-02 08:40:55 80896 ----a-w- C:\windows\SysWow64\tasklist.exe
    2013-02-02 08:40:55 79360 ----a-w- C:\windows\SysWow64\taskkill.exe
    2013-02-02 08:40:36 155136 ----a-w- C:\windows\SysWow64\XpsRasterService.dll
    2013-02-02 08:40:35 370688 ----a-w- C:\windows\SysWow64\WWanAPI.dll
    2013-02-02 08:40:27 131072 ----a-w- C:\windows\SysWow64\wbem\WmiDcPrv.dll
    2013-02-02 08:40:26 410624 ----a-w- C:\windows\SysWow64\wlroamextension.dll
    2013-02-02 08:40:22 197632 ----a-w- C:\windows\SysWow64\Windows.Networking.Connectivity.dll
    2013-02-02 08:40:22 10792448 ----a-w- C:\windows\SysWow64\Windows.UI.Xaml.dll
    2013-02-02 08:40:01 356352 ----a-w- C:\windows\SysWow64\SettingSync.dll
    2013-02-02 08:39:59 325632 ----a-w- C:\windows\SysWow64\schannel.dll
    2013-02-02 08:39:47 18432 ----a-w- C:\windows\SysWow64\npmproxy.dll
    2013-02-02 08:39:34 55296 ----a-w- C:\windows\SysWow64\nlaapi.dll
    2013-02-02 08:39:34 15872 ----a-w- C:\windows\SysWow64\nlmproxy.dll
    2013-02-02 08:39:34 12288 ----a-w- C:\windows\SysWow64\nlmsprep.dll
    2013-02-02 08:39:33 115712 ----a-w- C:\windows\SysWow64\netprofm.dll
    2013-02-02 08:39:28 5090816 ----a-w- C:\windows\SysWow64\mstscax.dll
    2013-02-02 08:39:15 157696 ----a-w- C:\windows\SysWow64\mbsmsapi.dll
    2013-02-02 08:38:54 567808 ----a-w- C:\windows\SysWow64\duser.dll
    2013-02-02 08:24:19 107520 ----a-w- C:\windows\System32\taskkill.exe
    2013-02-02 08:24:19 102400 ----a-w- C:\windows\System32\tasklist.exe
    2013-02-02 08:23:44 228352 ----a-w- C:\windows\System32\XpsRasterService.dll
    2013-02-02 08:23:43 475136 ----a-w- C:\windows\System32\WWanAPI.dll
    2013-02-02 08:23:37 611840 ----a-w- C:\windows\System32\wpd_ci.dll
    2013-02-02 08:23:37 105472 ----a-w- C:\windows\System32\wpdbusenum.dll
    2013-02-02 08:23:30 830464 ----a-w- C:\windows\System32\wbem\WmiPrvSD.dll
    2013-02-02 08:23:28 543232 ----a-w- C:\windows\System32\wlroamextension.dll
    2013-02-02 08:23:21 13643264 ----a-w- C:\windows\System32\Windows.UI.Xaml.dll
    2013-02-02 08:23:19 293376 ----a-w- C:\windows\System32\Windows.Networking.Connectivity.dll
    2013-02-02 08:23:18 731648 ----a-w- C:\windows\System32\win32spl.dll
    2013-02-02 08:23:16 87552 ----a-w- C:\windows\System32\wersvc.dll
    2013-02-02 08:22:28 448512 ----a-w- C:\windows\System32\SettingSync.dll
    2013-02-02 08:22:22 416256 ----a-w- C:\windows\System32\schannel.dll
    2013-02-02 08:21:45 467456 ----a-w- C:\windows\System32\netprofmsvc.dll
    2013-02-02 08:21:44 385024 ----a-w- C:\windows\System32\ncsi.dll
    2013-02-02 08:21:38 5977600 ----a-w- C:\windows\System32\mstscax.dll
    2013-02-02 08:21:10 225280 ----a-w- C:\windows\System32\mbsmsapi.dll
    2013-02-02 08:20:47 260096 ----a-w- C:\windows\System32\hotspotauth.dll
    2013-02-02 08:20:31 729600 ----a-w- C:\windows\System32\duser.dll
    2013-02-02 07:25:52 297984 ----a-w- C:\windows\System32\drivers\ks.sys
    2013-02-02 07:25:26 82944 ----a-w- C:\windows\System32\drivers\hidclass.sys
    2013-02-02 07:25:23 37632 ----a-w- C:\windows\System32\drivers\BthAvrcpTg.sys
    2013-02-02 00:02:14 861088 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
    2013-02-02 00:02:14 782240 ----a-w- C:\windows\SysWow64\deployJava1.dll
    2013-01-29 01:57:05 35232 ----a-w- C:\windows\System32\drivers\WdBoot.sys
    2013-01-28 23:08:22 230904 ----a-w- C:\windows\System32\drivers\WdFilter.sys
    2013-01-25 20:53:36 255352 ----a-w- C:\windows\SysWow64\awrdscdc.ax
    2013-01-23 06:04:54 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll
    2013-01-21 04:28:58 9842040 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe
    2003-12-07 06:12:54 121856 --sha-w- C:\windows\SysWOW64\fpplock.exe
    .
    ============= FINISH: 22:06:46.76 ===============

    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2013-04-11 22:21:24
    -----------------------------
    22:21:24.226 OS Version: Windows x64 6.2.9200
    22:21:24.226 Number of processors: 4 586 0x3A09
    22:21:24.226 ComputerName: DRPAULMHINE-SAM UserName: paulmhine
    22:21:24.226 Initialze error 1
    22:22:13.604 AVAST engine defs: 13041101
    22:22:41.324 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000039
    22:22:41.324 Disk 0 Vendor: ST1000LM024_HN-M101MBB 2AR10002 Size: 953869MB BusType: 11
    22:22:41.355 Disk 0 MBR read successfully
    22:22:41.355 Disk 0 MBR scan
    22:22:41.371 Disk 0 unknown MBR code
    22:22:41.371 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
    22:22:41.371 Disk 0 scanning C:\windows\system32\drivers
    22:22:41.371 Service scanning
    22:22:42.090 Modules scanning
    22:22:42.090 Disk 0 trace - called modules:
    22:22:42.090 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll storahci.sys
    22:22:42.105 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800618b060]
    22:22:42.105 3 CLASSPNP.SYS[fffff88001af58aa] -> nt!IofCallDriver -> [0xfffffa8005ad8e40]
    22:22:42.105 5 ACPI.sys[fffff88001001a91] -> nt!IofCallDriver -> \Device\00000039[0xfffffa8005ada7f0]
    22:22:42.121 AVAST engine scan C:\windows
    22:22:42.121 AVAST engine scan C:\windows\system32
    22:22:42.121 AVAST engine scan C:\windows\system32\drivers
    22:22:42.121 AVAST engine scan C:\Users\paulmhine
    22:22:42.121 AVAST engine scan C:\ProgramData
    22:22:42.136 Scan finished successfully
    22:22:55.418 Disk 0 MBR has been saved successfully to "C:\Users\paulmhine\Desktop\MBR.dat"
    22:22:55.418 The log file has been saved successfully to "C:\Users\paulmhine\Desktop\aswMBR.txt"
    Last edited by tashi; 2013-04-13 at 08:41. Reason: Merged two posts, removed wrong link, duplicate link, copy pasted two logs into topic. ;-)
    In the beginning was the Shining One, Ptath, god of land, sea and space, on whom be all praise heaped, and countless prayers offered that he may return to his chosen race.

  2. #2
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    hi Ptath,

    Sorry for the delay. I did go back and scanned through your other post. I dont recognize any malware in the logs you posted. Somewhat limited running other software since you are running W8. Other than Spybot failing to run, do you have any of these potential signs of malware?

    Page redirection
    fraudulent software installs
    new desktop icons, new system tray icons
    popups, ads and various security type warnings
    Unable to start or update AV
    new processes asking for access via firewall
    your browser seems to have a mind of its own
    How Can I Reduce My Risk?

  3. #3
    Junior Member
    Join Date
    Nov 2005
    Posts
    23

    Default

    Quote Originally Posted by shelf life View Post
    hi Ptath,

    Sorry for the delay. I did go back and scanned through your other post. I dont recognize any malware in the logs you posted. Somewhat limited running other software since you are running W8. Other than Spybot failing to run, do you have any of these potential signs of malware?

    Page redirection
    fraudulent software installs
    new desktop icons, new system tray icons
    popups, ads and various security type warnings
    Unable to start or update AV
    new processes asking for access via firewall
    your browser seems to have a mind of its own
    Actually, I have not noticed any of the above items occurring.
    In the beginning was the Shining One, Ptath, god of land, sea and space, on whom be all praise heaped, and countless prayers offered that he may return to his chosen race.

  4. #4
    Junior Member
    Join Date
    Nov 2005
    Posts
    23

    Wink Additional Information

    Quote Originally Posted by Ptath View Post
    Actually, I have not noticed any of the above items occurring.
    I've remembered something ... and just confirmed it this morning ...

    When I play a video, U-Tube type, or something embedded in a Facebook thread, the video and sound play fine. However, when I hit pause, the button changes and the video pauses, but the sound continues on ... even though I switch out to different pages. The only way to stop the sound is to get out of the U-Tube or Facebook tab completely.
    In the beginning was the Shining One, Ptath, god of land, sea and space, on whom be all praise heaped, and countless prayers offered that he may return to his chosen race.

  5. #5
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    We will get a download to use:

    Download Roguekiller to your desktop.
    Double click to start
    For Vista or Windows 7,8 right-click and select run as Admin
    A Prescan will start automatically, once it has finished click Scan
    Once the scan is done a report.txt will be on your desktop.
    Exit Rougekiller by going to File>Quit.
    copy/paste the RKreport saved to your deskTop.

    The flashplayer problem, is that reproducible in both IE and Firefox?
    How Can I Reduce My Risk?

  6. #6
    Junior Member
    Join Date
    Nov 2005
    Posts
    23

    Thumbs up Downloaded

    Quote Originally Posted by shelf life View Post
    We will get a download to use:

    Download Roguekiller to your desktop.
    Double click to start
    For Vista or Windows 7,8 right-click and select run as Admin
    A Prescan will start automatically, once it has finished click Scan
    Once the scan is done a report.txt will be on your desktop.
    Exit Rougekiller by going to File>Quit.
    copy/paste the RKreport saved to your deskTop.

    The flashplayer problem, is that reproducible in both IE and Firefox?
    I downloaded the program and ran it. What would you like me to do now?

    Also, I tried videos in Facebook using Firefox and it asked me to install Flash Player 11. I did so, and the video played fine, and the video problem in IE disappeared
    In the beginning was the Shining One, Ptath, god of land, sea and space, on whom be all praise heaped, and countless prayers offered that he may return to his chosen race.

  7. #7
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    You can copy/paste the RK[1] log into your next reply. Should be on your desktop.
    How Can I Reduce My Risk?

  8. #8
    Junior Member
    Join Date
    Nov 2005
    Posts
    23

    Talking Attached files

    Quote Originally Posted by shelf life View Post
    You can copy/paste the RK[1] log into your next reply. Should be on your desktop.
    I think this is what you want. I've also uploaded a log file from the Quarantine folder just in case.

    Attachment 10557

    Attachment 10558
    In the beginning was the Shining One, Ptath, god of land, sea and space, on whom be all praise heaped, and countless prayers offered that he may return to his chosen race.

  9. #9
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    Thanks for the info. look in your add/remove programs panel and uninstall these one by one if they are listed. Toolbars can be resource hogs as well as have privacy concerns:

    Plaxo
    Plaxo toolbar
    Plaxo updater
    Plaxo helper

    After the uninstall(s) reboot your machine.

    Next: rerun Rougekiller like you did before and this time after the scan is finished click on the delete button. There should be another RK[2] log on your desktop which you can copy/paste in your reply.
    How Can I Reduce My Risk?

  10. #10
    Junior Member
    Join Date
    Nov 2005
    Posts
    23

    Arrow

    Quote Originally Posted by shelf life View Post
    Thanks for the info. look in your add/remove programs panel and uninstall these one by one if they are listed. Toolbars can be resource hogs as well as have privacy concerns:

    Plaxo
    Plaxo toolbar
    Plaxo updater
    Plaxo helper

    After the uninstall(s) reboot your machine.

    Next: rerun Rougekiller like you did before and this time after the scan is finished click on the delete button. There should be another RK[2] log on your desktop which you can copy/paste in your reply.
    Did as suggested. Here's the log:

    Attachment 10559

    All five Spybot scan menu items are still italicized.
    In the beginning was the Shining One, Ptath, god of land, sea and space, on whom be all praise heaped, and countless prayers offered that he may return to his chosen race.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •