1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Odd Virus taking 95% of my Bandwidth and Slowing my System down

Discussion in 'Virus & Other Malware Removal' started by Ebonyknight, Dec 21, 2012.

Thread Status:
Not open for further replies.
  1. Ebonyknight

    Ebonyknight Thread Starter

    Joined:
    Dec 21, 2012
    Messages:
    2
    Hello, first off I would just like to say Thank you to all the helpers for all the amazing help you give here. I have been a tech in computers since the Commodore VIC20 and those darn Tape Cassettes. I have fought many viruses over the years and have successfully removed them. But this one has me totally stumped. Any help would be appreciated greatly.

    It started when I was helping my friend with her laptop via Teamviewer 7.0, she was complaining of the exact issues I am having now, oddly enough I was able to clean her laptop as she has not had any issues since. But now about a week or two after I cleaned her laptop I am experiencing the same issues. Whatever it is it will not allow me to update my virus scanner, it pretends to update but never actually updates. I have been using System Mechanic Professional which has seemed to work well until recently. I will post the logs that I have, I did use ComboFix to try fix the issue but it has not seemed to help. I also ran a couple other virus scanners but all they came up with was False Positives. One interesting issue was I deleted Team Viewer off my computer to install a new version but everytime I try to download a new version something stops my computer from completing it so i get a non functional copy of teamviewer downloaded.

    Additional Info from Running Secunia:

    After looking into it some more I also think the virus is using

    http://support.microsoft.com/kb/2724197

    TO cause whatever havoc it is doing, everytime I try to use Windows Update to install that security patch, it fails like something is preventing it.

    Using Secunia as you guys suggested it found that windows security issue and a security issue with Firefox, Quicktime and Adobe Flash Player but everytime I try to update any of these whatever is in my systems seems to prevent me from doing so. As it was doing with Teamviewer 7.0

    I should also add that other computers in the house have No issues with Bandwidth, running a speedtest on them they achieve the 100 Mbits/sec that they are supposed to get.


    For protection I normally run:

    System Mechanic Professional
    Malware Bytes
    Hostsman

    This is my computer:

    I have a 100Mbit connection D/L and 5 Mbit Upload connection when i run a speedtest in maxes at exactly 7.5 Mbit connection D/L

    Operating System
    MS Windows 7 Ultimate 64-bit SP1
    CPU
    Intel Core i3 540 @ 3.07GHz 50 °C
    Clarkdale 32nm Technology
    RAM
    8.0GB Dual-Channel DDR3 @ 668MHz (9-9-9-24)
    Motherboard
    ASUSTeK Computer INC. P7H55-M PRO (LGA1156)
    Graphics
    X-201 DVI @ 1600x1200
    SyncMaster @ 1920x1200
    ATI Radeon HD 4800 Series (ATI) 81 °C
    Hard Drives
    977GB Hitachi Hitachi HDS721010CLA332 ATA Device (IDE) 38 °C
    977GB Seagate ST31000340AS ATA Device (IDE) 30 °C
    977GB Seagate ST31000528AS ATA Device (IDE) 28 °C
    488GB Seagate ST3500418AS ATA Device (Unknown Interface) 32 °C
    Optical Drives
    MagicISO Virtual DVD-ROM0000
    HL-DT-ST DVD-RAM GH22LS30 ATA Device
    MagicISO Virtual DVD-ROM0001
    PLEXTOR DVDR PX-716A ATA Device
    MagicISO Virtual DVD-ROM0002
    MagicISO Virtual DVD-ROM0003
    Audio
    ASUS Xonar D2 Audio

    Network
    You are connected to the internet
    Connected through Realtek PCIe GBE Family Controller
    IP Address 192.168.0.70
    External IP Address 174.0.131.222
    Adapter Type Ethernet
    WinInet Info
    LAN Connection
    Local system uses a local area network to connect to the Internet
    Local system has RAS to connect to the Internet
    Wi-Fi Info
    Wi-Fi not enabled
    WinHTTPInfo
    WinHTTPSessionProxyType No proxy
    Session Proxy
    Session Proxy Bypass
    Connect Retries 5
    Connect Timeout 60000
    HTTP Version HTTP 1.1
    Max Connects Per 1.0 Servers INFINITE
    Max Connects Per Servers INFINITE
    Max HTTP automatic redirects 10
    Max HTTP status continue 10
    Send Timeout 30000
    IEProxy Auto Detect No
    IEProxy Auto Config
    IEProxy
    IEProxy Bypass
    Default Proxy Config Access Type No proxy
    Default Config Proxy
    Default Config Proxy Bypass


    Here are the Logs I have so far I did not use GMER because I have a 64 Bit system:

    Hijackthis Log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:26:17 AM, on 12/21/2012
    Platform: Unknown Windows (WinNT 6.01.3505 SP1)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal

    Running processes:
    C:\Windows\SysWOW64\HsMgr.exe
    C:\Program Files\ASUS Xonar D2 Audio\Customapp\ASUSAUDIOCENTER.EXE
    C:\Program Files (x86)\Workspace\workspaceupdate.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Program Files (x86)\HostsMan\hm.exe
    C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
    C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
    C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
    C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
    C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
    C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe
    C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
    C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMTray2.exe
    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
    C:\Program Files (x86)\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
    C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\firefox.exe
    C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
    C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
    C:\Users\Jason\Downloads\8nooy8dy.exe
    C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
    C:\Program Files (x86)\Java\jre7\bin\java.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: Logitech Scroll App - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\ScrollApp\32-bit\LogiSmooth.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O4 - HKLM\..\Run: [ASUS Update Checker] C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe
    O4 - HKLM\..\Run: [ASUS Ai Charger] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
    O4 - HKLM\..\Run: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe"
    O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe"
    O4 - HKLM\..\Run: [Six Engine] "C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe" -b
    O4 - HKLM\..\Run: [TurboV] "C:\Program Files (x86)\ASUS\TurboV\TurboV.exe" -b
    O4 - HKLM\..\Run: [Turbo Key] "C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe"
    O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:eek:n /alerts:eek:n /notifications:eek:n /fl:eek:n /fr:eek:n /appData:eek:n /tmcp:eek:n
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [SteelSeries World of Warcraft Cataclysm MMO Gaming Mouse] "C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
    O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Starfield Updater] "C:\Program Files (x86)\Workspace\workspaceupdate.exe"
    O4 - HKCU\..\Run: [AirVideoServer] C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [AutoUnpack] "C:\Program Files (x86)\AutoUnpack\AutoUnpack.exe " /minimize
    O4 - HKCU\..\Run: [HostsMan] "C:\Program Files (x86)\HostsMan\hm.exe" -s
    O4 - Startup: CurseClientStartup.ccip
    O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O13 - Gopher Prefix:
    O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
    O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - http://support.asus.com/common/asusTek_sys_ctrl.cab
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: File Backup Service (File Backup) - Starfield Technologies - C:\Program Files (x86)\Workspace\offSyncService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
    O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Primavera Job Service (JSDB) (prmJobSvJSDB) - Primavera Systems, Inc. - C:\Program Files (x86)\Common Files\Primavera Common\JobService\prmJobSvJSDB.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
    O23 - Service: Trend Micro RUBotted Service (RUBotSrv) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: TVersity Media Server (TVersityMediaServer) - Unknown owner - C:\ProgramData\TVersity\Media Server\MediaServer.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\Windows\system32\UAService7.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: vseamps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
    O23 - Service: vsedsps - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
    O23 - Service: vseqrts - Authentium, Inc - C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    --
    End of file - 16512 bytes


    DDS.SCR Logs

    Attach.txt

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Ultimate
    Boot Device: \Device\HarddiskVolume1
    Install Date: 11/15/2010 10:50:16 PM
    System Uptime: 12/20/2012 10:28:17 PM (12 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. | | P7H55-M PRO
    Processor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz | LGA1156 | 3067/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 466 GiB total, 30.056 GiB free.
    D: is FIXED (NTFS) - 466 GiB total, 91.449 GiB free.
    E: is FIXED (NTFS) - 466 GiB total, 142.292 GiB free.
    F: is FIXED (NTFS) - 932 GiB total, 180.908 GiB free.
    G: is FIXED (NTFS) - 932 GiB total, 83.015 GiB free.
    H: is FIXED (NTFS) - 1863 GiB total, 126.668 GiB free.
    I: is CDROM ()
    K: is CDROM ()
    L: is CDROM ()
    M: is CDROM ()
    N: is CDROM ()
    O: is CDROM ()
    Q: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: archlp
    Device ID: ROOT\LEGACY_ARCHLP\0000
    Manufacturer:
    Name: archlp
    PNP Device ID: ROOT\LEGACY_ARCHLP\0000
    Service: archlp
    .
    ==== System Restore Points ===================
    .
    No restore point in system.
    .
    ==== Installed Programs ======================
    .
    64 Bit HP CIO Components Installer
    7-Zip 4.65 (x64 edition)
    7stacks 1.5 beta 1
    ABBYY FineReader 9.0 Professional Edition
    ABC Amber BlackBerry Converter
    Acronis True Image Home
    Adobe Acrobat X Pro - English, Français, Deutsch
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Photoshop CS4
    Adobe Shockwave Player 11.6
    Advertising Center
    AI Suite
    Air Video Server 2.4.3
    Alcor Micro USB Card Reader
    All Zombies Must Die!
    AMD Accelerated Video Transcoding
    AMD APP SDK Runtime
    AMD Catalyst Install Manager
    AMD Drag and Drop Transcoding
    AMD Media Foundation Decoders
    Any Video Converter Professional 3.0.7
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Ashampoo Movie Shrink & Burn 3 3.03
    ASUS Ai Charger
    ASUS Xonar D2 Audio Driver
    ASUSUpdate
    ATI Catalyst Registration
    Auto Collage Studio 2.25
    AutoUnpack 4.5.2 - Upgrade
    Avery Wizard 4.0
    AVSDK5
    Belarc Advisor 8.2
    Bing Maps 3D
    Blackbeard's Revenge
    Bonjour
    Borderlands
    Borderlands 2
    Boxee
    Bulletstorm
    Bullzip PDF Printer 7.2.0.1304
    BusinessCards MX
    Canon MOV Decoder
    Canon MOV Encoder
    Canon MovieEdit Task for ZoomBrowser EX
    Canon MP Navigator 3.1
    Canon Utilities ZoomBrowser EX
    Canon ZoomBrowser EX Memory Card Utility
    Catalyst Control Center
    Catalyst Control Center - Branding
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    ccc-utility64
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    CCleaner
    CleanUp!
    CodecPatch
    CoffeeCup Direct FTP
    CoffeeCup Flash Menu Builder
    CoffeeCup HTML Editor
    CoffeeCup Photo Gallery
    CoffeeCup Sitemapper
    CoffeeCup Visual Site Designer 7.0
    CoffeeCup Web Form Builder
    CoffeeCup Website Access Manager
    CoffeeCup Website Color Schemer
    Command & Conquer™ 4 Tiberian Twilight
    Crysis(R)
    Crysis® 2
    Curse Client
    D3DX10
    Dark Reign: The Future of War (c) Activision
    Dark Reign: The Rise of the Shadowhand (c) Activision
    Darksiders
    DarksidersInstaller
    Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
    DeviceDiscovery
    DeviceManagementQFolder
    Diablo II
    Diablo III
    DolbyFiles
    Driver Genius Professional Edition
    DriverEasy 3.6.0
    Dungeons and Dragons Daggerdale
    Easy HTML Autorun Builder
    EPU-6 Engine
    eReg
    ESET Online Scanner v3
    Everything 1.2.1.371
    Fences
    ffdshow [rev 3154] [2009-12-09]
    FileZilla Client 3.5.3
    Flame Painter 1.2
    Foxit Phantom
    Free PDF to Word Doc Converter v1.1
    Game Booster 3
    Ghost Town
    GoldRush
    Google Chrome
    Google Earth
    Google Talk Plugin
    Google Update Helper
    Halo Combat Evolved
    Heroes of Might & Magic V: Hammers of Fate
    Heroes of Might and Magic V
    Heroes of Might and Magic V - Tribes of the East
    Hide IP Easy
    HijackThis 2.0.2
    Hitman Absolution
    HostsMan 3.2.73
    Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
    HP LaserJet M1522 MFP Series 4.2
    HP Product Detection
    HP Update
    hppFaxDrvM1522
    hppFaxUtility
    hppFonts
    hppLJM1522
    hppManualsM1522
    hppScanTo
    hppSendFaxM1522
    hppTLBXFXM1522
    HPSSupply
    hpzTLBXFX
    IcoFX 1.6.4
    Imperial Fortune
    Intel(R) Management Engine Components
    iolo technologies' Search and Recover
    iolo technologies' System Mechanic Professional
    iTunes
    Java 7 Update 9
    Java Auto Updater
    JDownloader
    JDownloader 0.9
    Junk Mail filter update
    Kingdoms of Amalur Reckoning version 1.0
    Left 4 Dead
    LGE Tool 1.63
    LightScribe System Software
    LockHunter version 1.0 beta 3, 64 bit edition
    Logitech Gaming Software
    Logitech Gaming Software 8.20
    Logitech Scroll App 3.0
    Logitech SetPoint 6.32
    Magic ISO Maker v5.5 (build 0274)
    MagicDisc 2.7.106
    Malwarebytes Anti-Malware version 1.65.1.1000
    marvell 61xx
    Mass Effect
    Mass Effect 2
    Mass Effect™ 3
    MechWarrior Online
    Menu Templates - Starter Kit
    Mesh Runtime
    Messenger Companion
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Games for Windows - LIVE Redistributable
    Microsoft Games for Windows Marketplace
    Microsoft Office 2010 Service Pack 1 (SP1)
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office Office 32-bit Components 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared 32-bit MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Outlook Hotmail Connector 64-bit
    Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Might & Magic Heroes VI
    mkv2vob
    MKVtoolnix 4.6.0
    MobileMe Control Panel
    Movavi Video Editor 4
    Movie Templates - Starter Kit
    Mozilla Firefox (3.6.25)
    Mozilla Firefox 18.0 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    MultiHasher 1.0 Beta 2
    Mysteries of Cleopatra
    Nero 9
    Nero BurnRights
    Nero ControlCenter
    Nero CoverDesigner
    Nero Disc Copy Gadget
    Nero DiscSpeed
    Nero DriveSpeed
    Nero InfoTool
    Nero Installer
    Nero MediaHome 4
    Nero MediaHome 4 Help
    Nero Move it
    Nero PhotoSnap
    Nero Recode
    Nero Rescue Agent
    Nero ShowTime
    Nero StartSmart
    Nero Vision
    Nero WaveEditor
    NeroBurningROM
    NeroExpress
    neroxml
    NokiaFREE Unlock Codes Calculator
    NVIDIA PhysX
    OpenAL
    openCanvas4.5e Plus
    Optimism 3.8.4
    Paint.NET v3.5.10
    Palringo
    Pando Media Booster
    PaperPort Image Printer
    Patch
    Patch 2007 Game Patches
    PFPortChecker 1.0.36
    PowerISO
    Primavera 6.0
    Product_Min_QFolder
    PunkBuster Services
    QuickBooks Pro 2009
    QuickTime
    Realtek Ethernet Controller Driver
    Realtek HDMI Audio Driver for ATI
    Realtek High Definition Audio Driver
    Reel Deal Slot Quest - Vampire Lord
    Reel Deal Slot Quest Alice in Wonderland 1.00
    Reel Deal Slots 2nd Volume
    Reel Deal Slots Adventure World Tour
    Revo Uninstaller Pro 2.5.1
    SanDisk ImageMate Reader/Writer
    ScanSoft PaperPort 11
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft Excel 2010 (KB2597166) 64-Bit Edition
    Security Update for Microsoft InfoPath 2010 (KB2687417) 64-Bit Edition
    Security Update for Microsoft InfoPath 2010 (KB2687436) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553091)
    Security Update for Microsoft Office 2010 (KB2553096)
    Security Update for Microsoft Office 2010 (KB2553260) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2589322) 64-Bit Edition
    Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition
    Security Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit Edition
    Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
    Security Update for Microsoft Visio Viewer 2010 (KB2598287) 64-Bit Edition
    Security Update for Microsoft Word 2010 (KB2553488) 64-Bit Edition
    Skype Click to Call
    Skype™ 6.0
    SoundTrax
    Speccy
    SRWare Iron 6.0.475.1
    StarCraft II
    Steam
    Stronghold 3
    Super Internet TV v8.0 (Premium Edition)
    SWF Opener
    swMSM
    Syndicate version 1.0
    System Mechanic 11 Professional
    Test Drive Unlimited
    The Darkness II
    The Lord of the Rings FREE Trial
    The Walking Dead Episode 5 (c) Telltales version 1
    Torchlight II (c) Runic Games version 1
    Treasures of the Far East
    Trend Micro RUBotted 2.0 Beta
    Turbo Key
    TurboV
    TVersity Codec Pack 1.7
    TVersity Media Server 2.2
    Ubisoft Game Launcher
    UltraCompare v8.00
    UltraISO Premium V9.36
    Unity Web Player
    UnPacker 1,5,0,1909
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Update for Microsoft Office 2010 (KB2494150)
    Update for Microsoft Office 2010 (KB2553065)
    Update for Microsoft Office 2010 (KB2553092)
    Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2553272) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
    Update for Microsoft Office 2010 (KB2566458)
    Update for Microsoft Office 2010 (KB2598289) 64-Bit Edition
    Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
    Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition
    Update for Microsoft Outlook 2010 (KB2553248) 64-Bit Edition
    Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
    UsbBoost
    Valley of the Kings
    Vegas Experience
    Ventrilo Client for Windows x64
    VideoMach
    VLC media player 2.0.2
    Warhammer 40,000 Space Marine
    WebReg
    WeBuilder 2010 v10.2
    WinArchiver
    Windows 7 Manager
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Media Player Firefox Plugin
    WinPcap 4.1.1
    WinRAR archiver
    WinX HD Video Converter Deluxe 3.10.3
    Workspace Desktop
    World of Warcraft
    World of Warcraft Public Test
    World of Warcraft(R): Cataclysm(TM) MMO Gaming Mouse
    Xilisoft ISO Pro
    Xiph.Org Open Codecs 0.85.17777
    Xvid 1.1.2 final uninstall
    ZoneAlarm Antivirus
    ZoneAlarm Firewall
    ZoneAlarm Free Antivirus + Firewall
    ZoneAlarm Security
    .
    ==== Event Viewer Messages From Past Week ========
    .
    12/21/2012 5:33:17 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
    12/20/2012 9:59:56 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147014847
    12/20/2012 7:48:49 PM, Error: volmgr [46] - Crash dump initialization failed!
    12/20/2012 7:47:28 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    12/20/2012 7:46:38 PM, Error: Application Popup [1060] - \??\C:\Gotcha.exe\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    12/20/2012 7:45:30 PM, Error: Service Control Manager [7031] - The KMService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    12/20/2012 7:43:42 PM, Error: Application Popup [1060] - \??\C:\Users\Jason\AppData\Local\Temp\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    12/20/2012 7:32:17 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR7.
    12/20/2012 7:11:52 PM, Error: Service Control Manager [7031] - The TVersity Media Server service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
    12/20/2012 7:06:20 PM, Error: Service Control Manager [7031] - The TVersity Media Server service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
    12/20/2012 7:02:54 PM, Error: Service Control Manager [7031] - The TVersity Media Server service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 3000 milliseconds: Restart the service.
    12/20/2012 7:01:21 PM, Error: Service Control Manager [7031] - The TVersity Media Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
    12/20/2012 7:01:20 PM, Error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).
    12/20/2012 7:00:50 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).
    12/20/2012 7:00:50 PM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
    12/20/2012 6:18:54 PM, Error: Service Control Manager [7030] - The TrueVector Internet Monitor service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    12/20/2012 5:34:48 PM, Error: Service Control Manager [7009] - A timeout was reached (120000 milliseconds) while waiting for the Windows Search service to connect.
    12/20/2012 5:34:48 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    12/20/2012 5:34:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    12/20/2012 5:33:22 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
    12/20/2012 5:33:22 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
    12/20/2012 4:32:59 PM, Error: Service Control Manager [7034] - The iolo System Service service terminated unexpectedly. It has done this 3 time(s).
    12/20/2012 4:18:49 PM, Error: Service Control Manager [7034] - The iolo System Service service terminated unexpectedly. It has done this 2 time(s).
    12/20/2012 3:46:03 PM, Error: Service Control Manager [7034] - The iolo System Service service terminated unexpectedly. It has done this 1 time(s).
    12/20/2012 3:03:23 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: FileDisk FNETURPX
    12/20/2012 2:53:19 PM, Error: Service Control Manager [7000] - The Trend Micro RUBotted Service service failed to start due to the following error: The system cannot find the file specified.
    12/20/2012 2:28:24 PM, Error: Service Control Manager [7034] - The TeamViewer 7 service terminated unexpectedly. It has done this 3 time(s).
    12/20/2012 2:23:09 PM, Error: Service Control Manager [7031] - The TeamViewer 7 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.
    12/20/2012 2:22:39 PM, Error: Service Control Manager [7031] - The TeamViewer 7 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.
    12/20/2012 11:39:18 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR4.
    12/20/2012 10:31:18 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: archlp FileDisk FNETURPX
    12/20/2012 10:29:24 PM, Error: Service Control Manager [7000] - The limsgt service failed to start due to the following error: This driver has been blocked from loading
    12/20/2012 10:29:24 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\DRIVERS\limsgt.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    12/20/2012 10:29:23 PM, Error: Service Control Manager [7000] - The iolo FileInfoList Service service failed to start due to the following error: The executable program that this service is configured to run in does not implement the service.
    12/20/2012 10:28:55 PM, Error: Service Control Manager [7000] - The athsgt service failed to start due to the following error: This driver has been blocked from loading
    12/20/2012 10:28:55 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\DRIVERS\athsgt.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    12/20/2012 10:28:34 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\FileDisk.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    12/20/2012 10:26:39 PM, Error: Service Control Manager [7031] - The Intel(R) Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
    12/19/2012 8:23:07 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR23.
    12/14/2012 10:07:06 PM, Error: srv [2011] - The server's configuration parameter "irpstacksize" is too small for the server to use a local device. Please increase the value of this parameter.
    .
    ==== End Of File ===========================

    DDS.TXT

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
    Run by Jason at 10:27:49 on 2012-12-21
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8126.3082 [GMT -7:00]
    .
    AV: ZoneAlarm Antivirus *Enabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
    AV: System Shield *Enabled/Updated* {3030810C-E2AC-B12D-8BB1-B1B8C0193798}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: System Shield *Enabled/Updated* {8B5160E8-C496-BEA3-B101-8ACABB9E7D25}
    SP: ZoneAlarm Anti-Spyware *Enabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
    FW: ZoneAlarm Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Workspace\offSyncService.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Windows\SysWOW64\HsMgr.exe
    C:\Windows\system\HsMgr64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\ASUS Xonar D2 Audio\Customapp\ASUSAUDIOCENTER.EXE
    C:\Windows\SysWOW64\srvany.exe
    C:\Windows\KMService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files\Logitech\SetPointP\SetPoint.exe
    C:\Program Files\Logitech Gaming Software\LCore.exe
    C:\Program Files\Logitech\ScrollApp\KhalScroll.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Workspace\workspaceupdate.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Program Files (x86)\HostsMan\hm.exe
    C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
    C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
    C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
    C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
    C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
    C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
    C:\Program Files\Logitech\SetPointG\SetPointII.exe
    C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMTray2.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
    C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
    C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
    C:\ProgramData\TVersity\Media Server\MediaServer.exe
    C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
    C:\Windows\SysWOW64\UAService7.exe
    C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
    C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\firefox.exe
    C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
    C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
    C:\Windows\Explorer.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Users\Jason\Downloads\8nooy8dy.exe
    C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
    C:\Program Files (x86)\Java\jre7\bin\java.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxps://www.google.ca/
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: Logitech Scroll App: {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\ScrollApp\32-bit\LogiSmooth.dll
    BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [Starfield Updater] "C:\Program Files (x86)\Workspace\workspaceupdate.exe"
    uRun: [AirVideoServer] C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe
    uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
    uRun: [AutoUnpack] "C:\Program Files (x86)\AutoUnpack\AutoUnpack.exe " /minimize
    uRun: [HostsMan] "C:\Program Files (x86)\HostsMan\hm.exe" -s
    mRun: [ASUS Update Checker] C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe
    mRun: [ASUS Ai Charger] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
    mRun: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe"
    mRun: [Cpu Level Up help] "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe"
    mRun: [Six Engine] "C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe" -b
    mRun: [TurboV] "C:\Program Files (x86)\ASUS\TurboV\TurboV.exe" -b
    mRun: [Turbo Key] "C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe"
    mRun: [ToolBoxFX] "C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:eek:n /alerts:eek:n /notifications:eek:n /fl:eek:n /fr:eek:n /appData:eek:n /tmcp:eek:n
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [SteelSeries World of Warcraft Cataclysm MMO Gaming Mouse] "C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe"
    mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [Trend Micro RUBotted V2.0 Beta] C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
    mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
    mRunOnce: [SMRequiresRestart] <no file>
    StartupFolder: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:0
    IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
    DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/common/asusTek_sys_ctrl.cab
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    TCP: NameServer = 64.59.135.143 64.59.128.113
    TCP: Interfaces\{111F5EB7-64F5-4770-B892-DF26BE0089C0} : DHCPNameServer = 209.91.107.11 209.121.225.11
    TCP: Interfaces\{531FEB71-C85B-447A-B3C8-C9C5FF19193A} : DHCPNameServer = 64.59.135.143 64.59.128.113
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
    x64-BHO: Logitech Scroll App: {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\ScrollApp\LogiSmooth.dll
    x64-TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    x64-Run: [Cmaudio8788] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
    x64-Run: [Cmaudio8788GX] C:\Windows\syswow64\HsMgr.exe Envoke
    x64-Run: [Cmaudio8788GX64] C:\Windows\system\HsMgr64.exe Envoke
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
    x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
    x64-Run: [LogiScrollApp] C:\Program Files\Logitech\ScrollApp\KhalScroll.exe
    x64-Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\r2yk6h25.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxps://www.google.ca/
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    FF - plugin: C:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll
    FF - plugin: C:\Users\Jason\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: C:\Users\Jason\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\r2yk6h25.default\extensions\[email protected]\plugins\npRACtrl.dll
    FF - plugin: C:\Users\Jason\AppData\Roaming\Mozilla\Plugins\npgoogletalk.dll
    FF - plugin: C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
    FF - plugin: C:\Users\Jason\AppData\Roaming\Mozilla\Plugins\npgtpo3dautoplugin.dll
    FF - plugin: C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npoff.dll
    FF - plugin: C:\Users\Jason\AppData\Roaming\Mozilla\Plugins\npoff.dll
    FF - plugin: C:\Users\Jason\AppData\Roaming\Mozilla\Plugins\npoff64.dll
    FF - plugin: C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npoff64.dll
    FF - plugin: C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npwbe.dll
    FF - plugin: C:\Users\Jason\AppData\Roaming\Mozilla\Plugins\npwbe.dll
    FF - plugin: C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npwbe64.dll
    FF - plugin: C:\Users\Jason\AppData\Roaming\Mozilla\Plugins\npwbe64.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
    FF - ExtSQL: 2012-12-20 18:18; {FFB96CC1-7EB3-449D-B827-DB661701C6BB}; C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2012-1-18 23464]
    R1 kl2;kl2;C:\Windows\System32\drivers\kl2.sys [2012-12-20 11864]
    R2 AMP;AMP;C:\Windows\System32\drivers\amp.sys [2010-11-16 161320]
    R2 AMPSE;AMPSE;C:\Windows\System32\drivers\ampse.sys [2010-11-16 1404456]
    R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-2 33712]
    R2 PDFsFilter;PDFsFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2012-7-24 82160]
    R3 cmudaxp;ASUS Xonar D2 Audio Interface;C:\Windows\System32\drivers\cmudaxp.sys [2011-3-10 2725376]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-11-16 56344]
    R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
    R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2010-12-1 25928]
    S3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2011-1-20 250400]
    S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-12-27 48488]
    S3 HPFXFAX;HPFXFAX;C:\Windows\System32\drivers\hpfx64fax.sys [2010-12-4 23064]
    S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]
    S3 qcusbser;ACER USB Device for Legacy Serial Communication;C:\Windows\System32\drivers\qcusbser.sys [2009-8-14 120960]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-6-28 20992]
    .
    =============== File Associations ===============
    .
    FileExt: .reg: Applications\regedt32.exe="C:\Windows\System32\regedt32.exe" "%1" [UserChoice]
    FileExt: .jse: JSEFile=NOTEPAD.EXE %1
    FileExt: .wsf: WSFFile=NOTEPAD.EXE %1
    .
    =============== Created Last 30 ================
    .
    2012-12-21 06:21:37 -------- d-----w- C:\Program Files (x86)\ESET
    2012-12-21 05:01:11 -------- d-sh--w- C:\$RECYCLE.BIN
    2012-12-21 02:14:21 98816 ----a-w- C:\Windows\sed.exe
    2012-12-21 02:14:21 256000 ----a-w- C:\Windows\PEV.exe
    2012-12-21 02:14:21 208896 ----a-w- C:\Windows\MBR.exe
    2012-12-21 02:14:14 -------- d-----w- C:\Gotcha.exe
    2012-12-21 01:18:27 -------- d-----w- C:\Users\Jason\AppData\Roaming\CheckPoint
    2012-12-21 01:17:49 -------- d-----w- C:\Program Files\CheckPoint
    2012-12-21 01:17:45 11864 ----a-w- C:\Windows\System32\drivers\kl2.sys
    2012-12-21 01:17:43 460888 ----a-w- C:\Windows\System32\drivers\kl1.sys
    2012-12-21 00:43:16 -------- d-----w- C:\ProgramData\Trend Micro
    2012-12-21 00:05:56 9728 ----a-w- C:\Windows\System32\Wdfres.dll
    2012-12-21 00:05:56 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
    2012-12-21 00:05:56 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
    2012-12-21 00:05:56 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
    2012-12-20 21:55:44 -------- d-----w- C:\Program Files (x86)\CheckPoint
    2012-12-20 21:55:43 -------- d-----w- C:\ProgramData\CheckPoint
    2012-12-20 21:53:08 -------- d-----w- C:\Program Files (x86)\WinPcap
    2012-12-20 21:50:15 256904 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys
    2012-12-20 19:29:38 -------- d-----w- C:\Users\Jason\AppData\Local\assembly
    2012-12-20 19:27:35 -------- d-----w- C:\Program Files\Avery
    2012-12-14 08:48:55 -------- d-----w- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11
    2012-12-12 04:02:02 95744 ----a-w- C:\Windows\System32\synceng.dll
    2012-12-12 04:02:02 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
    2012-12-06 20:55:59 -------- d-----w- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11.bak
    2012-12-02 18:16:21 -------- d-----w- C:\Users\Jason\AppData\Local\IsolatedStorage
    2012-12-02 18:15:04 -------- d-----w- C:\Program Files (x86)\Virtual Earth 3D
    2012-11-29 19:44:15 2155248 ----a-w- C:\Windows\System32\Incinerator64.dll
    2012-11-28 17:41:52 -------- d-----w- C:\Users\Jason\AppData\Roaming\mojosoft
    2012-11-28 17:41:52 -------- d-----w- C:\Program Files (x86)\mojosoft
    2012-11-25 04:52:00 -------- d-----w- C:\Program Files (x86)\The Walking Dead Episode 5
    2012-11-22 21:54:53 -------- d-----w- C:\Risk Factions
    2012-11-22 20:23:49 -------- d-----w- C:\Users\Jason\AppData\Roaming\WarZone
    2012-11-22 20:23:31 -------- d-----w- C:\Program Files\Common Files\Idu
    2012-11-22 20:23:10 -------- d-----w- C:\Program Files (x86)\WarZone
    2012-11-22 20:22:40 -------- d-----w- C:\Program Files\Microprose
    .
    ==================== Find3M ====================
    .
    2012-12-12 12:33:08 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-12-12 12:33:08 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-12-12 12:33:03 16363960 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2012-12-07 06:58:00 57144 ----a-w- C:\Windows\System32\iolobtdfg.exe
    2012-12-07 06:57:52 25744 ----a-w- C:\Windows\System32\smrgdf.exe
    2012-12-07 06:42:54 2097032 ----a-w- C:\Windows\SysWow64\Incinerator32.dll
    2012-11-16 17:16:01 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2012-11-16 17:16:00 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-11-01 22:31:48 450136 ----a-w- C:\Windows\System32\drivers\vsdatant.sys
    2012-10-23 02:32:35 143360 ----a-w- C:\Windows\SysWow64\UAService7.exe
    2012-10-10 16:52:14 8192 ----a-w- C:\Windows\SysWow64\srvany.exe
    2012-10-10 16:52:14 151552 ----a-w- C:\Windows\KMService.exe
    2012-09-30 01:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-09-24 21:32:24 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
    .
    ============= FINISH: 10:29:09.91 ===============


    ComboFix Log

    ComboFix 12-12-20.02 - Jason 12/20/2012 19:17:42.1.4 - x64
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8126.4917 [GMT -7:00]
    Running from: c:\users\Jason\Desktop\Gotcha.exe.exe
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\D81EDBF9-D167-4011-B77D-211DF920EB80
    c:\programdata\ntuser.dat
    c:\windows\iun6002.exe
    c:\windows\ST6UNST.000
    c:\windows\SwSys1.bmp
    c:\windows\SwSys2.bmp
    c:\windows\system\viewed.dll
    c:\windows\SysWow64\CmdLineExt.dll
    c:\windows\SysWow64\muzapp.exe
    c:\windows\SysWow64\scm.exe
    c:\windows\SysWow64\TBM4639.tmp
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-11-21 to 2012-12-21 )))))))))))))))))))))))))))))))
    .
    .
    2012-12-21 01:18 . 2012-12-21 01:18 -------- d-----w- c:\users\Jason\AppData\Roaming\CheckPoint
    2012-12-21 01:17 . 2012-12-21 01:17 -------- d-----w- c:\program files\CheckPoint
    2012-12-21 01:17 . 2012-01-10 01:59 11864 ----a-w- c:\windows\system32\drivers\kl2.sys
    2012-12-21 01:17 . 2012-01-10 01:59 460888 ----a-w- c:\windows\system32\drivers\kl1.sys
    2012-12-21 01:17 . 2012-01-10 01:59 485680 ----a-w- c:\windows\system32\drivers\klif.sys
    2012-12-21 00:43 . 2012-12-21 00:43 -------- d-----w- c:\programdata\Trend Micro
    2012-12-21 00:05 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
    2012-12-21 00:05 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
    2012-12-21 00:05 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
    2012-12-21 00:05 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
    2012-12-20 21:55 . 2012-12-21 01:16 -------- d-----w- c:\program files (x86)\CheckPoint
    2012-12-20 21:55 . 2012-12-20 21:55 -------- d-----w- c:\programdata\CheckPoint
    2012-12-20 21:53 . 2012-12-20 21:53 -------- d-----w- c:\program files (x86)\WinPcap
    2012-12-20 21:50 . 2012-06-05 07:37 256904 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys
    2012-12-20 19:29 . 2012-12-20 19:29 -------- d-----w- c:\users\Jason\AppData\Local\assembly
    2012-12-20 19:27 . 2012-12-20 19:27 -------- d-----w- c:\program files\Avery
    2012-12-14 08:48 . 2012-12-19 22:58 -------- d-----w- c:\program files (x86)\Mozilla Firefox 4.0 Beta 11
    2012-12-12 04:02 . 2012-09-25 22:39 95744 ----a-w- c:\windows\system32\synceng.dll
    2012-12-12 04:02 . 2012-09-25 21:55 78336 ----a-w- c:\windows\SysWow64\synceng.dll
    2012-12-06 20:26 . 2012-12-06 20:26 -------- d-----w- c:\program files (x86)\Common Files\Skype
    2012-12-02 18:16 . 2012-12-02 18:16 -------- d-----w- c:\users\Jason\AppData\Local\IsolatedStorage
    2012-12-02 18:15 . 2012-12-02 18:15 -------- d-----w- c:\program files (x86)\Virtual Earth 3D
    2012-11-29 19:44 . 2012-12-07 06:42 2155248 ----a-w- c:\windows\system32\Incinerator64.dll
    2012-11-28 17:41 . 2012-11-28 17:41 -------- d-----w- c:\users\Jason\AppData\Roaming\mojosoft
    2012-11-28 17:41 . 2012-11-28 17:41 -------- d-----w- c:\program files (x86)\mojosoft
    2012-11-25 04:52 . 2012-11-25 05:05 -------- d-----w- c:\program files (x86)\The Walking Dead Episode 5
    2012-11-22 21:54 . 2012-11-22 22:05 -------- d-----w- C:\Risk Factions
    2012-11-22 20:23 . 2012-11-22 20:25 -------- d-----w- c:\users\Jason\AppData\Roaming\WarZone
    2012-11-22 20:23 . 2012-11-22 20:23 -------- d-----w- c:\program files\Common Files\Idu
    2012-11-22 20:23 . 2012-12-20 22:41 -------- d-----w- c:\program files (x86)\WarZone
    2012-11-22 20:22 . 2012-11-22 20:22 -------- d-----w- c:\program files\Microprose
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-12-12 12:33 . 2012-04-10 17:17 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-12-12 12:33 . 2011-05-26 02:27 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-12-12 12:33 . 2012-07-12 12:33 16363960 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
    2012-12-07 06:58 . 2010-11-16 11:05 57144 ----a-w- c:\windows\system32\iolobtdfg.exe
    2012-12-07 06:57 . 2010-11-16 11:05 25744 ----a-w- c:\windows\system32\smrgdf.exe
    2012-12-07 06:42 . 2011-09-21 01:51 2097032 ----a-w- c:\windows\SysWow64\Incinerator32.dll
    2012-11-28 22:58 . 2010-11-16 07:49 67413224 ----a-w- c:\windows\system32\MRT.exe
    2012-11-16 17:16 . 2012-11-16 17:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2012-11-16 17:16 . 2010-11-18 06:36 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2012-11-01 22:31 . 2012-11-01 22:31 450136 ----a-w- c:\windows\system32\drivers\vsdatant.sys
    2012-10-23 02:32 . 2012-10-23 02:32 143360 ----a-w- c:\windows\SysWow64\UAService7.exe
    2012-10-10 16:52 . 2012-10-10 16:52 151552 ----a-w- c:\windows\KMService.exe
    2012-10-10 16:52 . 2010-11-16 07:36 8192 ----a-w- c:\windows\SysWow64\srvany.exe
    2012-09-30 01:54 . 2010-12-02 00:12 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-09-24 21:32 . 2012-08-14 21:17 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "Starfield Updater"="c:\program files (x86)\Workspace\workspaceupdate.exe" [2011-09-01 34496]
    "AirVideoServer"="c:\program files (x86)\AirVideoServer\AirVideoServer.exe" [2010-09-22 4923784]
    "Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-08-28 1353080]
    "AutoUnpack"="c:\program files (x86)\AutoUnpack\AutoUnpack.exe" [2007-09-12 888832]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "ASUS Update Checker"="c:\program files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe" [2009-10-08 114688]
    "ASUS Ai Charger"="c:\program files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe" [2010-05-10 465536]
    "QFan Help"="c:\program files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe" [2009-11-16 604672]
    "Cpu Level Up help"="c:\program files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe" [2009-08-21 887936]
    "Six Engine"="c:\program files (x86)\ASUS\EPU-6 Engine\SixEngine.exe" [2009-12-02 7275008]
    "TurboV"="c:\program files (x86)\ASUS\TurboV\TurboV.exe" [2009-11-20 5665280]
    "Turbo Key"="c:\program files (x86)\ASUS\Turbo Key\TurboKey.exe" [2009-11-18 1874432]
    "ToolBoxFX"="c:\program files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2010-03-03 53248]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-06 641664]
    "SteelSeries World of Warcraft Cataclysm MMO Gaming Mouse"="c:\program files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe" [2011-08-18 1993216]
    "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
    "Trend Micro RUBotted V2.0 Beta"="c:\program files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe" [2010-12-17 1103184]
    "ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2012-11-08 73392]
    .
    c:\users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    CurseClientStartup.ccip [2012-7-28 0]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventSystem]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vseamps]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vsedsps]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vseqrts]
    @="Service"
    .
    R1 archlp;archlp;SysWOW64\drivers\archlp.sys [x]
    R1 FNETURPX;FNETURPX;SysWOW64\drivers\FNETURPX.SYS [x]
    R2 athsgt;athsgt;c:\windows\system32\DRIVERS\athsgt.sys [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-12-07 1053184]
    R2 limsgt;limsgt;c:\windows\system32\DRIVERS\limsgt.sys [x]
    R2 prmJobSvJSDB;Primavera Job Service (JSDB);c:\program files (x86)\Common Files\Primavera Common\JobService\prmJobSvJSDB.exe [2007-06-12 2436096]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
    R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2011-01-20 250400]
    R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
    R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
    R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
    R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
    R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
    R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
    R3 FNETTBOH;FNETTBOH;SysWOW64\drivers\FNETTBOH.SYS [x]
    R3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfx64fax.sys [2007-07-16 23064]
    R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]
    R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
    R3 qcusbser;ACER USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\qcusbser.sys [2009-08-14 120960]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
    R3 vseqrts;vseqrts;c:\program files\Common Files\Authentium\AntiVirus5\vseqrts.exe [2010-01-20 207400]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-16 1255736]
    R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
    R4 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-01-20 2326920]
    R4 Secure Content Management;Secure Content Management;c:\windows\system32\scm.exe [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
    S0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251);c:\windows\system32\DRIVERS\tdrpm251.sys [2011-01-20 1455648]
    S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
    S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2008-12-09 23464]
    S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2012-01-10 11864]
    S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
    S2 AMP;AMP;c:\windows\system32\DRIVERS\amp.sys [2010-01-20 161320]
    S2 AMPSE;AMPSE;c:\windows\system32\DRIVERS\ampse.sys [2010-01-20 1404456]
    S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-08-20 90112]
    S2 File Backup;File Backup Service;c:\program files (x86)\Workspace\offSyncService.exe [2012-10-05 1174824]
    S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2010-03-03 136192]
    S2 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-12-07 1053184]
    S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2012-11-02 33712]
    S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2012-11-02 827560]
    S2 KMService;KMService;c:\windows\system32\srvany.exe [x]
    S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-30 399432]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-30 676936]
    S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 47632]
    S2 PDFsFilter;PDFsFilter;c:\windows\system32\DRIVERS\PDFsFilter.sys [2012-07-24 82160]
    S2 RUBotSrv;Trend Micro RUBotted Service;c:\program files (x86)\Trend Micro\RUBotted\RUBotSrv.exe [2010-12-17 439632]
    S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
    S2 vseamps;vseamps;c:\program files\Common Files\Authentium\AntiVirus5\vseamps.exe [2010-01-20 150568]
    S2 vsedsps;vsedsps;c:\program files\Common Files\Authentium\AntiVirus5\vsedsps.exe [2010-01-20 150056]
    S3 cmudaxp;ASUS Xonar D2 Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [2011-03-10 2725376]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
    S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
    S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
    S3 SSMO3v2Filter;MMO3v2 Mouse;c:\windows\system32\drivers\MO3v2Driver.sys [2010-11-22 23040]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2010-08-16 20:43 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-12-21 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 12:33]
    .
    2012-12-20 c:\windows\Tasks\DriverEasy Scheduled Scan.job
    - c:\program files\Easeware\DriverEasy\DriverEasy.exe [2011-03-10 20:51]
    .
    2012-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-08 21:36]
    .
    2012-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-08 21:36]
    .
    2012-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3631050826-93611423-128151168-1001Core.job
    - c:\users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-07 21:36]
    .
    2012-12-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3631050826-93611423-128151168-1001UA.job
    - c:\users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-07 21:36]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\off0]
    @="{8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5}"
    [HKEY_CLASSES_ROOT\CLSID\{8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5}]
    2012-05-25 09:09 1308432 ----a-w- c:\program files (x86)\Workspace\offsyncext64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\off1]
    @="{8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5}"
    [HKEY_CLASSES_ROOT\CLSID\{8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5}]
    2012-05-25 09:09 1308432 ----a-w- c:\program files (x86)\Workspace\offsyncext64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
    "Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2011-05-12 8769536]
    "Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
    "Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-08 11465832]
    "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
    "Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-12-07 5889816]
    "LogiScrollApp"="c:\program files\Logitech\ScrollApp\KhalScroll.exe" [2011-12-14 156440]
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
    "{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]
    .
    ------- Supplementary Scan -------
    .
    uStart Page = https://www.google.ca/
    IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
    TCP: DhcpNameServer = 64.59.135.143 64.59.128.113
    FF - ProfilePath - c:\users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\r2yk6h25.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxps://www.google.ca/
    FF - prefs.js: network.proxy.type - 0
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    .
    .
    ------- File Associations -------
    .
    JSEFile=NOTEPAD.EXE %1
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Wow6432Node-HKLM-Run-TaskTray - (no file)
    Wow6432Node-HKLM-Run-<NO NAME> - (no file)
    SafeBoot-AMP
    SafeBoot-AMPSE
    WebBrowser-{FD3D3852-DCDA-468C-8995-8CED7333918A} - (no file)
    HKLM-Run-ISW - (no file)
    AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
    AddRemove-WYSIWYG_Web_Builder_6 - c:\windows\iun6002.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-3631050826-93611423-128151168-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    @Allowed: (Read) (RestrictedCode)
    "??"=hex:3c,0c,19,c8,3e,ad,e2,6f,6f,12,d8,2c,d1,b8,08,2f,63,28,09,63,f1,da,c6,
    85,d5,b7,14,c3,e2,a7,c1,25,fc,20,49,6e,52,f7,9f,3b,55,2d,51,85,87,36,1a,76,\
    "??"=hex:65,34,23,f1,ac,3e,ae,99,14,20,f8,2a,53,ca,02,2f
    .
    [HKEY_USERS\S-1-5-21-3631050826-93611423-128151168-1001\Software\SecuROM\License information*]
    "datasecu"=hex:8c,6d,75,7c,0a,14,03,31,be,a6,a3,d6,ab,b1,ab,d8,65,3d,2d,cf,25,
    02,1d,d2,5a,60,99,d4,8d,05,f5,3d,00,fa,2f,4b,dc,82,53,e5,50,94,fd,33,95,cb,\
    "rkeysecu"=hex:86,9f,b4,05,59,ba,ec,03,aa,27,c7,4d,76,ff,c8,ec
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\windows\SysWOW64\srvany.exe
    c:\windows\KMService.exe
    c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    c:\windows\SysWOW64\PnkBstrA.exe
    c:\programdata\TVersity\Media Server\MediaServer.exe
    c:\windows\SysWOW64\UAService7.exe
    c:\program files (x86)\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
    c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    c:\program files\ASUS Xonar D2 Audio\Customapp\ASUSAUDIOCENTER.EXE
    c:\program files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMTray2.exe
    c:\program files\Logitech Gaming Software\Applets\LCDMedia.exe
    .
    **************************************************************************
    .
    Completion time: 2012-12-20 22:08:52 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-12-21 05:08
    .
    Pre-Run: 38,531,125,248 bytes free
    Post-Run: 33,339,559,936 bytes free
    .
    - - End Of File - - 7E71A9DAD4DEC6C56D8756A66165AADE
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1081856

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice