Slooow computer, Flash problem?

[Gale_Tx]

Tks, Paddy for directing me to the right place.  I keep getting a pop-up about a Flash problem and I can't get it resolved. Shortly afterwards, my computer is so slow it's barely crawling.  Hope you can help me. TIA.  I'm not sure how to disable any script blocker, but here's the info requested:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.51.2
Run by larry at 7:43:38 on 2014-01-30
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8173.6482 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Users\larry\AppData\LocalLow\alotservice\alotservice.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Online Games Manager\ogmservice.exe
C:\Program Files (x86)\PasswordBox\pbbtnService.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
C:\Users\larry\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
C:\Users\larry\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\splwow64.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uProxyServer = hxxp=127.0.0.1:49162;https=127.0.0.1:49162
uProxyOverride = <-loopback>
mWinlogon: Userinit = userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: ALOT Appbar Helper: {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} -
BHO: VideoFileDownload: {9194649F-7143-4308-90C1-D6A35B0E354E} -
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: ALOT Appbar: {A531D99C-5A22-449b-83DA-872725C6D0ED} -
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
uRun: [AmazonMP3DownloaderHelper] C:\Users\larry\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
uRun: [iLivid] "C:\Users\larry\AppData\Local\iLivid\iLivid.exe" -autorun
uRun: [Amazon Cloud Player] "C:\Users\larry\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
uRun: [BrowserSafeguard] "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe"
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: RestrictRun = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: RestrictRun = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.shockwave.com/content/bookwormadventures/sis/popcaploader_v10_en.cab
TCP: NameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{A7D6E798-21E6-4DBB-9446-C0298F0F7CB3} : DHCPNameServer = 75.75.76.76 75.75.75.75
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.

[Gale_Tx]

FF - ProfilePath - C:\Users\larry\AppData\Roaming\Mozilla\Firefox\Profiles\07vbiqdk.default-1382562802549\
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Users\larry\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll
FF - plugin: C:\Users\larry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2012-4-27 21616]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-10-16 46368]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AlotService;ALOT Update Service;C:\Users\larry\AppData\LocalLow\alotservice\alotservice.exe [2012-5-24 255880]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-9-27 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-9-28 361984]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 ES lite Service;ES lite Service for program management.;C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe [2012-4-27 68136]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 134944]
R2 ogmservice;Online Games Manager;C:\Program Files (x86)\Online Games Manager\ogmservice.exe [2013-8-8 559552]
R2 PasswordBox;PasswordBox;C:\Program Files (x86)\PasswordBox\pbbtnService.exe [2013-11-1 67584]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-1-10 1772056]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-4-27 46136]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-7-28 56960]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-7-28 79104]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-4-27 565352]
S2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AODDriver;AODDriver;C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [2010-3-12 52280]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2012-4-27 30528]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]
S3 McAfee ScanAndRepair Svc;McAfee ScanAndRepair Svc;C:\Program Files (x86)\McAfeeScanAndRepair\McAfeeScanRepairSvc.exe [2012-1-12 695640]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-10-6 19456]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2012-7-29 31800]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-4-16 15712]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-10-6 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-10-6 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-10-6 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-29 1255736]
.
=============== Created Last 30 ================
.
2014-01-29 14:28:30   --------   d-----w-   C:\Users\larry\AppData\Roaming\ParetoLogic
2014-01-29 14:28:30   --------   d-----w-   C:\Users\larry\AppData\Roaming\DriverCure
2014-01-29 14:27:59   --------   d-----w-   C:\ProgramData\ParetoLogic
2014-01-23 19:26:35   965000   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AD156E12-C2E5-4000-9B94-19DE6314B023}\gapaengine.dll
2014-01-23 19:26:05   10315576   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{954620FD-9F08-469F-B2FB-36F817E05188}\mpengine.dll
2014-01-22 14:45:26   --------   d-----w-   C:\AdwCleaner
2014-01-20 17:58:47   10315576   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-19 17:26:25   --------   d-----w-   C:\ProgramData\Oracle
2014-01-19 17:25:59   96168   ----a-w-   C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-15 16:09:49   53248   ----a-w-   C:\Windows\System32\drivers\usbehci.sys
2014-01-15 16:09:49   325120   ----a-w-   C:\Windows\System32\drivers\usbport.sys
2014-01-15 16:09:48   99840   ----a-w-   C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 16:09:48   7808   ----a-w-   C:\Windows\System32\drivers\usbd.sys
2014-01-15 16:09:48   343040   ----a-w-   C:\Windows\System32\drivers\usbhub.sys
2014-01-15 16:09:48   30720   ----a-w-   C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 16:09:48   25600   ----a-w-   C:\Windows\System32\drivers\usbohci.sys
2014-01-15 16:09:46   3156480   ----a-w-   C:\Windows\System32\win32k.sys
2014-01-15 16:09:43   376768   ----a-w-   C:\Windows\System32\drivers\netio.sys
2013-12-31 22:55:51   --------   d-----w-   C:\SUPERDelete
.
==================== Find3M  ====================
.
2014-01-30 13:05:50   25640   ----a-w-   C:\Windows\gdrv.sys
2014-01-19 07:33:29   270496   ------w-   C:\Windows\System32\MpSigStub.exe
2014-01-15 16:05:58   71048   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-15 16:05:58   692616   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-26 10:19:07   2724864   ----a-w-   C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23   4096   ----a-w-   C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07   66048   ----a-w-   C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25   48640   ----a-w-   C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02   2724864   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39   139264   ----a-w-   C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09   111616   ----a-w-   C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57   708608   ----a-w-   C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02   5769216   ----a-w-   C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16   553472   ----a-w-   C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12   4243968   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16   1995264   ----a-w-   C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06   1928192   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57   2334208   ----a-w-   C:\Windows\System32\wininet.dll
2013-11-26 06:33:33   1820160   ----a-w-   C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20   417792   ----a-w-   C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34   465920   ----a-w-   C:\Windows\System32\WMPhoto.dll
2013-11-22 00:31:36   46368   ----a-w-   C:\Windows\System32\drivers\avgtpx64.sys
2013-11-12 02:23:09   2048   ----a-w-   C:\Windows\System32\tzres.dll
2013-11-12 02:07:29   2048   ----a-w-   C:\Windows\SysWow64\tzres.dll
.
============= FINISH:  7:44:06.26 ===============

[Gale_Tx]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 4/27/2012 11:02:58 AM
System Uptime: 1/30/2014 7:05:23 AM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. |  | GA-970A-D3
Processor: AMD FX(tm)-4100 Quad-Core Processor             | Socket M2 | 3600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 861.414 GiB free.
D: is FIXED (NTFS) - 932 GiB total, 427.821 GiB free.
F: is Removable
Y: is CDROM ()
Z: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP361: 1/6/2014 8:06:13 AM - Windows Backup
RP362: 1/7/2014 8:51:37 AM - Windows Update
RP363: 1/12/2014 7:00:20 PM - Windows Backup
RP364: 1/13/2014 12:20:39 PM - Windows Update
RP365: 1/15/2014 2:45:57 PM - Windows Update
RP366: 1/19/2014 11:24:12 AM - Installed Java 7 Update 51
RP367: 1/20/2014 10:26:04 AM - Windows Backup
RP368: 1/20/2014 11:58:30 AM - Windows Update
RP369: 1/23/2014 1:25:32 PM - Windows Update
RP370: 1/27/2014 9:21:29 AM - Windows Backup
.
==== Installed Programs ======================
.
@BIOS
Adobe Flash Player 11 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.06)
Adobe Shockwave Player 12.0
Advertising Center
Amazon Cloud Player
Amazon MP3 Downloader 1.0.18
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD AVIVO64 Codecs
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
Apple Software Update
AutoGreen B10.1021.1
AVG SafeGuard toolbar
Barn Yarn Collector's Edition
Belarc Advisor 8.2
Bookworm Deluxe
BrowserSafeguard
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Chicktionary
Compatibility Pack for the 2007 Office system
Corel PaintShop Pro X5
Criminal Investigation Agents: Petrodollars
Dream Inn: The Driftwood
Easy Tune 6 B11.1124.1
EasySaver B9.1214.1
Etron USB3.0 Host Controller
EZ Fonts
Farmington Tales
Farmscapes™ Collector's Edition
Fishdom H2O - Hidden Odyssey
Flip Words 2
GameFly
Gardenscapes 2 Collector's Edition
Golden Trails 2: The Lost Legacy
Google Earth
Google Update Helper
HydraVision
ICA
ImagXpress
IPM_PSP_COM
IrfanView (remove only)
Java 7 Update 51
Java Auto Updater
LightScribe System Software
Little Shop - Memories
Menu Templates - Starter Kit
Microsoft .NET Framework 4 Client Profile
Microsoft Office XP Professional
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Movie Templates - Starter Kit
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery Case Files: Huntsville
Nero 9 Essentials
Nero BurnRights
Nero BurnRights Help
Nero ControlCenter
Nero CoverDesigner
Nero DiscSpeed
Nero DriveSpeed
Nero Express Help
Nero InfoTool
Nero Installer
Nero Online Upgrade
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero StartSmart OEM
Nero Vision
Nero Vision Help
NeroExpress
neroxml
ON_OFF Charge B11.1102.1
Online Games Manager v1.21
OpenOffice 4.0.0
PDFCreator
PSPPContent
PSPPHelp
PSPPro64
Realtek Ethernet Controller Driver
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Revo Uninstaller 1.94
Revo Uninstaller Pro 2.5.9
Royal Envoy Campaign for the Crown Collector's Edition
Royal Envoy™
Royal Envoy™ 2 Collector's Edition
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Settings Alerter
Setup
Shared C Run-time for x64
SUPERAntiSpyware
swMSM
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
.
==== Event Viewer Messages From Past Week ========
.
1/30/2014 7:05:50 AM, Error: Service Control Manager [7000]  - The AODDriver4.2 service failed to start due to the following error:  The system cannot find the file specified.
1/26/2014 12:49:13 PM, Error: Schannel [36888]  - The following fatal alert was generated: 40. The internal error state is 252.
.
==== End Of File ===========================

[Gale_Tx]

Forgot to add this:
Results of screen317's Security Check version 0.99.79 
Windows 7 Service Pack 1 x64 (UAC is enabled) 
Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled! 
Microsoft Security Essentials   
Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````[/u]
Java 7 Update 51 
  Adobe Flash Player 12.0.0.43 Flash Player out of Date! 
Adobe Reader XI 
Mozilla Firefox (26.0)
````````Process Check: objlist.exe by Laurent````````[/u] 
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Online Games Manager ogmservice.exe   
`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````[/u]

[Corrine]

Hi, Gale_Tx.  Welcome back! 

Contrary to what is shown in SystemCheck (which hasn't been updated yet), you have the most recent version of Flash Player installed.  So, let's take care of the malware on your computer and then see if you are still having problems with Flash Player.

1.  Please download Malwarebytes' Anti-Malware to your desktop from here.

• Double-click mbam-setup.exe and follow the prompts to install the program.
• In the last Setup window, UNcheck "Enable free trial of Malwarebytes Anti-Malware PRO" but be sure a checkmark is placed next to
  -- Update Malwarebytes' Anti-Malware and
  -- Launch Malwarebytes' Anti-Malware
• Click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, check the following settings:
  -- On the Scanner tab, check Perform quick scan.
  -- On the Settings tab, Scanner Settings, leave the default boxes checked but change the drop-down boxes to Show in results list and check for removal.
  -- Also on the Settings tab, under "Action for potentially unwanted programs (PUP)", change the option to Show in results list and check for removal.
  
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, EXCEPT items in System Restore as shown in this sample:
  
• Click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See the Note below)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Please post contents of that file in your next reply.

** Note **

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

2.  Please follow these instructions carefully.  Download ComboFix from the following location:  Link 1

!!! IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your antivirus and anti-malware security applications. If not disabled, these programs will likely interfere with cleanup process. This can usually be accomplished by a right-click on the icon in the System Tray. 
  
  Note:  If you are unsure how to disable your security software, see the instructions in this topic at Tech Support Forum:  How to disable your security applications.
  
  
• If infections are found, ComboFix will automatically reboot the machine to complete the removal process.  Please ensure all opened windows are closed before proceeding.
  
• Double-click ComboFix.exe on your desktop and follow the prompts. 
  
• Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  
• When finished, a log will be produced. Please copy C:\ComboFix.txt in your next reply.
  

[Gale_Tx]

Hiya, Corrine, so glad to see you again :mrgreen: I'm doing this one at a time so I don't get lost.  I'm so glad you guys are here  :smiley: Here's the MBAM results:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.31.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
larry :: HOME1 [administrator]

1/31/2014 1:20:13 PM
mbam-log-2014-01-31 (13-20-13).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 217269
Time elapsed: 6 minute(s), 17 second(s)

Memory Processes Detected: 1
C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe (PUP.Optional.BrowserSafeGuard.A) -> 2760 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 10
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0} (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browsersafeguard (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BrowserSafeguard (PUP.Optional.BrowserSafeGuard.A) -> Data: "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe" -> Quarantined and deleted successfully.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0Z1N1J -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 8
C:\ProgramData\IBUpdaterService (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Performer (PUP.Optional.PCPerformer.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard (PUP.Optional.BrowserSafeGuard.A) -> Delete on reboot.
C:\Program Files (x86)\Browsersafeguard\Resources (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Roaming\DefaultTab\DefaultTab (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\ct3277370 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\CT3316243 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

Files Detected: 51
C:\Users\larry\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\6201.tmp (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\7E06.tmp (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\86FB.tmp (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\AEC5.tmp (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\air8DBE.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\D47D.tmp (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\F86B.tmp (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\nsk51CB.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\tmp50DF.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\tmp6635.exe (PUP.Optional.Amonetize.AS) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\tmp6F99.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\tmp8119.exe (PUP.Optional.Amonetize.AS) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\tmpA9FE.exe (PUP.Optional.Amonetize.AS) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\tmpB392.exe (PUP.Optional.Amonetize.AS) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\ct3277370\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\ct3277370\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\is1275519350\1039260_Setup.EXE (PUP.Optional.PricePeep.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\OCS9DA2.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\larry\Downloads\CandyInstaller.exe (PUP.Optional.Freemium.A) -> Quarantined and deleted successfully.
C:\Users\larry\Downloads\Express_Installer.exe (PUP.Optional.OptimumInstaller.A) -> Quarantined and deleted successfully.
C:\Users\larry\Downloads\Microsoft%20Office%202010(1).exe (PUP.Optional.Solimba) -> Quarantined and deleted successfully.
C:\Users\larry\Downloads\Microsoft%20Office%202010.exe (PUP.Optional.Solimba) -> Quarantined and deleted successfully.
C:\Users\larry\Downloads\SoftonicDownloader_for_microsoft-office-2007-service-pack-2.exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.
C:\ProgramData\IBUpdaterService\repository.xml (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Performer\xmllite.dll (PUP.Optional.PCPerformer.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Performer\isxdl.dll (PUP.Optional.PCPerformer.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Performer\PCPerformer.dll (PUP.Optional.PCPerformer.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PC Performer\PCPerformer.exe (PUP.Optional.PCPerformer.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} (PUP.Optional.Searchqu.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\ewebstorewrapper.dll (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe (PUP.Optional.BrowserSafeGuard.A) -> Delete on reboot.
C:\Program Files (x86)\Browsersafeguard\install.log (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\makecert.exe (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\TrustedRoot.cer (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\Resources\certutil.exe (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\Resources\libnspr4.dll (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\Resources\libplc4.dll (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\Resources\libplds4.dll (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\Resources\nss3.dll (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\Resources\smime3.dll (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Browsersafeguard\Resources\softokn3.dll (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\ct3277370\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\ct3277370\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\ct3277370\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\larry\AppData\Local\Temp\CT3316243\ddt.csf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

(end)

[Gale_Tx]

One new problem. After completing MBAM instructions and restarting, I get this page that says The proxy server isn't responding, couldn't get it fixed, so I'm here on FF.  Off to finish my assignment.

[Gale_Tx]

ComboFix 14-01-29.01 - larry 01/31/2014  14:05:21.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8173.6140 [GMT -6:00]
Running from: c:\users\larry\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\users\larry\AppData\Roaming\Microsoft\Windows\Recent\How to Overcome Candida Naturally.url
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AlotService
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-28 to 2014-01-31  )))))))))))))))))))))))))))))))
.
.
2014-01-31 19:10 . 2014-01-31 19:10   --------   d-----w-   c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-31 19:10 . 2013-04-04 20:50   25928   ----a-w-   c:\windows\system32\drivers\mbam.sys
2014-01-30 18:19 . 2013-12-04 03:28   10315576   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C439429-3EE5-4C03-B976-FDD6DD2C77FE}\mpengine.dll
2014-01-29 14:28 . 2014-01-29 14:28   --------   d-----w-   c:\users\larry\AppData\Roaming\ParetoLogic
2014-01-29 14:28 . 2014-01-29 14:28   --------   d-----w-   c:\users\larry\AppData\Roaming\DriverCure
2014-01-29 14:27 . 2014-01-29 14:32   --------   d-----w-   c:\programdata\ParetoLogic
2014-01-23 19:26 . 2013-10-23 21:08   965000   ------w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AD156E12-C2E5-4000-9B94-19DE6314B023}\gapaengine.dll
2014-01-23 19:26 . 2013-12-04 03:28   10315576   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-22 14:45 . 2014-01-22 14:46   --------   d-----w-   C:\AdwCleaner
2014-01-19 17:26 . 2014-01-19 17:26   --------   d-----w-   c:\programdata\Oracle
2014-01-19 17:26 . 2014-01-19 17:26   --------   d-----w-   c:\program files (x86)\Common Files\Java
2014-01-19 17:25 . 2013-12-19 03:09   96168   ----a-w-   c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-15 16:09 . 2013-11-27 01:41   53248   ----a-w-   c:\windows\system32\drivers\usbehci.sys
2014-01-15 16:09 . 2013-11-27 01:41   325120   ----a-w-   c:\windows\system32\drivers\usbport.sys
2014-01-15 16:09 . 2013-11-27 01:41   343040   ----a-w-   c:\windows\system32\drivers\usbhub.sys
2014-01-15 16:09 . 2013-11-27 01:41   99840   ----a-w-   c:\windows\system32\drivers\usbccgp.sys
2014-01-15 16:09 . 2013-11-27 01:41   25600   ----a-w-   c:\windows\system32\drivers\usbohci.sys
2014-01-15 16:09 . 2013-11-27 01:41   30720   ----a-w-   c:\windows\system32\drivers\usbuhci.sys
2014-01-15 16:09 . 2013-11-27 01:41   7808   ----a-w-   c:\windows\system32\drivers\usbd.sys
2014-01-15 16:09 . 2013-11-26 10:32   3156480   ----a-w-   c:\windows\system32\win32k.sys
2014-01-15 16:09 . 2013-11-26 11:40   376768   ----a-w-   c:\windows\system32\drivers\netio.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-31 20:10 . 2012-04-28 03:41   25640   ----a-w-   c:\windows\gdrv.sys
2014-01-19 07:33 . 2010-11-21 03:27   270496   ------w-   c:\windows\system32\MpSigStub.exe
2014-01-15 20:46 . 2012-06-29 13:26   86054176   ----a-w-   c:\windows\system32\MRT.exe
2014-01-15 16:05 . 2012-04-30 18:49   71048   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-15 16:05 . 2012-04-30 18:49   692616   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-26 11:54 . 2013-12-12 20:50   23183360   ----a-w-   c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-12 20:50   2724864   ----a-w-   c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 20:50   4096   ----a-w-   c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 20:50   66048   ----a-w-   c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 20:50   48640   ----a-w-   c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 20:50   2764288   ----a-w-   c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 20:50   53760   ----a-w-   c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 20:50   33792   ----a-w-   c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 20:50   2724864   ----a-w-   c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 20:50   574976   ----a-w-   c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 20:50   139264   ----a-w-   c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 20:50   111616   ----a-w-   c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 20:50   708608   ----a-w-   c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 20:50   218624   ----a-w-   c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 20:50   5769216   ----a-w-   c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 20:50   553472   ----a-w-   c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 20:50   4243968   ----a-w-   c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 20:50   1995264   ----a-w-   c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 20:50   12996608   ----a-w-   c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 20:50   1928192   ----a-w-   c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 20:50   2334208   ----a-w-   c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 20:50   1395200   ----a-w-   c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 20:50   817664   ----a-w-   c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 20:50   1820160   ----a-w-   c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-12 15:26   417792   ----a-w-   c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-12 15:26   465920   ----a-w-   c:\windows\system32\WMPhoto.dll
2013-11-22 00:31 . 2013-10-16 12:55   46368   ----a-w-   c:\windows\system32\drivers\avgtpx64.sys
2013-11-15 23:26 . 2013-11-15 23:26   940032   ----a-w-   c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-15 23:26 . 2013-11-15 23:26   194048   ----a-w-   c:\windows\SysWow64\elshyph.dll
2013-11-15 23:26 . 2013-11-15 23:26   71680   ----a-w-   c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-15 23:26 . 2013-11-15 23:26   645120   ----a-w-   c:\windows\SysWow64\jsIntl.dll
2013-11-15 23:26 . 2013-11-15 23:26   62464   ----a-w-   c:\windows\SysWow64\tdc.ocx
2013-11-15 23:26 . 2013-11-15 23:26   61952   ----a-w-   c:\windows\SysWow64\iesetup.dll
2013-11-15 23:26 . 2013-11-15 23:26   454656   ----a-w-   c:\windows\SysWow64\vbscript.dll
2013-11-15 23:26 . 2013-11-15 23:26   34816   ----a-w-   c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-15 23:26 . 2013-11-15 23:26   337408   ----a-w-   c:\windows\SysWow64\html.iec
2013-11-15 23:26 . 2013-11-15 23:26   24576   ----a-w-   c:\windows\SysWow64\licmgr10.dll
2013-11-15 23:26 . 2013-11-15 23:26   235008   ----a-w-   c:\windows\system32\elshyph.dll
2013-11-15 23:26 . 2013-11-15 23:26   182272   ----a-w-   c:\windows\SysWow64\msls31.dll
2013-11-15 23:26 . 2013-11-15 23:26   151552   ----a-w-   c:\windows\SysWow64\iexpress.exe
2013-11-15 23:26 . 2013-11-15 23:26   139264   ----a-w-   c:\windows\SysWow64\wextract.exe
2013-11-15 23:26 . 2013-11-15 23:26   1051136   ----a-w-   c:\windows\SysWow64\mshtmlmedia.dll
2013-11-15 23:26 . 2013-11-15 23:26   112128   ----a-w-   c:\windows\SysWow64\ieUnatt.exe
2013-11-15 23:26 . 2013-11-15 23:26   942592   ----a-w-   c:\windows\system32\jsIntl.dll
2013-11-15 23:26 . 2013-11-15 23:26   90112   ----a-w-   c:\windows\system32\SetIEInstalledDate.exe
2013-11-15 23:26 . 2013-11-15 23:26   86016   ----a-w-   c:\windows\SysWow64\iesysprep.dll
2013-11-15 23:26 . 2013-11-15 23:26   86016   ----a-w-   c:\windows\system32\RegisterIEPKEYs.exe
2013-11-15 23:26 . 2013-11-15 23:26   74240   ----a-w-   c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-15 23:26 . 2013-11-15 23:26   61952   ----a-w-   c:\windows\SysWow64\MshtmlDac.dll
2013-11-15 23:26 . 2013-11-15 23:26   52224   ----a-w-   c:\windows\system32\msfeedsbs.dll
2013-11-15 23:26 . 2013-11-15 23:26   51200   ----a-w-   c:\windows\SysWow64\ieetwproxystub.dll
2013-11-15 23:26 . 2013-11-15 23:26   48640   ----a-w-   c:\windows\SysWow64\mshtmler.dll
2013-11-15 23:26 . 2013-11-15 23:26   48640   ----a-w-   c:\windows\system32\mshtmler.dll
2013-11-15 23:26 . 2013-11-15 23:26   36352   ----a-w-   c:\windows\SysWow64\imgutil.dll
2013-11-15 23:26 . 2013-11-15 23:26   247808   ----a-w-   c:\windows\system32\msls31.dll
2013-11-15 23:26 . 2013-11-15 23:26   195584   ----a-w-   c:\windows\system32\msrating.dll
2013-11-15 23:26 . 2013-11-15 23:26   13312   ----a-w-   c:\windows\SysWow64\mshta.exe
2013-11-15 23:26 . 2013-11-15 23:26   13312   ----a-w-   c:\windows\system32\msfeedssync.exe
2013-11-15 23:26 . 2013-11-15 23:26   131072   ----a-w-   c:\windows\system32\IEAdvpack.dll
2013-11-15 23:26 . 2013-11-15 23:26   111616   ----a-w-   c:\windows\SysWow64\IEAdvpack.dll
2013-11-15 23:26 . 2013-11-15 23:26   105984   ----a-w-   c:\windows\system32\iesysprep.dll
2013-11-15 23:26 . 2013-11-15 23:26   84992   ----a-w-   c:\windows\system32\mshtmled.dll
2013-11-15 23:26 . 2013-11-15 23:26   83968   ----a-w-   c:\windows\system32\MshtmlDac.dll
2013-11-15 23:26 . 2013-11-15 23:26   81408   ----a-w-   c:\windows\system32\icardie.dll
2013-11-15 23:26 . 2013-11-15 23:26   774144   ----a-w-   c:\windows\system32\jscript.dll
2013-11-15 23:26 . 2013-11-15 23:26   77312   ----a-w-   c:\windows\system32\tdc.ocx
2013-11-15 23:26 . 2013-11-15 23:26   626176   ----a-w-   c:\windows\system32\msfeeds.dll
2013-11-15 23:26 . 2013-11-15 23:26   62464   ----a-w-   c:\windows\system32\pngfilt.dll
2013-11-15 23:26 . 2013-11-15 23:26   616104   ----a-w-   c:\windows\system32\ieapfltr.dat
2013-11-15 23:26 . 2013-11-15 23:26   548352   ----a-w-   c:\windows\system32\vbscript.dll
2013-11-15 23:26 . 2013-11-15 23:26   48128   ----a-w-   c:\windows\system32\imgutil.dll
2013-11-15 23:26 . 2013-11-15 23:26   453120   ----a-w-   c:\windows\system32\dxtmsft.dll
2013-11-15 23:26 . 2013-11-15 23:26   413696   ----a-w-   c:\windows\system32\html.iec
2013-11-15 23:26 . 2013-11-15 23:26   40448   ----a-w-   c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-15 23:26 . 2013-11-15 23:26   30208   ----a-w-   c:\windows\system32\licmgr10.dll
2013-11-15 23:26 . 2013-11-15 23:26   296960   ----a-w-   c:\windows\system32\dxtrans.dll
2013-11-15 23:26 . 2013-11-15 23:26   263376   ----a-w-   c:\windows\system32\iedkcs32.dll
2013-11-15 23:26 . 2013-11-15 23:26   243200   ----a-w-   c:\windows\system32\webcheck.dll
2013-11-15 23:26 . 2013-11-15 23:26   235520   ----a-w-   c:\windows\system32\url.dll
2013-11-15 23:26 . 2013-11-15 23:26   167424   ----a-w-   c:\windows\system32\iexpress.exe
2013-11-15 23:26 . 2013-11-15 23:26   147968   ----a-w-   c:\windows\system32\occache.dll
2013-11-15 23:26 . 2013-11-15 23:26   143872   ----a-w-   c:\windows\system32\wextract.exe
2013-11-15 23:26 . 2013-11-15 23:26   13824   ----a-w-   c:\windows\system32\mshta.exe
2013-11-15 23:26 . 2013-11-15 23:26   135680   ----a-w-   c:\windows\system32\iepeers.dll
2013-11-15 23:26 . 2013-11-15 23:26   1228800   ----a-w-   c:\windows\system32\mshtmlmedia.dll
2013-11-15 23:26 . 2013-11-15 23:26   101376   ----a-w-   c:\windows\system32\inseng.dll
2013-11-12 02:23 . 2013-12-12 15:26   2048   ----a-w-   c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-12 15:26   2048   ----a-w-   c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-09-14 393216]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" [2014-01-26 6563608]
"AmazonMP3DownloaderHelper"="c:\users\larry\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe" [2013-04-05 397632]
"Amazon Cloud Player"="c:\users\larry\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" [2013-12-12 3145536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2014-01-10 2530840]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 bliohipk;bliohipk;c:\windows\system32\drivers\bliohipk.sys;c:\windows\SYSNATIVE\drivers\bliohipk.sys

• 
  R2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
• 
  R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
• 
  R3 AODDriver;AODDriver;c:\program files (x86)\Gigabyte\ET6\amd64\AODDriver.sys;c:\program files (x86)\Gigabyte\ET6\amd64\AODDriver.sys
• 
  R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe
• 
  R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys
• 
  R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys
• 
  R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe
• 
  R3 McAfee ScanAndRepair Svc;McAfee ScanAndRepair Svc;c:\program files (x86)\McAfeeScanAndRepair\McAfeeScanRepairSvc.exe;c:\program files (x86)\McAfeeScanAndRepair\McAfeeScanRepairSvc.exe
• 
  R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys
• 
  R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe
• 
  R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys
• 
  R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys
• 
  R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys
• 
  R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys
• 
  R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys
• 
  R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys
• 
  R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys
• 
  R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys
• 
  R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys
• 
  R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe
• 
  S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys
• 
  S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys
• 
  S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS
• 
  S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS
• 
  S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE
• 
  S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe
• 
  S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
• 
  S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
• 
  S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE
• 
  S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
• 
  S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
• 
  S2 ogmservice;Online Games Manager;c:\program files (x86)\Online Games Manager\ogmservice.exe;c:\program files (x86)\Online Games Manager\ogmservice.exe
• 
  S2 PasswordBox;PasswordBox;c:\program files (x86)\PasswordBox\pbbtnService.exe;c:\program files (x86)\PasswordBox\pbbtnService.exe
• 
  S2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
• 
  S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys
• 
  S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys
• 
  S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys
• 
  S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys
• 
  S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys
• 
  .
  .
  --- Other Services/Drivers In Memory ---
  .
  *NewlyCreated* - WS2IFSL
  .
  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
  2010-08-16 18:43   451872   ----a-w-   c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
  .
  Contents of the 'Scheduled Tasks' folder
  .
  2014-01-31 c:\windows\Tasks\Adobe Flash Player Updater.job
  - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-30 16:05]
  .
  2014-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-30 03:51]
  .
  2014-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-30 03:51]
  .
  2014-01-31 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 0351668c-57dc-4b09-ae48-cf24ad17e8ec.job
  - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
  .
  2014-01-12 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task b2c42573-be2c-40ec-9f68-979cc2b41323.job
  - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
  .
  .
  --------- X64 Entries -----------
  .
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
  "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
  .
  ------- Supplementary Scan -------
  .
  uLocal Page = c:\windows\system32\blank.htm
  uStart Page = hxxp://www.google.com/
  mLocal Page = c:\windows\SysWOW64\blank.htm
  uInternet Settings,ProxyOverride = <-loopback>;<local>
  uInternet Settings,ProxyServer = http=127.0.0.1:49160;https=127.0.0.1:49160
  IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office10\EXCEL.EXE/3000
  TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
  Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
  FF - ProfilePath - c:\users\larry\AppData\Roaming\Mozilla\Firefox\Profiles\07vbiqdk.default-1382562802549\
  FF - prefs.js: network.proxy.type - 0
  .
  - - - - ORPHANS REMOVED - - - -
  .
  BHO-{85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - c:\program files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll
  BHO-{9194649F-7143-4308-90C1-D6A35B0E354E} - c:\program files (x86)\OApps\bho_project.dll
  BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
  Toolbar-{A531D99C-5A22-449b-83DA-872725C6D0ED} - c:\program files (x86)\alotappbar\bin\ALOTHelper.dll
  Toolbar-10 - (no file)
  Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
  Wow6432Node-HKCU-Run-iLivid - c:\users\larry\AppData\Local\iLivid\iLivid.exe
  Wow6432Node-HKU-Default-Run-Advanced SystemCare 5 - c:\program files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
  HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
  Toolbar-10 - (no file)
  AddRemove-Criminal Investigation Agents: Petrodollars - c:\progra~2\SHOCKW~1.COM\CRIMIN~1\UNWISE.EXE
  AddRemove-Dream Inn: The Driftwood - c:\progra~2\SHOCKW~1.COM\DREAMI~1\UNWISE.EXE
  AddRemove-Farmington Tales - c:\progra~2\SHOCKW~1.COM\FARMIN~1\UNWISE.EXE
  AddRemove-Royal Envoy™ 2 Collector's Edition_is1 - c:\program files (x86)\Playrix Entertainment\Royal Envoy 2 CE\unins000.exe
  AddRemove-Settings Alerter - c:\program files (x86)\Settings Alerter\uninstall.exe
  .
  .
  .
  --------------------- LOCKED REGISTRY KEYS ---------------------
  .
  [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
  @Denied: (A 2) (Everyone)
  @="FlashBroker"
  "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
  "Enabled"=dword:00000001
  .
  [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
  @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
  @Denied: (A 2) (Everyone)
  @="IFlashBroker5"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
  @="{00020424-0000-0000-C000-000000000046}"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  "Version"="1.0"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
  @Denied: (A 2) (Everyone)
  @="FlashBroker"
  "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
  "Enabled"=dword:00000001
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  @Denied: (A 2) (Everyone)
  @="Shockwave Flash Object"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
  "ThreadingModel"="Apartment"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  @="0"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  @="ShockwaveFlash.ShockwaveFlash.11"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  @="1.0"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  @="ShockwaveFlash.ShockwaveFlash"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  @Denied: (A 2) (Everyone)
  @="Macromedia Flash Factory Object"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
  "ThreadingModel"="Apartment"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  @="FlashFactory.FlashFactory.1"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  @="1.0"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  @="FlashFactory.FlashFactory"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
  @Denied: (A 2) (Everyone)
  @="IFlashBroker5"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
  @="{00020424-0000-0000-C000-000000000046}"
  .
  [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  "Version"="1.0"
  .
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
  @Denied: (Full) (Everyone)
  .
  ------------------------ Other Running Processes ------------------------
  .
  c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
  c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
  c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
  c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
  c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
  .
  **************************************************************************
  .
  Completion time: 2014-01-31  14:14:43 - machine was rebooted
  ComboFix-quarantined-files.txt  2014-01-31 20:14
  .
  Pre-Run: 926,473,781,248 bytes free
  Post-Run: 927,075,696,640 bytes free
  .
  - - End Of File - - 1B1226BE31D403B0ADD111C51B78A04F
  A36C5E4F47E84449FF07ED3517B43A31
  

[Corrine]

Hi, Gale_Tx.

I'm not seeing anything other than PUPs in the Malwarebytes log and don't see how that could have affected your IE proxy settings.  See if the instructions at Change proxy server settings in Internet Explorer help.

Please go here to run an on-line scan from ESET.

• Note: It is easiest if you use Internet explorer for this scan.  (If you use an alternate browser, it will be necessary to download the ESET Smart Installer)
  
• Turn off the real time scanner of any existing antivirus program while performing the online scan
  
• Tick the box next to YES, I accept the Terms of Use.
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  
• Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
• Click Scan
  
• Wait for the scan to finish
• Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
  
• Copy and paste that log as a reply to this topic.

[Gale_Tx]

Corrine, Not sure why, but before I had a chance to implement your instructions, IE started working again. Tks.

[Corrine]

If everything is back to normal, please do the following:

1.  Remove SystemCheck from your desktop.

2.  Update Adobe Flash Player:

Non-IE (Opera, Firefox, Etc.):  http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_12_plugin.exe
Windows XP, Vista and 7:  Flash Player For Internet Explorer 7, 8, 9, 10, 11:  http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_12_active_x.exe

3.  Please do the following to implement cleanup procedures and also to reset System Restore points:

Click Start > Run and copy/paste the following bold text into the Run box and click OK:

ComboFix /Uninstall

Note: In the event you wish to contribute to the ongoing development of ComboFix, the developer is accepting donations via PayPal.


Please refer to the Safe Computing Practices and other recommendations in this updated copy of "So how did I get infected in the first place?".

[Gale_Tx]

Thank you sooooo very much, Corrine.  You guys are the best!  One last question do I keep malware bytes on my computer? 

[Corrine]

The choice is yours as to whether you want to keep Malwarebytes installed.  Personally, I use Malwarebytes PRO.  The current version is a one-time life-time license fee ($24.95 for a lifetime license).  However, when Version 2 is released, the PRO version will be a subscription.  What is nice though, is that the version 1x PRO license will be honored for the life of v2.   

[Gale_Tx]

Tks, Corrine. I bought MBAM for Larry's computer.  The dreaded flash pop-up started again in FF and it stopped working altogether.  When trying to download the Flash update, it says it can't continue 'til FF is closed, FF isn't open, I'm using IE. No problem downloading it in IE.   Another thing I can't post on this site on IE.  Hellllp! 

[Corrine]

Lucky Larry!   :thumbsup:

Oh, my!  Problems with both Firefox and IE. 

Flash Player:

Since you were having a problem with Flash Player when you originally posted, I thing the best thing would be to completely uninstall Flash Player.  Adobe has instructions here:  Uninstall Flash Player | Windows.

You'll then need to download and reinstall Flash Player.  Depending on which browser you use to get the installer, you will need to make sure to get the current version for the other browser.  Note:  Be sure to UNCHECK the Optional Offer to install the McAfee Security Scan Plus and any other additional extras offered. 

Download Flash Player from here:  http://get.adobe.com/flashplayer/
Verify installation with both browsers here:  http://www.adobe.com/software/flash/about/

Posting here with IE:

What happens when you try to post here at LzD with IE?  Do you get any kind of error message?