jaiz

August 8, 2013

I'm gonna try to get to this tonight. Sorry for the delays

August 6, 2013

Hey sorry about that, have been busy. I did what you said and still getting an error.

August 3, 2013

Sorry I didn't attach the file properly.

August 3, 2013

I receive an error when trying to install MSE. I attached a screenshot of the error

August 2, 2013

The problem is still the same as I stated in my first post. When I restart my computer I get the same error each time

msseces.exe - Application Error

The application was unable to start correctly (0xc000007b). Click OK to close the application. This all started when windows update tried to do an update for Microsoft Security Essentials, and that's when the msseces errors started happening.

Results of screen317's Security Check version 0.99.71
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
(On Access scanning disabled!)
Error obtaining update status for antivirus!
`````````Anti-malware/Other Utilities Check:`````````
SpywareBlaster 5.0
Malwarebytes Anti-Malware version 1.70.0.1100
Out of date Malwarebytes Anti-Malware installed!
Java 6 Update 33
Java version out of Date!
Adobe Flash Player 11.8.800.94
Adobe Reader 10.1.7 Adobe Reader out of Date!
Mozilla Firefox (22.0)
Google Chrome 28.0.1500.72
Google Chrome 28.0.1500.95
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 7%
````````````````````End of Log``````````````````````

August 1, 2013

Oh you meant the malware bytes program lol My bad

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.01.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Jeremy :: JEREMY-PC [administrator]

8/1/2013 8:28:35 AM
mbam-log-2013-08-01 (08-28-35).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 258768
Time elapsed: 13 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

July 31, 2013

MBAM? Need a link to download that.

July 31, 2013

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-07-2013 03
Ran by Jeremy at 2013-07-31 01:35:57 Run:3
Running from C:\Users\Jeremy\Desktop
Boot Mode: Normal
==============================================

"C:\Program Files\Microsoft Security Client" => Deleting reparse point and unlocking started.
"C:\Program Files\Microsoft Security Client" => Deleting reparse point and unlocking completed.
"C:\ProgramData\Microsoft\Windows Defender" => Deleting reparse point and unlocking started.
"C:\ProgramData\Microsoft\Windows Defender" => Deleting reparse point and unlocking completed.
"C:\Program Files (x86)\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files (x86)\Windows Defender" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed.
"C:\Users\Jeremy\Desktop\msseces.exe" => File/Directory not found.
HKLM\Software\Classes\CLSID\{750fdf10-2a26-11d1-a3ea-080036587f03}\InprocServer32\\Default => Value was restored successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.

The system needs a manual reboot.

==== End of Fixlog ====

July 31, 2013

I'm not sure why, but after my comp restarted I lost my folder which contained everything that was done in this thread. Is it safe to repeat this latest step again?

July 30, 2013

RogueKiller V8.6.4 _x64_ [Jul 29 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Jeremy [Admin rights]
Mode : Scan -- Date : 07/30/2013 04:02:28
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 20 ¤¤¤
[sERVICE][ROGUE ST] HKLM\[...]\CCSet\[...]\Services : 10354613 (C:\Windows\system32\DRIVERS\10354613.sys [7]) -> FOUND
[sERVICE][ROGUE ST] HKLM\[...]\CCSet\[...]\Services : 24441005 (C:\Windows\system32\DRIVERS\24441005.sys [7]) -> FOUND
[sERVICE][ROGUE ST] HKLM\[...]\CS001\[...]\Services : 10354613 (C:\Windows\system32\DRIVERS\10354613.sys [7]) -> FOUND
[sERVICE][ROGUE ST] HKLM\[...]\CS001\[...]\Services : 24441005 (C:\Windows\system32\DRIVERS\24441005.sys [7]) -> FOUND
[sERVICE][ROGUE ST] HKLM\[...]\CS002\[...]\Services : 10354613 (C:\Windows\system32\DRIVERS\10354613.sys [7]) -> FOUND
[sERVICE][ROGUE ST] HKLM\[...]\CS002\[...]\Services : 24441005 (C:\Windows\system32\DRIVERS\24441005.sys [7]) -> FOUND
[DNS] HKLM\[...]\CCSet\[...]\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer (107.6.133.8,23.23.180.210) -> FOUND
[DNS] HKLM\[...]\CS001\[...]\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer (107.6.133.8,23.23.180.210) -> FOUND
[DNS] HKLM\[...]\CS002\[...]\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer (107.6.133.8,23.23.180.210) -> FOUND
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD103UJ ATA Device +++++
--- User ---
[MBR] bcc1727eb4d27fb881a41e96255b5396
[bSP] beac72b8fa020a816c05c3802bf54d68 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SAMSUNG HD103UJ ATA Device +++++
--- User ---
[MBR] 960ee0263e7e86714a4c1b9dca087975
[bSP] 1a5f2db44097e7f4dc4ae1dda7b13ac3 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15166 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31141888 | Size: 461733 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: SAMSUNG HD103UJ ATA Device +++++
--- User ---
[MBR] fb6d4d6cac98078e792dd36a5bef8afe
[bSP] db4753ad11c4e1c11c05d6019087945e : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive3: SAMSUNG HD103UJ ATA Device +++++
--- User ---
[MBR] 2dd27a2bd9b0b305e974b4defc45b985
[bSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8192 | Size: 15189 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[0]_S_07302013_040228.txt >>

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-07-2013 03
Ran by Jeremy (administrator) on 30-07-2013 04:05:30
Running from C:\Users\Jeremy\Desktop\msseces.exe
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] (Microsoft Corporation)
HKLM\...\InprocServer32: [Default-cscui] <==== ATTENTION!
HKCU\...\Run: [ThreadManager.exe] - C:\Program Files (x86)\Thread Manager\ThreadManager.exe [12322584 2013-07-10] (Digital Generation Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]107.6.133.8,23.23.180.210

FireFox:
========
FF ProfilePath: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default
FF NewTab: about:blank
FF SelectedSearchEngine: Google

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Jeremy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Jeremy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Jeremy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Extension: No Name - C:\Users\Jeremy\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: iMacros for Firefox - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
FF Extension: DownloadHelper - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: goParentFolder - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\goParentFolder@alice.xpi
FF Extension: showParentFolder - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\showParentFolder@alice.xpi
FF Extension: No Name - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
FF Extension: No Name - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: No Name - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======

CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 6 U33) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.330.3) - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u00C3\u201A\u00E2\u201E\u00A2 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (Easy Auto Refresh) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc\2.9_0
CHR Extension: (YouTube) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Nanny for Google Chrome ) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cljcgchbnolheggdgaeclffeagnnmhno\0.993_0
CHR Extension: (Google Search) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (iMacros for Chrome) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\6.0.6_0
CHR Extension: (Website Blocker (Beta)) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.0_0
CHR Extension: (Better Pop Up Blocker) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0
CHR Extension: (Gmail) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [egnimkioipookhfihpljiedpgjffibpa] - C:\Program Files (x86)\MyBrowserCash\MBC_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Jeremy\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-04-20] (Adobe Systems)
S4 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-12-16] (SANDBOXIE L.T.D)
S2 SkypeUpdate; "C:\Program Files (x86)\Skype\Updater\Updater.exe" [x]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [x]

==================== Drivers (Whitelisted) ====================

R0 10354613; C:\Windows\System32\DRIVERS\10354613.sys [460888 2013-07-02] (Kaspersky Lab ZAO)
R0 24441005; C:\Windows\System32\DRIVERS\24441005.sys [460888 2013-07-01] (Kaspersky Lab ZAO)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [29288 2010-12-24] (Wondershare)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-03] (DT Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S3 pfc; C:\Windows\SysWow64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-12-16] (SANDBOXIE L.T.D)
R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-09-30] (C-Media Electronics Inc)
R3 VSTWinDriver6; C:\Windows\System32\drivers\VSTwindrvr6.sys [252928 2008-07-03] (Jungo)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U3 DfSdkS;
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [x]
S3 pfc; system32\drivers\pfc.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-07-30 04:05 - 2013-07-30 04:05 - 00000000 ____D C:\FRST
2013-07-30 04:01 - 2013-07-30 04:05 - 00000000 ____D C:\Users\Jeremy\Desktop\RK_Quarantine
2013-07-30 03:01 - 2013-07-30 04:04 - 00000000 ____D C:\Users\Jeremy\Desktop\msseces.exe
2013-07-27 05:40 - 2013-07-27 05:40 - 00000307 _____ C:\Users\Jeremy\vst_perfect_declipper.ini
2013-07-23 22:35 - 2013-07-23 22:35 - 00003456 ____N C:\bootsqm.dat
2013-07-23 04:47 - 2013-07-30 03:02 - 00000000 ____D C:\Users\Jeremy\Desktop\RAW
2013-07-23 02:41 - 2013-07-23 02:42 - 00392704 _____ (Microsoft Corporation) C:\Windows\system32\MpClient.dll
2013-07-22 23:41 - 2013-07-22 23:43 - 00000000 ____D C:\Windows\system32\MRT
2013-07-20 09:04 - 2013-07-20 09:04 - 03732364 _____ C:\Users\Jeremy\Documents\vlc-record-2013-07-20-09h04m34s-Tape 2.mpeg-.ts
2013-07-20 07:29 - 2013-07-26 02:34 - 00000000 ____D C:\Users\Jeremy\Desktop\TNA
2013-07-19 06:40 - 2013-07-19 09:37 - 00000000 ____D C:\Users\Jeremy\Documents\MelodynePlugin
2013-07-19 06:33 - 2013-07-19 06:33 - 00000000 ____D C:\ProgramData\Temporary
2013-07-19 05:49 - 2013-07-19 05:49 - 00003410 _____ C:\Windows\System32\Tasks\{D772732B-A5AA-4D31-9DA1-B634EED39C1E}
2013-07-16 00:48 - 2013-07-16 01:01 - 1183654580 _____ C:\Users\Jeremy\Desktop\Hiccup Fun.m2t
2013-07-15 08:21 - 2013-07-15 08:21 - 00000083 _____ C:\Users\Jeremy\Desktop\Hiccups.txt
2013-07-15 01:55 - 2013-07-16 01:01 - 00125288 _____ C:\Users\Jeremy\Desktop\Hiccup Fun.m2t.xmpses
2013-07-15 01:28 - 2013-07-15 08:21 - 00000000 ____D C:\Users\Jeremy\Desktop\Hiccups
2013-07-12 06:25 - 2013-07-12 06:25 - 00000027 _____ C:\Users\Jeremy\Desktop\Lost Arm.txt
2013-07-10 07:06 - 2013-06-11 19:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 07:06 - 2013-06-11 19:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 07:06 - 2013-06-11 19:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 07:06 - 2013-06-11 19:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 07:06 - 2013-06-11 19:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 07:06 - 2013-06-11 19:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 07:06 - 2013-06-11 19:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 07:06 - 2013-06-11 19:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 07:06 - 2013-06-11 19:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 07:06 - 2013-06-11 19:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-10 07:06 - 2013-06-11 19:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-10 07:06 - 2013-06-11 19:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-10 07:06 - 2013-06-11 19:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-10 07:06 - 2013-06-11 19:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 07:06 - 2013-06-11 19:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 07:06 - 2013-06-11 19:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 07:06 - 2013-06-11 19:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-10 07:06 - 2013-06-11 18:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 07:06 - 2013-06-11 18:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 07:06 - 2013-06-06 23:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 07:06 - 2013-06-06 22:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 05:39 - 2013-06-04 23:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 05:39 - 2013-06-04 02:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 05:39 - 2013-06-04 00:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 05:39 - 2013-05-06 02:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 05:39 - 2013-05-06 00:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 05:39 - 2013-04-09 19:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 05:39 - 2013-04-02 18:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-09 04:13 - 2013-07-09 04:13 - 00011311 _____ C:\INSTALL.LOG
2013-07-09 04:13 - 2013-07-09 04:13 - 00000000 ____D C:\Program Files (x86)\Universal Audio
2013-07-09 04:13 - 2006-09-12 16:20 - 00557056 _____ (Hyperactive Audio Systems, Inc.) C:\Windows\SysWOW64\HypGui.dll
2013-07-09 04:13 - 2002-07-26 17:02 - 00153088 _____ C:\UNWISE.EXE
2013-07-09 04:12 - 2006-09-22 21:07 - 02600164 _____ C:\Users\Jeremy\AppData\Local\TempMediaPlay.wav
2013-07-09 01:50 - 2013-07-09 01:50 - 05146725 _____ (MuRKuT Bilişim Teknolojileri) C:\Users\Jeremy\Downloads\MuRKuT (4).exe
2013-07-09 00:42 - 2013-07-09 00:42 - 05146725 _____ (MuRKuT Bilişim Teknolojileri) C:\Users\Jeremy\Downloads\MuRKuT (3).exe
2013-07-09 00:08 - 2013-07-09 00:08 - 05146725 _____ (MuRKuT Bilişim Teknolojileri) C:\Users\Jeremy\Downloads\MuRKuT (2).exe
2013-07-08 12:05 - 2013-07-08 12:05 - 05146725 _____ (MuRKuT Bilişim Teknolojileri) C:\Users\Jeremy\Downloads\MuRKuT (1).exe
2013-07-07 20:17 - 2013-07-27 02:30 - 00000000 ____D C:\Users\Jeremy\Desktop\Smackdown
2013-07-05 00:28 - 2013-07-05 00:28 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\iZotope
2013-07-04 21:57 - 2013-07-05 00:26 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iZotope
2013-07-04 21:57 - 2013-07-04 21:57 - 00000000 ____D C:\Program Files (x86)\iZotope
2013-07-04 19:14 - 2013-07-04 19:14 - 00000000 ____D C:\ProgramData\InstallMate
2013-07-04 03:23 - 2013-07-04 03:24 - 00000115 _____ C:\Users\Jeremy\Desktop\Songs that need editing.txt
2013-07-02 22:08 - 2013-07-02 20:12 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\10354613.sys
2013-07-02 14:25 - 2013-07-25 10:47 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\DG
2013-07-02 14:25 - 2013-07-10 07:33 - 00000000 ____D C:\Program Files (x86)\Thread Manager
2013-07-02 14:25 - 2013-07-02 14:25 - 00000856 _____ C:\Users\Public\Desktop\Thread Manager.lnk
2013-07-01 04:15 - 2013-07-01 08:13 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\24441005.sys

==================== One Month Modified Files and Folders =======

2013-07-30 04:05 - 2013-07-30 04:05 - 00000000 ____D C:\FRST
2013-07-30 04:05 - 2013-07-30 04:01 - 00000000 ____D C:\Users\Jeremy\Desktop\RK_Quarantine
2013-07-30 04:04 - 2013-07-30 03:01 - 00000000 ____D C:\Users\Jeremy\Desktop\msseces.exe
2013-07-30 03:51 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-30 03:51 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-30 03:49 - 2013-05-10 04:20 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-30 03:44 - 2012-11-05 20:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-30 03:44 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-30 03:44 - 2009-07-14 00:51 - 00071808 _____ C:\Windows\setupact.log
2013-07-30 03:42 - 2012-01-20 18:32 - 01890178 _____ C:\Windows\WindowsUpdate.log
2013-07-30 03:18 - 2012-11-05 20:50 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-30 03:02 - 2013-07-23 04:47 - 00000000 ____D C:\Users\Jeremy\Desktop\RAW
2013-07-30 02:42 - 2012-02-03 05:22 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\foobar2000
2013-07-29 02:35 - 2012-02-03 05:04 - 00000548 _____ C:\Users\Jeremy\Desktop\Cue Up.txt
2013-07-29 02:27 - 2010-11-20 23:47 - 00113106 _____ C:\Windows\PFRO.log
2013-07-28 08:23 - 2012-02-03 01:20 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-07-27 05:40 - 2013-07-27 05:40 - 00000307 _____ C:\Users\Jeremy\vst_perfect_declipper.ini
2013-07-27 05:40 - 2012-02-02 22:17 - 00000000 ____D C:\Users\Jeremy
2013-07-27 02:30 - 2013-07-07 20:17 - 00000000 ____D C:\Users\Jeremy\Desktop\Smackdown
2013-07-26 04:18 - 2012-02-03 04:04 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\vlc
2013-07-26 02:34 - 2013-07-20 07:29 - 00000000 ____D C:\Users\Jeremy\Desktop\TNA
2013-07-25 22:30 - 2012-12-06 05:09 - 00000132 _____ C:\Users\Jeremy\AppData\Roaming\Adobe AIFF Format CS5 Prefs
2013-07-25 10:48 - 2012-10-18 06:18 - 00000000 ____D C:\Windows\pss
2013-07-25 10:48 - 2010-11-21 03:06 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-07-25 10:48 - 2010-11-21 03:06 - 00000000 ____D C:\Windows\system32\winrm
2013-07-25 10:47 - 2013-07-02 14:25 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\DG
2013-07-25 10:47 - 2013-05-14 09:46 - 00000000 ____D C:\Users\Jeremy\Desktop\Market
2013-07-25 10:47 - 2013-04-15 03:33 - 00000000 ____D C:\Users\Jeremy\AppData\Local\A
2013-07-25 10:47 - 2012-05-01 05:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-07-25 10:47 - 2012-02-03 00:20 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-07-25 10:47 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2013-07-23 22:35 - 2013-07-23 22:35 - 00003456 ____N C:\bootsqm.dat
2013-07-23 14:27 - 2012-05-10 08:02 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\FileZilla
2013-07-23 02:55 - 2012-02-02 22:22 - 00111952 _____ C:\Users\Jeremy\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-23 02:45 - 2009-07-14 00:45 - 04979048 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-23 02:42 - 2013-07-23 02:41 - 00392704 _____ (Microsoft Corporation) C:\Windows\system32\MpClient.dll
2013-07-23 01:53 - 2012-02-03 00:23 - 00002106 _____ C:\Windows\epplauncher.mif
2013-07-22 23:43 - 2013-07-22 23:41 - 00000000 ____D C:\Windows\system32\MRT
2013-07-22 23:40 - 2011-02-10 12:10 - 00823286 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-22 23:40 - 2009-07-14 01:13 - 00823286 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-21 09:50 - 2012-02-25 05:54 - 00000132 _____ C:\Users\Jeremy\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-07-20 09:04 - 2013-07-20 09:04 - 03732364 _____ C:\Users\Jeremy\Documents\vlc-record-2013-07-20-09h04m34s-Tape 2.mpeg-.ts
2013-07-20 04:44 - 2012-02-02 22:22 - 00000000 _RSHD C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-19 09:37 - 2013-07-19 06:40 - 00000000 ____D C:\Users\Jeremy\Documents\MelodynePlugin
2013-07-19 06:33 - 2013-07-19 06:33 - 00000000 ____D C:\ProgramData\Temporary
2013-07-19 05:52 - 2013-06-09 19:21 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2013-07-19 05:49 - 2013-07-19 05:49 - 00003410 _____ C:\Windows\System32\Tasks\{D772732B-A5AA-4D31-9DA1-B634EED39C1E}
2013-07-16 01:01 - 2013-07-16 00:48 - 1183654580 _____ C:\Users\Jeremy\Desktop\Hiccup Fun.m2t
2013-07-16 01:01 - 2013-07-15 01:55 - 00125288 _____ C:\Users\Jeremy\Desktop\Hiccup Fun.m2t.xmpses
2013-07-15 08:21 - 2013-07-15 08:21 - 00000083 _____ C:\Users\Jeremy\Desktop\Hiccups.txt
2013-07-15 08:21 - 2013-07-15 01:28 - 00000000 ____D C:\Users\Jeremy\Desktop\Hiccups
2013-07-13 22:12 - 2013-05-10 04:20 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-13 22:12 - 2013-05-10 04:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-13 22:12 - 2013-05-10 04:20 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-13 22:12 - 2012-02-03 03:56 - 00000000 ____D C:\Users\Jeremy\AppData\Local\Adobe
2013-07-12 07:50 - 2012-02-26 02:36 - 00000023 _____ C:\Users\Jeremy\Documents\tempFolderPath.dat
2013-07-12 06:25 - 2013-07-12 06:25 - 00000027 _____ C:\Users\Jeremy\Desktop\Lost Arm.txt
2013-07-11 23:13 - 2012-11-05 20:50 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-11 23:13 - 2012-11-05 20:50 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-11 02:16 - 2013-06-09 20:13 - 00000000 ____D C:\Program Files (x86)\Waves
2013-07-11 02:16 - 2012-02-03 05:12 - 00000000 ____D C:\Program Files (x86)\Steinberg
2013-07-10 07:34 - 2013-03-13 07:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-10 07:34 - 2013-03-13 07:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-10 07:33 - 2013-07-02 14:25 - 00000000 ____D C:\Program Files (x86)\Thread Manager
2013-07-10 07:33 - 2010-11-21 03:17 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 07:33 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 07:33 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 07:07 - 2012-02-03 08:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-09 04:13 - 2013-07-09 04:13 - 00011311 _____ C:\INSTALL.LOG
2013-07-09 04:13 - 2013-07-09 04:13 - 00000000 ____D C:\Program Files (x86)\Universal Audio
2013-07-09 01:50 - 2013-07-09 01:50 - 05146725 _____ (MuRKuT Bilişim Teknolojileri) C:\Users\Jeremy\Downloads\MuRKuT (4).exe
2013-07-09 00:42 - 2013-07-09 00:42 - 05146725 _____ (MuRKuT Bilişim Teknolojileri) C:\Users\Jeremy\Downloads\MuRKuT (3).exe
2013-07-09 00:08 - 2013-07-09 00:08 - 05146725 _____ (MuRKuT Bilişim Teknolojileri) C:\Users\Jeremy\Downloads\MuRKuT (2).exe
2013-07-08 12:05 - 2013-07-08 12:05 - 05146725 _____ (MuRKuT Bilişim Teknolojileri) C:\Users\Jeremy\Downloads\MuRKuT (1).exe
2013-07-05 00:28 - 2013-07-05 00:28 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\iZotope
2013-07-05 00:26 - 2013-07-04 21:57 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iZotope
2013-07-04 21:57 - 2013-07-04 21:57 - 00000000 ____D C:\Program Files (x86)\iZotope
2013-07-04 21:57 - 2013-06-09 19:21 - 00000000 ____D C:\Program Files\Common Files\VST3
2013-07-04 19:14 - 2013-07-04 19:14 - 00000000 ____D C:\ProgramData\InstallMate
2013-07-04 03:24 - 2013-07-04 03:23 - 00000115 _____ C:\Users\Jeremy\Desktop\Songs that need editing.txt
2013-07-03 18:33 - 2012-05-02 21:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-03 07:04 - 2013-04-11 20:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 20:12 - 2013-07-02 22:08 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\10354613.sys
2013-07-02 15:04 - 2013-05-01 05:21 - 00002272 _____ C:\Windows\Sandboxie.ini
2013-07-02 14:25 - 2013-07-02 14:25 - 00000856 _____ C:\Users\Public\Desktop\Thread Manager.lnk
2013-07-02 13:23 - 2013-06-28 10:41 - 00003980 _____ C:\Windows\System32\Tasks\Open URL by RoboForm
2013-07-01 08:13 - 2013-07-01 04:15 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\24441005.sys
2013-07-01 01:46 - 2013-05-18 03:05 - 00000000 ____D C:\ProgramData\Kaspersky Lab

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-07-22 20:44

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-07-2013 03
Ran by Jeremy at 2013-07-30 04:07:11
Running from C:\Users\Jeremy\Desktop\msseces.exe
Boot Mode: Normal
==========================================================

==================== Installed Programs =======================

Update for Microsoft Office 2007 (KB2508958) (x32)
64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
AAMS Auto Audio Mastering System V2.5 (x32)
Adobe AIR (x32 Version: 2.6.0.19140)
Adobe AIR (x32 Version: 3.6.0.6090)
Adobe Audition 1.5 (x32 Version: 1.5)
Adobe Audition 3.0 (x32 Version: 3.0)
Adobe Audition 3.0 Vista Compatibility
Adobe Community Help (x32 Version: 3.5.23)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Photoshop CS5.1 (x32 Version: 12.1)
Adobe Premiere Elements 10 (Version: 10.0)
Adobe Premiere Elements 10 Content (x32 Version: 10.0)
Adobe Premiere Elements 10 Content 1 (x32 Version: 10.0)
Adobe Premiere Elements 10 Content 2 (x32 Version: 10.0)
Adobe Premiere Elements 10 Content 3 (x32 Version: 10.0)
Adobe Premiere Elements 10 HD Content 1 (x32 Version: 10.0)
Adobe Premiere Elements 10 HD Content 2 (x32 Version: 10.0)
Adobe Premiere Elements 10 HD Content 3 (x32 Version: 10.0)
Adobe Reader X (10.1.7) (x32 Version: 10.1.7)
AIM for Windows (HKCU)
AIPL WarmTone DX v2.2 (x32)
Antares Autotune VST v5.09 (x32)
Antares Microphone Modeler - ZONE (x32)
Apple Application Support (x32 Version: 2.3.4)
Apple Software Update (x32 Version: 2.1.3.127)
ASIO4ALL (x32 Version: 2.10)
Audacity 2.0.3 (x32 Version: 2.0.3)
Blaine's Alias Title (Version: 1.0.1)
Blaine's Bloom/Negative Effects (Version: 1.1.0)
Blaine's Cartoonify Effects (Version: 1.0.1)
Blaine's Color Fade Effects (Version: 1.0.1)
Blaine's Contrast Effects (Version: 1.0.1)
Blaine's Custom Dreamy Look Title (Version: 2.0.1)
Blaine's Custom Speed Effects (Version: 2.0.1)
Blaine's Film Looks Effects (Version: 1.0.1)
Blaine's Letterbox Effects (Version: 1.0.3)
Blaine's Pixelate Effects (Version: 1.0.2)
Blaine's TV Signal Effects (Version: 1.0.0)
CameraHelperMsi (x32 Version: 13.31.1038.0)
Canon PowerShot ELPH 110 HS_IXUS 125 HS Camera User Guide (x32 Version: 1.0.0.7)
Canon Utilities CameraWindow DC 8 (x32 Version: 8.7.0.11)
Canon Utilities ImageBrowser EX (x32 Version: 1.1.1.19)
Canon Utilities PhotoStitch (x32 Version: 3.1.23.47)
CDBurnerXP (x32 Version: 4.4.1.3099)
ClickFix Lite for Adobe Audition version 3.04 (remove only) (x32)
Conexant HD Audio (Version: 8.50.4.0)
ContaCam (x32 Version: 4.0.5)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.45.2.0287)
Dell Edoc Viewer (Version: 1.0.0)
Dropbox (HKCU Version: 1.4.7)
eaner (Version: 4.03)
Elements 10 Organizer (x32 Version: 10.0)
erLT (x32 Version: 1.20.138.34)
EULAlyzer 2.2 (x32 Version: 2.2.0)
Facebook Video Calling 1.2.0.159 (x32 Version: 1.2.159)
FastStone Capture 6.8 (x32 Version: 6.8)
FileZilla Client 3.7.1 (x32 Version: 3.7.1)
foobar2000 v1.1.10 (x32 Version: 1.1.10)
Free MIDI to MP3 Converter 1.0 (x32)
FreeUndelete 2.1.36867.1 (x32 Version: 2.1.36867.1)
GEAR driver installer for AMD64 and Intel EM64T (Version: 2.003.1)
GetDataBack for NTFS (x32 Version: 4.24.000)
Google Chrome (x32 Version: 28.0.1500.72)
Google Update Helper (x32 Version: 1.3.21.153)
HandBrake 0.9.5 (x32 Version: 0.9.5)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
Intel® Processor Graphics (x32 Version: 9.17.10.2932)
Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
IrfanView (remove only) (x32 Version: 4.32)
Java Auto Updater (x32 Version: 2.0.7.1)
Java 6 Update 27 (64-bit) (Version: 6.0.270)
Java 6 Update 33 (x32 Version: 6.0.330)
JDownloader 0.9 (x32 Version: 0.9)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
K-Lite Codec Pack 8.2.0 (Standard) (x32 Version: 8.2.0)
Logitech Webcam Software (x32 Version: 2.30)
LWS Facebook (x32 Version: 13.31.1038.0)
LWS Gallery (x32 Version: 13.31.1038.0)
LWS Help_main (x32 Version: 13.31.1044.0)
LWS Launcher (x32 Version: 13.31.1038.0)
LWS Motion Detection (x32 Version: 13.30.1395.0)
LWS Pictures And Video (x32 Version: 13.31.1038.0)
LWS Twitter (x32 Version: 13.30.1346.0)
LWS Video Mask Maker (x32 Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (x32 Version: 13.31.1038.0)
LWS WLM Plugin (x32 Version: 1.30.1201.0)
LWS YouTube Plugin (x32 Version: 13.31.1038.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (x32 Version: 1.70.0.1100)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Silverlight (x32 Version: 4.1.10329.0)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
MixMeister Studio 7.2.2 (x32)
Movie Maker 6.0 for Windows 7 (64-bit) (Version: 6.0.0)
Moyea FLV to Video Converter Pro version 1.29.2.11 (x32)
Mozilla Firefox 22.0 (x86 en-US) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
OLYMPUS Master 2 (x32 Version: 1.0.13)
PDF Settings CS5 (x32 Version: 10.0)
Picasa 3 (x32 Version: 3.9)
PlayReady PC Runtime x86 (x32 Version: 1.3.0)
PRE10STI64Installer (x32 Version: 1.0)
QuickTime (x32 Version: 7.72.80.56)
QuickTime (x32 Version: 7.74.80.86)
Rapture 1.2.2 (x32 Version: 18.0)
Sandboxie 3.76 (64-bit) (Version: 3.76)
Share YouTube Videos version 1 (x32 Version: 1)
Simple Search-Replace (x32 Version: 1.08.0000)
Skype™ 6.1 (x32 Version: 6.1.129)
SmartSound Common Data (x32 Version: 1.1.0)
SmartSound Premiere Elements 10 x64 Plugin (Version: 5.70.0001)
SmartSound Sonicfire Pro 5 (x32 Version: 5.7.1)
SONAR X2 Producer x64 (x32 Version: 19.0)
SpywareBlaster 5.0 (x32 Version: 5.0.0)
SUPERAntiSpyware (Version: 5.6.1014)
Thread Manager 2.4.0.0 (x32 Version: 2.4.0.0)
Tube Increaser version 5.0.0 (x32 Version: 5.0.0)
Universal Audio v4.4.0 Native (x32)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
Update for Microsoft Office Access 2007 Help (KB963663) (x32)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
Update for Microsoft Office Infopath 2007 Help (KB963662) (x32)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition (x32)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update for Microsoft Office Publisher 2007 Help (KB963667) (x32)
Update for Microsoft Office Script Editor Help (KB963671) (x32)
Update for Microsoft Office Word 2007 Help (KB963665) (x32)
VLC media player 2.0.6 (x32 Version: 2.0.6)
Waves Complete V9r1 (x32 Version: 9.0.1)
Waves Mercury Bundle (x32 Version: 5.0)
Waves SSL Collection v1.2 (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Media Encoder 9 Series x64 Edition
Windows Media Encoder 9 Series x64 Edition (Version: 10.0.0.3809)
WinRAR 4.20 (32-bit) (x32 Version: 4.20.0)

==================== Restore Points =========================

25-07-2013 12:39:02 Restore Operation
26-07-2013 12:53:10 Windows Update
29-07-2013 06:38:06 Revo Uninstaller's restore point - Celemony Melodyne Plugin VST RTAS v1.0
29-07-2013 06:41:40 Windows Update

==================== Hosts content: ==========================

2012-02-03 07:35 - 2013-06-27 11:19 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {09E75D01-CC9E-47A6-89B2-E6753E58619C} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-13] (Microsoft Corporation)
Task: {177EF570-739F-4316-8415-AE1C70CFA817} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05] (Google Inc.)
Task: {2360DA8A-09B0-4CB1-8985-08142FBC4C3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05] (Google Inc.)
Task: {42465A7E-4F7E-4B09-9468-2C715E22E77F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {61662508-FD9B-4527-B1E0-022DC2836D7C} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe No File
Task: {68FD1AED-AB87-4272-804A-71E26C6C771A} - System32\Tasks\Open URL by RoboForm => C:\Windows\system32\rundll32.exe [2009-07-13] (Microsoft Corporation)
Task: {72AC25D4-AFF2-4C7F-83D2-00CCA50383AB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-13] (Microsoft Corporation)
Task: {735C4EF9-8FD8-40C6-A8FB-AEA0F5D6B6D1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {98900B6D-17CB-4F5B-B07F-1F3D6425F562} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-13] (Microsoft Corporation)
Task: {BCE20BB9-1C2C-4D32-9164-CE7730387B31} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {C0D1F864-CDC5-4232-974C-01C2003C9936} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe No File
Task: {EDA65AB4-11B7-444C-B343-C066822192CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-13] (Adobe Systems Incorporated)
Task: {F0C206AF-FA61-4EC6-A7BE-55B4B143622E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/30/2013 03:45:19 AM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/30/2013 00:28:40 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 22.0.0.4917 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 4914

Start Time: 01ce8c4dfe663e68

Termination Time: 99

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 8106568b-f8d0-11e2-aa0d-d067e52c8165

Error: (07/29/2013 07:19:02 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 22.0.0.4917 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: dfc

Start Time: 01ce8c24ddf619a9

Termination Time: 34

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: a9ee1fc2-f840-11e2-aa0d-d067e52c8165

Error: (07/29/2013 03:23:27 AM) (Source: Application Error) (User: )
Description: Faulting application name: Audition.exe, version: 1.5.4124.1, time stamp: 0x40980e38
Faulting module name: MSVCR71.dll, version: 7.10.3052.4, time stamp: 0x3e561eac
Exception code: 0xc0000005
Fault offset: 0x00019e73
Faulting process id: 0x1070
Faulting application start time: 0xAudition.exe0
Faulting application path: Audition.exe1
Faulting module path: Audition.exe2
Report Id: Audition.exe3

Error: (07/29/2013 03:23:24 AM) (Source: Application Error) (User: )
Description: Faulting application name: Audition.exe, version: 1.5.4124.1, time stamp: 0x40980e38
Faulting module name: WaveShell-VST 9.0.dll, version: 9.0.0.21, time stamp: 0x4f5cb232
Exception code: 0xc0000005
Fault offset: 0x000340b4
Faulting process id: 0x1070
Faulting application start time: 0xAudition.exe0
Faulting application path: Audition.exe1
Faulting module path: Audition.exe2
Report Id: Audition.exe3

Error: (07/29/2013 02:29:38 AM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/29/2013 02:28:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/29/2013 02:28:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/29/2013 02:28:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/29/2013 02:28:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

System errors:
=============
Error: (07/30/2013 03:44:01 AM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Error: (07/30/2013 03:44:01 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.

Error: (07/30/2013 03:43:30 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/29/2013 02:28:18 AM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Error: (07/29/2013 02:28:18 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.

Error: (07/29/2013 02:27:45 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/25/2013 10:49:40 AM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Error: (07/25/2013 10:49:40 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.

Error: (07/25/2013 10:49:07 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/25/2013 10:28:06 AM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-06-27 11:19:20.910
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-06-27 11:19:20.872
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 29%
Total physical RAM: 6056.63 MB
Available physical RAM: 4292.73 MB
Total Pagefile: 12111.44 MB
Available Pagefile: 10291.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:450.91 GB) (Free:334.51 GB) NTFS (Disk=1 Partition=3)
Drive d: (Files) (Fixed) (Total:931.51 GB) (Free:177.68 GB) NTFS (Disk=0 Partition=1)
Drive e: (Media) (Fixed) (Total:931.51 GB) (Free:57.88 GB) NTFS (Disk=2 Partition=1)
Drive f: (Backup) (Fixed) (Total:2794.52 GB) (Free:1137.41 GB) NTFS (Disk=4 Partition=1)
Drive g: (CANON_DC) (Removable) (Total:14.83 GB) (Free:9.46 GB) FAT32 (Disk=3 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 3468B252)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 9D4CFAAC)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 34ECB17F)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.

==================== End Of Log ============================

July 30, 2013

Ok thank you. I see that I should have just went about this the same way that I did with my other issues. I got it, thanks again.

July 30, 2013

When I start my computer up I've been getting this message

msseces.exe - Application Error

The application was unable to start correctly (0xc000007b). Click OK to close the application.

This is in regards to Microsoft Security Essentials as it will not start, and thus I have no anti-virus protection. Assistance with this would be greatly appreciated.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 1.6.0_33
Run by Jeremy at 3:02:04 on 2013-07-30
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6057.1085 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Thread Manager\ThreadManager.exe
C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.44.exe
C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher\xulrunner\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
D:\- Jeremy\- Programs\- Website Tools\- Bots\HitLeap Viewer\HitLeap Viewer\core\control\hitleap-viewer.exe
C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
C:\Program Files (x86)\Share YouTube Videos\Share YouTube Videos.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
C:\Windows\system32\calc.exe
C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
D:\- Jeremy\- Programs\- Website Tools\- Bots\HitLeap Viewer\HitLeap Viewer\core\control\..\cef\hitleap-viewer-browser.exe
D:\- Jeremy\- Programs\- Website Tools\- Bots\HitLeap Viewer\HitLeap Viewer\core\cef\hitleap-viewer-browser.exe
D:\- Jeremy\- Programs\- Website Tools\- Bots\HitLeap Viewer\HitLeap Viewer\core\cef\hitleap-viewer-browser.exe
D:\- Jeremy\- Programs\- Website Tools\- Bots\HitLeap Viewer\HitLeap Viewer\core\cef\hitleap-viewer-browser.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = <local>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [ThreadManager.exe] C:\Program Files (x86)\Thread Manager\ThreadManager.exe
mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.

TCP: NameServer = 208.59.247.45 208.59.247.46
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{FF1B28AD-68A0-41A8-9CB9-D47A0A08BBC4} : DHCPNameServer = 208.59.247.45 208.59.247.46
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-06-20 19:58; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF - ExtSQL: 2013-06-28 05:43; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF - ExtSQL: 2013-07-04 21:29; {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}; C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
FF - ExtSQL: !HIDDEN! 2012-10-08 22:35; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 10354613;10354613;C:\Windows\System32\drivers\10354613.sys [2013-7-2 460888]
R0 24441005;24441005;C:\Windows\System32\drivers\24441005.sys [2013-7-1 460888]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-1-20 55856]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-2-3 283200]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-4-29 169752]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-12-13 342528]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-20 539240]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-12-16 202632]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;C:\Windows\System32\drivers\CM10664.sys [2009-9-30 1307648]
R3 VSTWinDriver6;VSTWinDriver6;C:\Windows\System32\drivers\VSTwindrvr6.sys [2008-7-3 252928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [2012-8-21 29288]
S3 CompFilter64;UVCCompositeFilter;C:\Windows\System32\drivers\lvbflt64.sys [2012-1-18 25632]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
S3 LVUVC64;Logitech HD Webcam C510(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-25 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-25 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-25 30208]
S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
S4 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624]
.
=============== File Associations ===============
.
FileExt: .js: Applications\notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]
.
=============== Created Last 30 ================
.
2013-07-27 09:56:49   76232   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{629ACCC5-39EC-46D1-90EB-88B3E4375B1F}\offreg.dll
2013-07-26 12:53:47   9460976   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{629ACCC5-39EC-46D1-90EB-88B3E4375B1F}\mpengine.dll
2013-07-23 06:41:59   392704   ----a-w-   C:\Windows\System32\MpClient.dll
2013-07-23 03:41:08   --------   d-----w-   C:\Windows\System32\MRT
2013-07-22 10:21:10   9460976   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A2BD1B85-780A-4105-B6B2-52D9DE70FB97}\mpengine.dll
2013-07-21 03:00:06   --------   d-----w-   C:\Program Files (x86)\Share YouTube Videos
2013-07-19 10:33:09   --------   d-----w-   C:\ProgramData\Temporary
2013-07-17 02:11:29   941720   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0881CEB4-359E-4A9A-8B66-523C5BD30F91}\gapaengine.dll
2013-07-10 09:39:23   9216   ----a-w-   C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-09 08:13:26   --------   d-----w-   C:\Program Files (x86)\Universal Audio
2013-07-09 08:13:18   557056   ----a-w-   C:\Windows\SysWow64\HypGui.dll
2013-07-09 08:13:17   153088   ----a-w-   C:\UNWISE.EXE
2013-07-05 04:28:56   --------   d-----w-   C:\Users\Jeremy\AppData\Roaming\iZotope
2013-07-05 01:57:47   --------   d-----w-   C:\Program Files (x86)\iZotope
2013-07-04 23:14:43   --------   d-----w-   C:\ProgramData\InstallMate
2013-07-03 02:08:01   460888   ----a-w-   C:\Windows\System32\drivers\10354613.sys
2013-07-02 18:25:19   --------   d-----w-   C:\Users\Jeremy\AppData\Roaming\DG
2013-07-02 18:25:07   --------   d-----w-   C:\Program Files (x86)\Thread Manager
2013-07-01 08:15:14   460888   ----a-w-   C:\Windows\System32\drivers\24441005.sys
.
==================== Find3M ====================
.
2013-07-14 02:12:15   71048   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-14 02:12:15   692104   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-11 23:43:37   1767936   ----a-w-   C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00   2877440   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58   61440   ----a-w-   C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58   109056   ----a-w-   C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20   2241024   ----a-w-   C:\Windows\System32\wininet.dll
2013-06-11 23:25:16   3958784   ----a-w-   C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13   67072   ----a-w-   C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13   136704   ----a-w-   C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45   71680   ----a-w-   C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58   89600   ----a-w-   C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18   2706432   ----a-w-   C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52   2706432   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2013-06-05 03:34:27   3153920   ----a-w-   C:\Windows\System32\win32k.sys
2013-06-04 06:00:13   624128   ----a-w-   C:\Windows\System32\qedit.dll
2013-06-04 04:53:07   509440   ----a-w-   C:\Windows\SysWow64\qedit.dll
2013-05-13 05:51:01   184320   ----a-w-   C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00   1464320   ----a-w-   C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00   139776   ----a-w-   C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40   52224   ----a-w-   C:\Windows\System32\certenc.dll
2013-05-13 04:45:55   140288   ----a-w-   C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55   1160192   ----a-w-   C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55   103936   ----a-w-   C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55   1192448   ----a-w-   C:\Windows\System32\certutil.exe
2013-05-13 03:08:10   903168   ----a-w-   C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06   43008   ----a-w-   C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27   30720   ----a-w-   C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54   24576   ----a-w-   C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01   1910632   ----a-w-   C:\Windows\System32\drivers\tcpip.sys
2013-05-06 06:03:49   1887744   ----a-w-   C:\Windows\System32\WMVDECOD.DLL
2013-05-06 04:56:35   1620480   ----a-w-   C:\Windows\SysWow64\WMVDECOD.DLL
2013-05-02 06:06:08   278800   ------w-   C:\Windows\System32\MpSigStub.exe
2013-05-01 07:59:12   94208   ----a-w-   C:\Windows\SysWow64\QuickTimeVR.qtx
2013-05-01 07:59:12   69632   ----a-w-   C:\Windows\SysWow64\QuickTime.qts
.
============= FINISH: 3:03:51.32 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2/2/2012 9:17:09 PM
System Uptime: 7/29/2013 2:27:35 AM (25 hours ago)
.
Motherboard: Dell Inc. | | 0GDG8Y
Processor: Intel® Core i5-2320 CPU @ 3.00GHz | CPU 1 | 3001/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 334.584 GiB free.
D: is FIXED (NTFS) - 932 GiB total, 177.685 GiB free.
E: is FIXED (NTFS) - 932 GiB total, 57.882 GiB free.
F: is FIXED (NTFS) - 2795 GiB total, 1137.41 GiB free.
G: is Removable
O: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP366: 7/25/2013 8:39:02 AM - Restore Operation
RP367: 7/26/2013 8:53:10 AM - Windows Update
RP368: 7/29/2013 2:38:06 AM - Revo Uninstaller's restore point - Celemony Melodyne Plugin VST RTAS v1.0
RP369: 7/29/2013 2:41:40 AM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer
7-Zip 9.20 (x64 edition)
AAMS Auto Audio Mastering System V2.5
Adobe AIR
Adobe Audition 1.5
Adobe Audition 3.0
Adobe Audition 3.0 Vista Compatibility
Adobe Community Help
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS5.1
Adobe Premiere Elements 10
Adobe Premiere Elements 10 Content
Adobe Premiere Elements 10 Content 1
Adobe Premiere Elements 10 Content 2
Adobe Premiere Elements 10 Content 3
Adobe Premiere Elements 10 HD Content 1
Adobe Premiere Elements 10 HD Content 2
Adobe Premiere Elements 10 HD Content 3
Adobe Reader X (10.1.7)
AIM for Windows
AIPL WarmTone DX v2.2
Antares Autotune VST v5.09
Antares Microphone Modeler - ZONE
Apple Application Support
Apple Software Update
ASIO4ALL
Audacity 2.0.3
Blaine's Alias Title
Blaine's Bloom/Negative Effects
Blaine's Cartoonify Effects
Blaine's Color Fade Effects
Blaine's Contrast Effects
Blaine's Custom Dreamy Look Title
Blaine's Custom Speed Effects
Blaine's Film Looks Effects
Blaine's Letterbox Effects
Blaine's Pixelate Effects
Blaine's TV Signal Effects
CameraHelperMsi
Canon PowerShot ELPH 110 HS_IXUS 125 HS Camera User Guide
Canon Utilities CameraWindow DC 8
Canon Utilities ImageBrowser EX
Canon Utilities PhotoStitch
CCleaner
CDBurnerXP
ClickFix Lite for Adobe Audition version 3.04 (remove only)
Conexant HD Audio
ContaCam
D3DX10
DAEMON Tools Lite
Dell Edoc Viewer
Dropbox
Elements 10 Organizer
erLT
EULAlyzer 2.2
Facebook Video Calling 1.2.0.159
FastStone Capture 6.8
FileZilla Client 3.7.1
foobar2000 v1.1.10
Free MIDI to MP3 Converter 1.0
FreeUndelete 2.1.36867.1
GEAR driver installer for AMD64 and Intel EM64T
GetDataBack for NTFS
Google Chrome
Google Update Helper
HandBrake 0.9.5
HP Imaging Device Functions 13.0
HP Photosmart Essential 3.5
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
HP Smart Web Printing 4.51
HP Solution Center 13.0
Intel® Processor Graphics
Intel® SDK for OpenCL - CPU Only Runtime Package
IrfanView (remove only)
Java Auto Updater
Java 6 Update 27 (64-bit)
Java 6 Update 33
JDownloader 0.9
Junk Mail filter update
K-Lite Codec Pack 8.2.0 (Standard)
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.70.0.1100
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
MixMeister Studio 7.2.2
Movie Maker 6.0 for Windows 7 (64-bit)
Moyea FLV to Video Converter Pro version 1.29.2.11
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Network64
OCR Software by I.R.I.S. 13.0
OLYMPUS Master 2
PDF Settings CS5
Picasa 3
PlayReady PC Runtime x86
PRE10STI64Installer
QuickTime
Rapture 1.2.2
Sandboxie 3.76 (64-bit)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Share YouTube Videos version 1
Simple Search-Replace
Skype™ 6.1
SmartSound Common Data
SmartSound Premiere Elements 10 x64 Plugin
SmartSound Sonicfire Pro 5
SONAR X2 Producer x64
SpywareBlaster 5.0
SUPERAntiSpyware
Thread Manager 2.4.0.0
Tube Increaser version 5.0.0
Universal Audio v4.4.0 Native
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.6
Waves Complete V9r1
Waves Mercury Bundle
Waves SSL Collection v1.2
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series x64 Edition
WinRAR 4.20 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
7/29/2013 2:28:18 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.
7/29/2013 2:28:18 AM, Error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/29/2013 2:27:45 AM, Error: Application Popup [1060] - \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
7/23/2013 10:18:25 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
7/23/2013 1:53:25 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Security Essentials - 4.3.215.0 (KB2855265).
7/23/2013 1:49:44 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x80004004 Error description: Operation aborted Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
.
==== End Of File ===========================

July 29, 2013

I'm not understanding what you're suggesting exactly. I thought posting this topic on here was just what your suggestion is, Me looking for experts to assist me with looking into my issue. I have been assisted on here with 2 issues in the past, but that specifically involved specific malware. I assumed I would be assisted with this just as I was with my other problems I had.

July 29, 2013

Not sure if I can be assisted with this here, but I'm deciding to post on here because I can't seem to find a solution to the problem. When I start my computer up I've been getting this message.

msseces.exe - Application Error

The application was unable to start correctly (0xc000007b). Click OK to close the application.

This is in regards to Microsoft Security Essentials as it will not start, and thus I have no anti-virus protection. Assistance with this would be greatly appreciated.

July 10, 2013

Ok http://ul.to/9fpj1f3x

I don't why the file is huge, sorry.

July 9, 2013

Seems I can't attach the file either

July 9, 2013

Well that didn't work, let me try to attach it again.

July 9, 2013

Ok here ya go

July 8, 2013

I finally got the scan to finish, but my browser stops responding when I try to paste it into a reply. Can I please attach the file instead?

July 7, 2013

Still having problems with it. Still can't get it to finish

July 3, 2013

Hi, have tried running this program a few times, but it won't finish. It's been running for 20+ hours right now and at 49%

July 1, 2013

Hey just want to let you know I will get the report sometime tonight or tomorrow. Have been quite busy so I haven't gotten to it yet. I just wanted to post in this thread so it didn't get closed..

June 29, 2013

C:\$RECYCLE.BIN\S-1-5-21-4055183432-471262313-3685020261-1000\$R3EV2WU.mp4   Win32/InstalleRex.J application   cleaned by deleting - quarantined
C:\Users\Jeremy\Desktop\Market\When Asleep\jingling.exe   Win32/FlowSpirit application   cleaned by deleting - quarantined
C:\Users\Jeremy\Downloads\iLividSetup-r621-n-bc.exe   Win32/Toolbar.SearchSuite application   cleaned by deleting - quarantined
D:\- Jeremy\- Downloads\Attract Woman Now\Bonus Article 2 Sex On The Edge.htm   JS/Tivso.Gen trojan   cleaned by deleting - quarantined
D:\- Jeremy\- Downloads\Attract Woman Now\Chapter 11 How To Create Sexual Chemistry.htm   JS/Tivso.Gen trojan   cleaned by deleting - quarantined
D:\- Jeremy\- Downloads\Attract Woman Now\Chapter 4 What Not To Do In The Company Of Women.htm   JS/Tivso.Gen trojan   cleaned by deleting - quarantined
D:\- Jeremy\- Downloads\Attract Woman Now\Chapter 6 How To Seduce Women.htm   JS/Tivso.Gen trojan   cleaned by deleting - quarantined
D:\- Jeremy\- Programs\- Audio\Adobe Audition 3.0\adobe audition 3.zip   a variant of Win32/Keygen.AF application   deleted - quarantined
D:\- Jeremy\- Programs\- Audio\Adobe Audition 3.0\Adobe Audition v3 Keygen.EXE   a variant of Win32/Keygen.AF application   cleaned by deleting - quarantined
D:\- Jeremy\- Programs\- Audio\AnalogX\vremover.exe   Win32/OpenCandy application   cleaned by deleting - quarantined
D:\- Jeremy\- Programs\- Audio\Winamp\winamp563_full_emusic-7plus_en-us.exe   Win32/OpenCandy application   cleaned by deleting - quarantined
D:\- Jeremy\- Programs\- Website Tools\cure.php   HTML/Iframe.B.Gen virus   deleted - quarantined
D:\- Jeremy\- Programs\- Website Tools\- Bots\AddMeFastBotv4.exe   multiple threats   cleaned by deleting - quarantined
D:\- Jeremy\- Programs\- Website Tools\- Bots\jingling.exe   Win32/FlowSpirit application   cleaned by deleting - quarantined
D:\- Jeremy\- Programs\- Website Tools\- Sites\wwedivaspictures.com\pics\cure.php   HTML/Iframe.B.Gen virus   deleted - quarantined
D:\- Jeremy\- Programs\- Website Tools\- Sites\wwedivaspictures.com\pics1\cure.php   HTML/Iframe.B.Gen virus   deleted - quarantined
D:\- Jeremy\- Programs\Midi to MP3 Converter\cbsidlm-tr1_13-Free_MIDI_to_MP3_Converter-BP-75211970.exe   Win32/DownloadAdmin.G application   cleaned by deleting - quarantined
D:\- Jeremy\- Programs\Winrar\winrar.exe   Win32/DomaIQ.E application   cleaned by deleting - quarantined

June 27, 2013

ComboFix 13-06-27.01 - Jeremy 06/27/2013 11:14:18.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6057.4329 [GMT -4:00]
Running from: c:\users\Jeremy\Desktop\Stolen.Data\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jeremy\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Jeremy\AppData\Roaming\Microsoft\bass.dll
c:\users\Jeremy\AppData\Roaming\Microsoft\engine_vx.dll
c:\users\Jeremy\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Jeremy\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\Jeremy\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Jeremy\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Jeremy\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\Jeremy\AppData\Roaming\msregsvv.dll
c:\windows\system\fltr106.dll
c:\windows\SysWow64\hookdll.dll
c:\windows\SysWow64\msvcsv60.dll
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-27 to 2013-06-27 )))))))))))))))))))))))))))))))
.
.
2013-06-27 15:19 . 2013-06-27 15:19   --------   d-----w-   c:\users\Default\AppData\Local\temp
2013-06-27 07:48 . 2013-06-12 03:08   9552976   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F3B81C6B-A645-4129-BE45-F1AD6D26A1EB}\mpengine.dll
2013-06-26 01:32 . 2013-06-12 03:08   9552976   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-06-21 10:08 . 2013-06-21 10:08   964552   ------w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E418CD3D-261E-4128-AC4B-BCA91AF07D5B}\gapaengine.dll
2013-06-20 19:33 . 2013-06-20 20:31   --------   d-----w-   c:\program files (x86)\Tube Increaser
2013-06-20 19:27 . 2013-06-20 19:27   --------   d-----w-   c:\programdata\StarApp
2013-06-18 14:58 . 2013-06-18 14:58   --------   d-----w-   c:\programdata\Sincell
2013-06-15 11:17 . 2013-06-15 11:17   --------   d-----w-   c:\users\Jeremy\TruePianos Settings
2013-06-15 11:16 . 2013-06-15 11:16   --------   d-----w-   c:\users\Jeremy\AppData\Roaming\Overloud
2013-06-15 11:15 . 2013-06-15 11:16   --------   d-----w-   c:\users\Jeremy\AppData\Roaming\Cakewalk
2013-06-14 09:54 . 2013-06-15 11:17   --------   d-----w-   C:\Cakewalk Projects
2013-06-14 09:49 . 2012-06-20 21:38   487424   ----a-w-   c:\windows\SysWow64\msvcp70.dll
2013-06-14 09:49 . 2012-06-20 21:38   344064   ----a-w-   c:\windows\SysWow64\msvcr70.dll
2013-06-14 09:29 . 2013-06-14 09:32   --------   d-----w-   C:\Cakewalk Content
2013-06-14 09:27 . 2013-06-14 09:27   --------   d-----w-   c:\program files (x86)\Cakewalk
2013-06-14 09:26 . 2013-06-14 10:11   --------   d-----w-   c:\programdata\Cakewalk
2013-06-14 09:26 . 2013-06-14 10:11   --------   d-----w-   c:\program files\Cakewalk
2013-06-14 09:26 . 2013-06-14 09:26   --------   d-----w-   c:\programdata\Overloud
2013-06-12 16:44 . 2013-06-12 16:44   --------   d-----w-   c:\program files (x86)\Share YouTube Videos
2013-06-12 04:46 . 2013-05-08 06:39   1910632   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2013-06-10 00:13 . 2013-06-10 00:13   --------   d-----w-   c:\program files\Common Files\Propellerhead Software
2013-06-10 00:13 . 2013-06-10 00:13   --------   d-----w-   c:\program files (x86)\Common Files\Propellerhead Software
2013-06-10 00:13 . 2013-06-10 00:13   --------   d-----w-   c:\program files\VSTPlugIns
2013-06-10 00:13 . 2013-06-10 00:28   --------   d-----w-   c:\program files (x86)\Waves
2013-06-09 23:21 . 2013-06-09 23:55   --------   d-----w-   c:\program files (x86)\Common Files\VST3
2013-06-09 23:21 . 2013-06-10 00:25   --------   d-----w-   c:\program files (x86)\VstPlugins
2013-06-09 23:21 . 2013-06-09 23:55   --------   d-----w-   c:\program files\Common Files\VST3
2013-06-09 23:18 . 2008-05-10 05:27   308528   ----a-w-   c:\windows\SysWow64\setup.ocx
2013-06-09 09:03 . 2013-06-09 09:03   --------   d-----w-   c:\programdata\VS Revo Group
2013-06-09 09:03 . 2009-12-30 15:21   31800   ----a-w-   c:\windows\system32\drivers\revoflt.sys
2013-06-09 09:03 . 2013-06-09 09:03   --------   d-----w-   c:\program files\VS Revo Group
2013-06-09 07:57 . 2013-06-09 07:57   --------   d-----w-   c:\users\Jeremy\AppData\Local\VS Revo Group
2013-06-08 12:11 . 2013-06-08 12:11   --------   d-----w-   c:\program files (x86)\TeamViewer
2013-06-08 11:55 . 2013-06-08 11:55   --------   d-----w-   c:\users\Jeremy\AppData\Roaming\OfficeRecovery
2013-06-07 08:50 . 2013-06-07 08:50   --------   d-----w-   c:\program files (x86)\Common Files\Digidesign
2013-06-06 20:10 . 2011-07-01 15:30   1431552   ----a-w-   c:\windows\SysWow64\ReWire.dll
2013-06-05 09:19 . 2000-08-02 15:10   401462   ----a-w-   c:\windows\SysWow64\temp.003
2013-06-05 09:19 . 2000-08-02 15:10   266293   ----a-w-   c:\windows\SysWow64\temp.002
2013-06-05 08:38 . 2013-06-10 00:12   --------   d-----w-   c:\users\Jeremy\AppData\Roaming\Waves Audio
2013-06-05 08:29 . 2011-07-01 15:31   2181120   ----a-w-   c:\windows\system32\ReWire.dll
2013-06-05 08:28 . 2013-06-06 13:34   --------   d-----w-   c:\users\Public\Waves Audio
2013-06-04 12:30 . 2013-06-09 07:12   --------   d-----w-   c:\program files (x86)\VS Revo Group
2013-06-04 11:47 . 2013-06-04 11:47   --------   d-----w-   c:\programdata\Ashampoo
2013-06-04 10:47 . 2013-06-04 11:51   --------   d-----w-   c:\program files (x86)\Max Uninstaller
2013-06-03 11:46 . 2013-06-04 01:34   --------   d-----w-   c:\program files\Perfect Uninstaller
2013-05-30 19:51 . 2013-05-30 19:51   159744   ----a-w-   c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-05-30 19:51 . 2013-05-30 19:51   159744   ----a-w-   c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2013-05-30 19:51 . 2013-05-30 19:51   159744   ----a-w-   c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-05-30 19:51 . 2013-05-30 19:51   159744   ----a-w-   c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-05-30 19:51 . 2013-05-30 19:51   159744   ----a-w-   c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-05-30 19:51 . 2013-05-30 19:51   159744   ----a-w-   c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2013-05-30 19:51 . 2013-05-30 19:51   159744   ----a-w-   c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2013-05-30 19:51 . 2013-05-30 19:51   159744   ----a-w-   c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2013-05-30 19:51 . 2013-05-30 19:51   159744   ----a-w-   c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-05-30 19:51 . 2013-05-30 19:51   159744   ----a-w-   c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2013-05-29 19:34 . 2013-06-23 09:37   --------   d-----w-   c:\users\Jeremy\AppData\Roaming\BitComet
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-15 11:14 . 2013-05-10 08:20   71048   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-15 11:14 . 2013-05-10 08:20   692104   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-12 11:02 . 2012-02-03 08:13   75825640   ----a-w-   c:\windows\system32\MRT.exe
2013-05-21 17:57 . 2012-02-10 11:27   964552   ------w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-05-14 00:31 . 2012-07-17 19:37   22240   ----a-w-   c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 15:29 . 2010-11-21 03:27   278800   ------w-   c:\windows\system32\MpSigStub.exe
2013-05-01 07:59 . 2013-05-01 07:59   94208   ----a-w-   c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 07:59 . 2013-05-01 07:59   69632   ----a-w-   c:\windows\SysWow64\QuickTime.qts
2013-04-13 05:49 . 2013-05-15 11:18   135168   ----a-w-   c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 11:18   350208   ----a-w-   c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 11:18   308736   ----a-w-   c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 11:18   111104   ----a-w-   c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 11:18   474624   ----a-w-   c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 11:18   2176512   ----a-w-   c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-25 06:08   1656680   ----a-w-   c:\windows\system32\drivers\ntfs.sys
2013-04-11 01:13 . 2013-04-11 01:13   719360   ----a-w-   c:\windows\SysWow64\mshtmlmedia.dll
2013-04-11 01:13 . 2013-04-11 01:13   226304   ----a-w-   c:\windows\system32\elshyph.dll
2013-04-11 01:13 . 2013-04-11 01:13   185344   ----a-w-   c:\windows\SysWow64\elshyph.dll
2013-04-11 01:13 . 2013-04-11 01:13   158720   ----a-w-   c:\windows\SysWow64\msls31.dll
2013-04-11 01:13 . 2013-04-11 01:13   150528   ----a-w-   c:\windows\SysWow64\iexpress.exe
2013-04-11 01:13 . 2013-04-11 01:13   138752   ----a-w-   c:\windows\SysWow64\wextract.exe
2013-04-11 01:13 . 2013-04-11 01:13   1054720   ----a-w-   c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-11 01:13 . 2013-04-11 01:13   73728   ----a-w-   c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-11 01:13 . 2013-04-11 01:13   61952   ----a-w-   c:\windows\SysWow64\tdc.ocx
2013-04-11 01:13 . 2013-04-11 01:13   523264   ----a-w-   c:\windows\SysWow64\vbscript.dll
2013-04-11 01:13 . 2013-04-11 01:13   48640   ----a-w-   c:\windows\SysWow64\mshtmler.dll
2013-04-11 01:13 . 2013-04-11 01:13   38400   ----a-w-   c:\windows\SysWow64\imgutil.dll
2013-04-11 01:13 . 2013-04-11 01:13   361984   ----a-w-   c:\windows\SysWow64\html.iec
2013-04-11 01:13 . 2013-04-11 01:13   137216   ----a-w-   c:\windows\SysWow64\ieUnatt.exe
2013-04-11 01:13 . 2013-04-11 01:13   12800   ----a-w-   c:\windows\SysWow64\mshta.exe
2013-04-11 01:13 . 2013-04-11 01:13   110592   ----a-w-   c:\windows\SysWow64\IEAdvpack.dll
2013-04-11 01:13 . 2013-04-11 01:13   905728   ----a-w-   c:\windows\system32\mshtmlmedia.dll
2013-04-11 01:13 . 2013-04-11 01:13   81408   ----a-w-   c:\windows\system32\icardie.dll
2013-04-11 01:13 . 2013-04-11 01:13   762368   ----a-w-   c:\windows\system32\ieapfltr.dll
2013-04-11 01:13 . 2013-04-11 01:13   452096   ----a-w-   c:\windows\system32\dxtmsft.dll
2013-04-11 01:13 . 2013-04-11 01:13   441856   ----a-w-   c:\windows\system32\html.iec
2013-04-11 01:13 . 2013-04-11 01:13   281600   ----a-w-   c:\windows\system32\dxtrans.dll
2013-04-11 01:13 . 2013-04-11 01:13   27648   ----a-w-   c:\windows\system32\licmgr10.dll
2013-04-11 01:13 . 2013-04-11 01:13   270848   ----a-w-   c:\windows\system32\iedkcs32.dll
2013-04-11 01:13 . 2013-04-11 01:13   247296   ----a-w-   c:\windows\system32\webcheck.dll
2013-04-11 01:13 . 2013-04-11 01:13   235008   ----a-w-   c:\windows\system32\url.dll
2013-04-11 01:13 . 2013-04-11 01:13   23040   ----a-w-   c:\windows\SysWow64\licmgr10.dll
2013-04-11 01:13 . 2013-04-11 01:13   216064   ----a-w-   c:\windows\system32\msls31.dll
2013-04-11 01:13 . 2013-04-11 01:13   197120   ----a-w-   c:\windows\system32\msrating.dll
2013-04-11 01:13 . 2013-04-11 01:13   1509376   ----a-w-   c:\windows\system32\inetcpl.cpl
2013-04-11 01:13 . 2013-04-11 01:13   1441280   ----a-w-   c:\windows\SysWow64\inetcpl.cpl
2013-04-11 01:13 . 2013-04-11 01:13   1400416   ----a-w-   c:\windows\system32\ieapfltr.dat
2013-04-11 01:13 . 2013-04-11 01:13   102912   ----a-w-   c:\windows\system32\inseng.dll
2013-04-11 01:13 . 2013-04-11 01:13   97280   ----a-w-   c:\windows\system32\mshtmled.dll
2013-04-11 01:13 . 2013-04-11 01:13   92160   ----a-w-   c:\windows\system32\SetIEInstalledDate.exe
2013-04-11 01:13 . 2013-04-11 01:13   77312   ----a-w-   c:\windows\system32\tdc.ocx
2013-04-11 01:13 . 2013-04-11 01:13   62976   ----a-w-   c:\windows\system32\pngfilt.dll
2013-04-11 01:13 . 2013-04-11 01:13   599552   ----a-w-   c:\windows\system32\vbscript.dll
2013-04-11 01:13 . 2013-04-11 01:13   52224   ----a-w-   c:\windows\system32\msfeedsbs.dll
2013-04-11 01:13 . 2013-04-11 01:13   51200   ----a-w-   c:\windows\system32\imgutil.dll
2013-04-11 01:13 . 2013-04-11 01:13   48640   ----a-w-   c:\windows\system32\mshtmler.dll
2013-04-11 01:13 . 2013-04-11 01:13   173568   ----a-w-   c:\windows\system32\ieUnatt.exe
2013-04-11 01:13 . 2013-04-11 01:13   167424   ----a-w-   c:\windows\system32\iexpress.exe
2013-04-11 01:13 . 2013-04-11 01:13   149504   ----a-w-   c:\windows\system32\occache.dll
2013-04-11 01:13 . 2013-04-11 01:13   144896   ----a-w-   c:\windows\system32\wextract.exe
2013-04-11 01:13 . 2013-04-11 01:13   13824   ----a-w-   c:\windows\system32\mshta.exe
2013-04-11 01:13 . 2013-04-11 01:13   136192   ----a-w-   c:\windows\system32\iepeers.dll
2013-04-11 01:13 . 2013-04-11 01:13   135680   ----a-w-   c:\windows\system32\IEAdvpack.dll
2013-04-11 01:13 . 2013-04-11 01:13   12800   ----a-w-   c:\windows\system32\msfeedssync.exe
2013-04-10 06:01 . 2013-05-15 11:18   265064   ----a-w-   c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 11:18   983400   ----a-w-   c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 11:18   3153920   ----a-w-   c:\windows\system32\win32k.sys
2013-04-02 14:09 . 2013-04-02 14:09   4550656   ----a-w-   c:\windows\SysWow64\GPhotos.scr
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-07 03:55   220632   ----a-w-   c:\users\Jeremy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-07 03:55   220632   ----a-w-   c:\users\Jeremy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-07 03:55   220632   ----a-w-   c:\users\Jeremy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
R3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys;c:\windows\SYSNATIVE\DRIVERS\lvbflt64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C510(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms;c:\program files\dell support center\pcdsrvc_x64.pkms [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
R4 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [x]
R4 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
R4 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys;c:\windows\SYSNATIVE\drivers\CM10664.sys [x]
S3 VSTWinDriver6;VSTWinDriver6;c:\windows\system32\drivers\VSTwindrvr6.sys;c:\windows\SYSNATIVE\drivers\VSTwindrvr6.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt   REG_MULTI_SZ     hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-18 19:08   1165776   ----a-w-   c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-10 11:14]
.
2013-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-06 00:50]
.
2013-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-06 00:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-07 03:55   244696   ----a-w-   c:\users\Jeremy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-07 03:55   244696   ----a-w-   c:\users\Jeremy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-07 03:55   244696   ----a-w-   c:\users\Jeremy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   162552   ----a-w-   c:\users\Jeremy\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   162552   ----a-w-   c:\users\Jeremy\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   162552   ----a-w-   c:\users\Jeremy\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   162552   ----a-w-   c:\users\Jeremy\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 208.59.247.45 208.59.247.46
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 107.6.133.8,23.23.180.210
FF - ProfilePath - c:\users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google

FF - ExtSQL: 2013-05-12 06:27; {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}; c:\users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
FF - ExtSQL: 2013-06-20 19:58; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF - ExtSQL: !HIDDEN! 2012-10-08 22:35; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Jeremy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Jeremy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Jeremy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-{D4D7D75D-00A0-CCD9-8303-9D1E2E193749} - c:\progra~3\INSTAL~2\{61B99~1\Setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-06-27 11:21:15
ComboFix-quarantined-files.txt 2013-06-27 15:21
.
Pre-Run: 380,793,851,904 bytes free
Post-Run: 381,171,216,384 bytes free
.
- - End Of File - - 13D3F23FDE5CABC3E6478604ED83E81B
F1BC9A487FAD21118DA4D5B596310BA4

June 27, 2013

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Jeremy on Thu 06/27/2013 at 10:48:23.24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted the following from C:\Users\Jeremy\AppData\Roaming\mozilla\firefox\profiles\blj3egdu.default\prefs.js

user_pref("extensions.alexa.searchconf", "{\n \"google\" : {\n \"urlexp\" : \"hxxp(s)?:\\\\/\\\\/www\\\\.google\\\\..*\\\\/.*[?#&]q=([^&]+)\",\n \"rankometer\" : {\n

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 06/27/2013 at 10:50:47.76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v2.303 - Logfile created 06/27/2013 at 10:44:59
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Jeremy - JEREMY-PC
# Boot Mode : Normal
# Running from : C:\Users\Jeremy\Desktop\Stolen.Data\AdwCleaner.exe
# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}

***** [internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Registry is clean.

-\\ Mozilla Firefox v21.0 (en-US)

File : C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v27.0.1453.116

File : C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1088 octets] - [27/06/2013 10:44:26]
AdwCleaner[s1].txt - [1022 octets] - [27/06/2013 10:44:59]

########## EOF - C:\AdwCleaner[s1].txt - [1082 octets] ##########

I have a question. I was asked to remove my torrent client before.What is the reasoning behind it because I use it frequently. Is it ok to re-install it after this whole precess is finished?

Events

Profiles

Forums

Posts posted by jaiz

Important Information