czarboom

got Lil Dicky and a few old tracks from the Deftones and Robert Earl King Jr.

ok Just finished with the rescue disc 10 scan, even did a definition update to the program before I ran it, here are the results from the log Objects Scan: completed 2 days ago (events: 2, objects: 816, time: 00:02:35) 11/19/13 4:34 AM Task started 11/19/13 4:37 AM Task completed Objects Scan: stopped 1 day ago (events: 2, objects: 1073051, time: 04:49:57) 11/19/13 11:34 AM Task started 11/19/13 4:24 PM Task stopped Objects Scan: completed 54 minutes ago (events: 2, objects: 5615585, time: 1 day 03:36:19) 11/20/13 3:41 AM Task started 11/21/13 7:17 AM Task completed Objects Scan: completed 2 days ago (events: 2, objects: 816, time: 00:02:35) 11/19/13 4:37 AM Task completed 11/19/13 4:34 AM Task started Objects Scan: stopped 1 day ago (events: 2, objects: 1073051, time: 04:49:57) 11/19/13 4:24 PM Task stopped 11/19/13 11:34 AM Task started Objects Scan: completed 1 hour ago (events: 2, objects: 5615585, time: 1 day 03:36:19) 11/21/13 7:17 AM Task completed 11/20/13 3:41 AM Task started Objects Scan: completed 3 minutes ago (events: 2, objects: 4232, time: 00:01:29) 11/21/13 8:14 AM Task completed 11/21/13 8:12 AM Task started That is all it displayed. Took over 1 day to do this scan, so what do I need to do next. thanks

ok Ill do it now, the C drive is the longest part, takes forever, Ill let you know when its done thanks

A pop up screen came up, and it only had two check boxes checked. I started the scanner with all check boxes check, (the extra ones were C:/, D:/ and V:/ D and V and partitions for tools and backup on HD.) The HD is 250GB, but after 4 hrs the program stated 13 hrs left to finish scan. My question is should I do the scan with the default check boxes only? Or should I do the HD scan as well. thanks

cool, I was looking today and in bios used the dell hardware tests all came back working and passed by Dell bios tests. I didnt do the extended harddrive check, I plan to do that when I am done for the night, but after that I will get on the rescue CD and get you the files. Thank you again for your help, plus its a learning expirence for me too, always like learning new stuff.

Done, here is the FRST.txt Some things to point out. Had another BSOD today before I ran the FRST.txt file. Saved the logs again and will post them at the end. I also have the minidump and sysdat.xml and can attach them if you need them. Could not run system tools from OS, had to get the recovery disc. And run it that way. Also the steps in the post are not the same. When you go into recovery mode now, you only get 3 options, Restore, recovery and tools. I knew what I was looking for so no biggie but an update is needed for the less tech advanced. You go into tool, repair, and command prompt. If I remember that correctly. So here are the files FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013 Ran by SYSTEM on MININT-N2Q7GEM on 18-11-2013 15:11:24 Running from D:\ Windows 7 Home Premium (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808680 2009-06-25] (Synaptics Incorporated) HKLM\...\Run: [broadcom Wireless Manager UI] - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [4968960 2009-07-17] (Dell Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.) HKU\DefaultAppPool\...\Run: [sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\Maggie(magoo)\...\Run: [HP Officejet 6600 (NET)] - C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) ==================== Services (Whitelisted) ================= S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.) S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) S2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80472 2012-09-06] (Microsoft Corporation) S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-10-14] (Secunia) S2 Spooler; C:\Windows\SysWow64\spoolsv.exe [0 2013-11-10] () S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) S2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation) S2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE [33280 2009-07-17] () ==================== Drivers (Whitelisted) ==================== S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.) S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.) S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.) S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.) S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.) S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.) S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.) S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.) S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2013-11-14] (Malwarebytes Corporation) S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-10-14] (Secunia) S1 SafDskNT; C:\Windows\system32\drivers\SAFDSKNT.SYS [76112 2009-12-07] (PC Dynamics, Inc.) S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation) S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] () S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-18 15:11 - 2013-11-18 15:11 - 00000000 ____D C:\FRST 2013-11-18 11:03 - 2013-11-18 11:03 - 00277600 _____ C:\Windows\Minidump\111813-22276-01.dmp 2013-11-18 10:47 - 2013-11-18 10:47 - 04779896 _____ (Piriform Ltd) C:\Users\Matthew\Downloads\spsetup124.exe 2013-11-18 10:47 - 2013-11-18 10:47 - 00000798 _____ C:\Users\Public\Desktop\Speccy.lnk 2013-11-18 10:47 - 2013-11-18 10:47 - 00000000 ____D C:\Program Files\Speccy 2013-11-18 01:12 - 2013-11-18 11:03 - 501116095 _____ C:\Windows\MEMORY.DMP 2013-11-18 01:12 - 2013-11-18 01:12 - 00277600 _____ C:\Windows\Minidump\111813-23166-01.dmp 2013-11-17 21:19 - 2013-11-18 00:44 - 00005920 _____ C:\Users\Matthew\Documents\NOTES, CLEANING JAVARA and HP contract options.txt 2013-11-17 15:45 - 2013-11-17 17:48 - 00028540 _____ C:\Users\Matthew\Documents\Dad Xmas 2013 springfield rounds n info.txt 2013-11-16 21:13 - 2013-11-16 21:16 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\FreeFileViewer 2013-11-16 15:28 - 2013-11-16 15:28 - 00002777 _____ C:\Users\Matthew\Documents\TR Doc for position with Opperation Seabird 16mov2013.txt 2013-11-16 14:57 - 2013-11-16 14:57 - 00674787 _____ C:\Users\Matthew\Documents\at&T nokia 920 lumia screen cover by Moshi.xps 2013-11-16 03:17 - 2013-11-16 03:18 - 00000000 ____D C:\Users\Matthew\AppData\Local\FreeFileViewer 2013-11-16 03:16 - 2013-11-18 12:56 - 00000406 _____ C:\Windows\Tasks\FreeFileViewerUpdateChecker.job 2013-11-16 03:16 - 2013-11-16 03:16 - 00003106 _____ C:\Windows\System32\Tasks\FreeFileViewerUpdateChecker 2013-11-16 03:16 - 2013-11-16 03:16 - 00001085 _____ C:\Users\Matthew\Desktop\FreeFileViewer.lnk 2013-11-16 03:16 - 2013-11-16 03:16 - 00000000 ____D C:\Program Files (x86)\FreeFileViewer 2013-11-16 03:16 - 2013-11-16 03:15 - 16617352 _____ (Bitberry Software ) C:\Users\Matthew\Downloads\FreeFileViewerSetup [1].exe 2013-11-16 03:14 - 2013-11-16 03:14 - 00633744 _____ C:\Users\Matthew\Downloads\FreeFileViewerSetup.exe 2013-11-15 10:04 - 2013-11-15 10:04 - 05401342 _____ C:\Users\Matthew\Downloads\mbam_packed_1.00.0.0400.apk 2013-11-15 10:00 - 2013-11-15 10:00 - 01793648 _____ (Malwarebytes ) C:\Users\Matthew\Downloads\mbae-setup-0.09.4.2000.exe 2013-11-15 08:24 - 2013-11-15 10:54 - 00009680 _____ C:\Users\Matthew\Documents\kirklands lamp message 15nov2013.txt 2013-11-15 08:10 - 2013-11-15 08:10 - 00000365 _____ C:\Users\Matthew\Documents\oil and filters for ford truck 2010platinum.txt 2013-11-15 07:40 - 2013-11-15 07:40 - 00198600 _____ C:\Users\Matthew\Documents\2010f150Platinum Oil and Fluid chart.xps 2013-11-15 03:21 - 2013-11-15 03:21 - 00014473 _____ C:\Users\Matthew\Documents\BF4 data loss FIX Guide.txt 2013-11-15 02:57 - 2013-11-15 02:57 - 00313338 _____ C:\Users\Matthew\Documents\BF4 ISSUES n CRASHES From EA site.xps 2013-11-14 19:39 - 2013-11-14 20:09 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys 2013-11-14 18:24 - 2013-11-14 18:24 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys 2013-11-14 02:04 - 2013-11-14 02:04 - 00000000 ____D C:\Windows\pss 2013-11-14 02:03 - 2013-11-14 02:03 - 00009804 _____ C:\Users\Matthew\Documents\cc_20131114_040302.reg 2013-11-13 23:31 - 2013-11-13 23:31 - 00001127 _____ C:\Users\Matthew\Documents\xbox BF4 issues.txt 2013-11-13 17:38 - 2013-11-14 02:05 - 00003316 _____ C:\Windows\System32\Tasks\{53576FC7-EC5B-454B-A253-9D5ADCD29362} 2013-11-12 16:19 - 2013-11-12 19:50 - 00007450 _____ C:\Windows\IE11_main.log 2013-11-12 16:19 - 2013-10-01 18:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys 2013-11-12 16:19 - 2013-10-01 18:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe 2013-11-12 16:19 - 2013-10-01 18:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll 2013-11-12 16:19 - 2013-10-01 17:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\MsRdpWebAccess.dll 2013-11-12 16:19 - 2013-10-01 17:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\System32\wksprtPS.dll 2013-11-12 16:19 - 2013-10-01 17:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll 2013-11-12 16:19 - 2013-10-01 17:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll 2013-11-12 16:19 - 2013-10-01 16:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\System32\rdvidcrl.dll 2013-11-12 16:19 - 2013-10-01 16:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2013-11-12 16:19 - 2013-10-01 16:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2013-11-12 16:19 - 2013-10-01 16:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe 2013-11-12 16:19 - 2013-10-01 16:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\System32\wksprt.exe 2013-11-12 16:19 - 2013-10-01 15:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2013-11-12 16:19 - 2013-10-01 15:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\System32\mstsc.exe 2013-11-12 16:19 - 2013-10-01 15:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2013-11-12 16:19 - 2013-10-01 14:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2013-11-12 16:19 - 2013-10-01 12:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll 2013-11-12 16:19 - 2013-10-01 12:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2013-11-12 16:17 - 2013-09-24 18:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\System32\TSWorkspace.dll 2013-11-12 16:17 - 2013-09-24 17:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2013-11-12 16:06 - 2013-10-12 00:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-11-12 16:06 - 2013-10-12 00:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-11-12 16:06 - 2013-10-12 00:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-11-12 16:06 - 2013-10-12 00:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-11-12 16:06 - 2013-10-12 00:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-11-12 16:06 - 2013-10-12 00:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-11-12 16:06 - 2013-10-12 00:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-11-12 16:06 - 2013-10-12 00:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-11-12 16:06 - 2013-10-12 00:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-11-12 16:06 - 2013-10-12 00:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-11-12 16:06 - 2013-10-12 00:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-11-12 16:06 - 2013-10-12 00:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-11-12 16:06 - 2013-10-11 23:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-12 16:06 - 2013-10-11 23:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-12 16:06 - 2013-10-11 23:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-12 16:06 - 2013-10-11 23:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-12 16:06 - 2013-10-11 23:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-12 16:06 - 2013-10-11 23:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-12 16:06 - 2013-10-11 23:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-12 16:06 - 2013-10-11 23:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-12 16:06 - 2013-10-11 23:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-12 16:06 - 2013-10-11 23:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-12 16:06 - 2013-10-11 23:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-12 16:06 - 2013-10-11 22:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-11-12 16:06 - 2013-10-11 22:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-12 16:06 - 2013-10-11 21:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-11-12 16:06 - 2013-10-11 21:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-12 16:05 - 2013-10-12 00:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-11-12 16:05 - 2013-10-12 00:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-11-12 16:05 - 2013-10-11 23:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-12 16:05 - 2013-10-11 23:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-12 16:01 - 2013-10-05 12:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2013-11-12 16:01 - 2013-10-05 11:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-12 16:01 - 2013-09-24 18:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys 2013-11-12 16:01 - 2013-09-24 18:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys 2013-11-12 16:01 - 2013-09-24 18:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll 2013-11-12 16:01 - 2013-09-24 18:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll 2013-11-12 16:01 - 2013-09-24 18:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll 2013-11-12 16:01 - 2013-09-24 18:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll 2013-11-12 16:01 - 2013-09-24 18:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll 2013-11-12 16:01 - 2013-09-24 18:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2013-11-12 16:01 - 2013-09-24 17:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-12 16:01 - 2013-09-24 17:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-12 16:01 - 2013-09-24 17:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-12 16:01 - 2013-09-24 17:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-12 16:01 - 2013-09-24 17:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe 2013-11-12 16:01 - 2013-07-04 04:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys 2013-11-12 16:00 - 2013-10-11 18:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\System32\nshwfp.dll 2013-11-12 16:00 - 2013-10-11 18:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL 2013-11-12 16:00 - 2013-10-11 18:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL 2013-11-12 16:00 - 2013-10-11 18:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-12 16:00 - 2013-10-11 18:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-12 16:00 - 2013-10-03 18:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\System32\SmartcardCredentialProvider.dll 2013-11-12 16:00 - 2013-10-03 18:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\credui.dll 2013-11-12 16:00 - 2013-10-03 18:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll 2013-11-12 16:00 - 2013-10-03 17:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-12 16:00 - 2013-10-03 17:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-12 16:00 - 2013-10-03 17:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-12 16:00 - 2013-10-02 18:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll 2013-11-12 16:00 - 2013-10-02 18:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-12 16:00 - 2013-09-27 17:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys 2013-11-12 15:46 - 2013-11-12 15:46 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2013-11-12 15:46 - 2013-11-12 15:46 - 00000000 ____D C:\users\Default 2013-11-12 13:05 - 2013-11-12 13:05 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-12 13:05 - 2013-11-12 13:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-12 13:05 - 2013-04-04 12:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2013-11-12 13:04 - 2013-11-12 13:04 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Matthew\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-12 00:00 - 2013-11-12 00:00 - 00000196 _____ C:\Users\Matthew\.packettracer 2013-11-11 23:59 - 2013-11-14 16:02 - 00000000 ____D C:\Program Files (x86)\Cisco Packet Tracer 5.3 2013-11-11 23:59 - 2013-11-11 23:59 - 00001235 _____ C:\Users\Matthew\Desktop\Cisco Packet Tracer.lnk 2013-11-10 22:30 - 2013-11-14 02:05 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-11-10 22:30 - 2013-11-10 22:30 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-11-10 22:30 - 2013-11-10 22:30 - 00000000 ____D C:\Program Files\CCleaner 2013-11-10 22:20 - 2013-11-10 22:20 - 00001726 _____ C:\Users\Public\Desktop\Defraggler.lnk 2013-11-10 22:20 - 2013-11-10 22:20 - 00000000 ____D C:\Program Files\Defraggler 2013-11-10 22:16 - 2013-11-12 15:52 - 00006174 _____ C:\Windows\PFRO.log 2013-11-10 22:11 - 2013-11-10 22:11 - 00001520 _____ C:\Users\Matthew\Desktop\FileASSASSIN.exe - Shortcut.lnk 2013-11-10 22:08 - 2013-11-10 22:08 - 00001350 _____ C:\Users\Matthew\Desktop\recuva64.exe - Shortcut.lnk 2013-11-10 21:47 - 2013-11-10 21:47 - 00000000 ____D C:\Users\Matthew\AppData\Local\Secunia PSI 2013-11-10 21:47 - 2013-11-10 21:47 - 00000000 ____D C:\Program Files (x86)\Secunia 2013-11-10 21:46 - 2013-11-10 21:46 - 03864904 _____ (Secunia) C:\Users\Matthew\Downloads\PSISetup.exe 2013-11-10 21:42 - 2013-11-10 21:42 - 00653327 _____ C:\Users\Matthew\AppData\Local\census.cache 2013-11-10 21:42 - 2013-11-10 21:42 - 00070564 _____ C:\Users\Matthew\AppData\Local\ars.cache 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\winlogon.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\taskhost.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\spoolsv.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\services.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\lsm.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\lsass.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\igfxpers.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\hkcmd.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\dwm.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\csrss.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\conhost.exe 2013-11-10 21:20 - 2013-11-10 21:20 - 00000000 _____ C:\Windows\SysWOW64\smss.exe 2013-11-10 21:10 - 2013-11-10 21:10 - 00000036 _____ C:\Users\Matthew\AppData\Local\housecall.guid.cache 2013-11-10 21:08 - 2013-11-10 21:08 - 02049128 _____ (Trend Micro Inc.) C:\Users\Matthew\Downloads\HousecallLauncher.exe 2013-11-10 15:53 - 2013-11-10 15:53 - 02347384 _____ (ESET) C:\Users\Matthew\Downloads\esetsmartinstaller_enu.exe 2013-11-10 08:38 - 2013-11-10 08:38 - 00000000 ____D C:\Users\Maggie(magoo)\AppData\Roaming\AVG2014 2013-11-10 08:38 - 2013-11-10 08:38 - 00000000 ____D C:\Users\Maggie(magoo)\AppData\Local\Avg2014 2013-11-10 01:39 - 2013-11-10 01:39 - 00352212 _____ C:\Users\Matthew\Documents\deminsions.xps 2013-11-08 23:36 - 2013-11-18 12:55 - 00001916 _____ C:\Windows\setupact.log 2013-11-08 23:36 - 2013-11-08 23:36 - 00000000 _____ C:\Windows\setuperr.log 2013-11-08 13:26 - 2013-11-10 15:45 - 04208656 _____ (Piriform Ltd) C:\Users\Matthew\Downloads\dfsetup216.exe 2013-11-06 17:02 - 2013-11-06 17:02 - 00000000 ____D C:\Users\Matthew\AppData\Local\ESN 2013-11-06 17:01 - 2013-11-06 17:01 - 03820328 _____ C:\Users\Matthew\Downloads\battlelog-web-plugins_2.3.0_119.exe 2013-11-06 17:01 - 2013-11-06 17:01 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins 2013-11-06 11:37 - 2013-11-06 11:37 - 00000000 ____D C:\Users\Matthew\Desktop\add and send 2013-11-06 10:41 - 2013-11-06 10:41 - 01343192 _____ (Microsoft Corporation) C:\Users\Matthew\Downloads\VS2012.3.exe 2013-11-04 22:48 - 2013-11-04 20:06 - 00000000 _____ C:\Users\Matthew\Downloads\PASSWD.LOG 2013-11-04 22:48 - 2013-11-04 16:25 - 00009574 _____ C:\Users\Matthew\Downloads\wiatrace.log 2013-11-04 22:40 - 2013-11-04 22:44 - 00000000 ____D C:\Users\Matthew\Documents\WPA Files 2013-11-04 01:39 - 2013-11-04 01:39 - 00000000 ____D C:\Program Files (x86)\FileASSASSIN 2013-11-03 20:13 - 2013-11-03 20:13 - 00112744 _____ C:\Users\Matthew\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-03 18:25 - 2013-11-03 18:26 - 05109136 _____ C:\Windows\System32\FNTCACHE.DAT 2013-11-03 10:42 - 2013-11-03 16:33 - 00020360 _____ C:\Users\Matthew\Desktop\avgrep.txt 2013-11-01 23:06 - 2013-11-18 00:47 - 00000000 ____D C:\Users\Matthew\Documents\ERRORS VIRUS and ISSUES 2013-11-01 21:02 - 2013-11-01 21:02 - 00000056 _____ C:\Users\Matthew\Documents\FIFA14 UT site.txt 2013-11-01 18:37 - 2013-11-01 18:37 - 00000000 ____D C:\Users\Matthew\Documents\Microsoft AGREEMENTS 2013-11-01 09:05 - 2013-11-01 09:05 - 00000374 _____ C:\Users\Matthew\Documents\214 INF Bco Iraq 2003-2007.txt 2013-10-31 18:59 - 2013-11-17 21:19 - 00000000 ____D C:\Users\Matthew\Documents\HP Computer Stuff 2013-10-29 17:08 - 2013-11-16 02:04 - 00000000 ____D C:\Users\Matthew\Documents\WRP JOBS INFO 2013-10-28 00:20 - 2013-10-28 00:20 - 00000815 _____ C:\Users\Matthew\Desktop\mbar.exe - Shortcut.lnk 2013-10-27 23:59 - 2013-10-27 23:59 - 04379048 _____ (Piriform Ltd) C:\Users\Matthew\Downloads\ccsetup407.exe 2013-10-26 13:35 - 2013-10-26 13:35 - 00518740 _____ C:\Users\Matthew\Documents\HP update for HD oct1,2013.xps 2013-10-26 13:24 - 2013-10-26 13:24 - 07008468 _____ C:\Users\Matthew\Documents\Accsessability Options Win7 by HP.xps 2013-10-19 09:25 - 2013-11-14 20:41 - 00000000 ____D C:\mbar 2013-10-19 09:24 - 2013-11-04 02:14 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Matthew\Downloads\mbar-1.07.0.1007.exe 2013-10-19 08:38 - 2013-11-18 11:03 - 00000000 ____D C:\Windows\Minidump ==================== One Month Modified Files and Folders ======= 2013-11-18 15:11 - 2013-11-18 15:11 - 00000000 ____D C:\FRST 2013-11-18 13:03 - 2013-08-16 22:03 - 01638910 _____ C:\Windows\WindowsUpdate.log 2013-11-18 13:03 - 2009-07-13 20:45 - 00014240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-18 13:03 - 2009-07-13 20:45 - 00014240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-18 12:56 - 2013-11-16 03:16 - 00000406 _____ C:\Windows\Tasks\FreeFileViewerUpdateChecker.job 2013-11-18 12:55 - 2013-11-08 23:36 - 00001916 _____ C:\Windows\setupact.log 2013-11-18 12:55 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-18 11:54 - 2009-07-13 21:13 - 00885674 _____ C:\Windows\System32\PerfStringBackup.INI 2013-11-18 11:03 - 2013-11-18 11:03 - 00277600 _____ C:\Windows\Minidump\111813-22276-01.dmp 2013-11-18 11:03 - 2013-11-18 01:12 - 501116095 _____ C:\Windows\MEMORY.DMP 2013-11-18 11:03 - 2013-10-19 08:38 - 00000000 ____D C:\Windows\Minidump 2013-11-18 10:47 - 2013-11-18 10:47 - 04779896 _____ (Piriform Ltd) C:\Users\Matthew\Downloads\spsetup124.exe 2013-11-18 10:47 - 2013-11-18 10:47 - 00000798 _____ C:\Users\Public\Desktop\Speccy.lnk 2013-11-18 10:47 - 2013-11-18 10:47 - 00000000 ____D C:\Program Files\Speccy 2013-11-18 01:54 - 2013-10-06 14:19 - 00000000 ____D C:\Users\Matthew\Documents\Visual Studio 2012 2013-11-18 01:12 - 2013-11-18 01:12 - 00277600 _____ C:\Windows\Minidump\111813-23166-01.dmp 2013-11-18 00:47 - 2013-11-01 23:06 - 00000000 ____D C:\Users\Matthew\Documents\ERRORS VIRUS and ISSUES 2013-11-18 00:44 - 2013-11-17 21:19 - 00005920 _____ C:\Users\Matthew\Documents\NOTES, CLEANING JAVARA and HP contract options.txt 2013-11-17 21:19 - 2013-10-31 18:59 - 00000000 ____D C:\Users\Matthew\Documents\HP Computer Stuff 2013-11-17 17:48 - 2013-11-17 15:45 - 00028540 _____ C:\Users\Matthew\Documents\Dad Xmas 2013 springfield rounds n info.txt 2013-11-16 21:16 - 2013-11-16 21:13 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\FreeFileViewer 2013-11-16 15:28 - 2013-11-16 15:28 - 00002777 _____ C:\Users\Matthew\Documents\TR Doc for position with Opperation Seabird 16mov2013.txt 2013-11-16 14:57 - 2013-11-16 14:57 - 00674787 _____ C:\Users\Matthew\Documents\at&T nokia 920 lumia screen cover by Moshi.xps 2013-11-16 03:18 - 2013-11-16 03:17 - 00000000 ____D C:\Users\Matthew\AppData\Local\FreeFileViewer 2013-11-16 03:16 - 2013-11-16 03:16 - 00003106 _____ C:\Windows\System32\Tasks\FreeFileViewerUpdateChecker 2013-11-16 03:16 - 2013-11-16 03:16 - 00001085 _____ C:\Users\Matthew\Desktop\FreeFileViewer.lnk 2013-11-16 03:16 - 2013-11-16 03:16 - 00000000 ____D C:\Program Files (x86)\FreeFileViewer 2013-11-16 03:15 - 2013-11-16 03:16 - 16617352 _____ (Bitberry Software ) C:\Users\Matthew\Downloads\FreeFileViewerSetup [1].exe 2013-11-16 03:14 - 2013-11-16 03:14 - 00633744 _____ C:\Users\Matthew\Downloads\FreeFileViewerSetup.exe 2013-11-16 02:04 - 2013-10-29 17:08 - 00000000 ____D C:\Users\Matthew\Documents\WRP JOBS INFO 2013-11-15 18:47 - 2013-09-22 20:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-15 10:54 - 2013-11-15 08:24 - 00009680 _____ C:\Users\Matthew\Documents\kirklands lamp message 15nov2013.txt 2013-11-15 10:04 - 2013-11-15 10:04 - 05401342 _____ C:\Users\Matthew\Downloads\mbam_packed_1.00.0.0400.apk 2013-11-15 10:00 - 2013-11-15 10:00 - 01793648 _____ (Malwarebytes ) C:\Users\Matthew\Downloads\mbae-setup-0.09.4.2000.exe 2013-11-15 08:10 - 2013-11-15 08:10 - 00000365 _____ C:\Users\Matthew\Documents\oil and filters for ford truck 2010platinum.txt 2013-11-15 07:40 - 2013-11-15 07:40 - 00198600 _____ C:\Users\Matthew\Documents\2010f150Platinum Oil and Fluid chart.xps 2013-11-15 03:21 - 2013-11-15 03:21 - 00014473 _____ C:\Users\Matthew\Documents\BF4 data loss FIX Guide.txt 2013-11-15 02:57 - 2013-11-15 02:57 - 00313338 _____ C:\Users\Matthew\Documents\BF4 ISSUES n CRASHES From EA site.xps 2013-11-14 20:41 - 2013-10-19 09:25 - 00000000 ____D C:\mbar 2013-11-14 20:09 - 2013-11-14 19:39 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys 2013-11-14 20:04 - 2013-10-08 17:56 - 00007613 _____ C:\Users\Matthew\AppData\Local\Resmon.ResmonCfg 2013-11-14 18:24 - 2013-11-14 18:24 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys 2013-11-14 16:02 - 2013-11-11 23:59 - 00000000 ____D C:\Program Files (x86)\Cisco Packet Tracer 5.3 2013-11-14 13:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache 2013-11-14 02:05 - 2013-11-13 17:38 - 00003316 _____ C:\Windows\System32\Tasks\{53576FC7-EC5B-454B-A253-9D5ADCD29362} 2013-11-14 02:05 - 2013-11-10 22:30 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-11-14 02:05 - 2013-08-21 10:01 - 00003168 _____ C:\Windows\System32\Tasks\{FAE60746-536A-46A6-AA4A-D0DB645D7713} 2013-11-14 02:04 - 2013-11-14 02:04 - 00000000 ____D C:\Windows\pss 2013-11-14 02:03 - 2013-11-14 02:03 - 00009804 _____ C:\Users\Matthew\Documents\cc_20131114_040302.reg 2013-11-13 23:31 - 2013-11-13 23:31 - 00001127 _____ C:\Users\Matthew\Documents\xbox BF4 issues.txt 2013-11-12 19:50 - 2013-11-12 16:19 - 00007450 _____ C:\Windows\IE11_main.log 2013-11-12 16:09 - 2013-08-16 22:59 - 00000000 ____D C:\Windows\Panther 2013-11-12 16:05 - 2013-08-17 09:16 - 00000000 ____D C:\Windows\System32\MRT 2013-11-12 16:02 - 2013-08-17 09:16 - 82896128 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-11-12 15:52 - 2013-11-10 22:16 - 00006174 _____ C:\Windows\PFRO.log 2013-11-12 15:46 - 2013-11-12 15:46 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2013-11-12 15:46 - 2013-11-12 15:46 - 00000000 ____D C:\users\Default 2013-11-12 13:05 - 2013-11-12 13:05 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-12 13:05 - 2013-11-12 13:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-12 13:04 - 2013-11-12 13:04 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Matthew\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-12 00:00 - 2013-11-12 00:00 - 00000196 _____ C:\Users\Matthew\.packettracer 2013-11-12 00:00 - 2013-08-16 20:34 - 00000000 ____D C:\users\Matthew 2013-11-11 23:59 - 2013-11-11 23:59 - 00001235 _____ C:\Users\Matthew\Desktop\Cisco Packet Tracer.lnk 2013-11-11 23:56 - 2013-10-07 18:50 - 77533021 _____ (Cisco Systems, Inc. ) C:\Users\Matthew\Downloads\PacketTracer53_setup.exe 2013-11-11 15:27 - 2013-10-04 21:36 - 00000000 ____D C:\Users\Matthew\Documents\Apt,Bills,Orders,Important 2013-11-10 22:30 - 2013-11-10 22:30 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-11-10 22:30 - 2013-11-10 22:30 - 00000000 ____D C:\Program Files\CCleaner 2013-11-10 22:20 - 2013-11-10 22:20 - 00001726 _____ C:\Users\Public\Desktop\Defraggler.lnk 2013-11-10 22:20 - 2013-11-10 22:20 - 00000000 ____D C:\Program Files\Defraggler 2013-11-10 22:11 - 2013-11-10 22:11 - 00001520 _____ C:\Users\Matthew\Desktop\FileASSASSIN.exe - Shortcut.lnk 2013-11-10 22:08 - 2013-11-10 22:08 - 00001350 _____ C:\Users\Matthew\Desktop\recuva64.exe - Shortcut.lnk 2013-11-10 21:47 - 2013-11-10 21:47 - 00000000 ____D C:\Users\Matthew\AppData\Local\Secunia PSI 2013-11-10 21:47 - 2013-11-10 21:47 - 00000000 ____D C:\Program Files (x86)\Secunia 2013-11-10 21:46 - 2013-11-10 21:46 - 03864904 _____ (Secunia) C:\Users\Matthew\Downloads\PSISetup.exe 2013-11-10 21:42 - 2013-11-10 21:42 - 00653327 _____ C:\Users\Matthew\AppData\Local\census.cache 2013-11-10 21:42 - 2013-11-10 21:42 - 00070564 _____ C:\Users\Matthew\AppData\Local\ars.cache 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\winlogon.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\taskhost.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\spoolsv.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\services.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\lsm.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\lsass.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\igfxpers.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\hkcmd.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\dwm.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\csrss.exe 2013-11-10 21:21 - 2013-11-10 21:21 - 00000000 _____ C:\Windows\SysWOW64\conhost.exe 2013-11-10 21:20 - 2013-11-10 21:20 - 00000000 _____ C:\Windows\SysWOW64\smss.exe 2013-11-10 21:10 - 2013-11-10 21:10 - 00000036 _____ C:\Users\Matthew\AppData\Local\housecall.guid.cache 2013-11-10 21:08 - 2013-11-10 21:08 - 02049128 _____ (Trend Micro Inc.) C:\Users\Matthew\Downloads\HousecallLauncher.exe 2013-11-10 21:06 - 2013-08-16 21:01 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\QuickScan 2013-11-10 20:43 - 2013-08-23 16:41 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\vlc 2013-11-10 15:53 - 2013-11-10 15:53 - 02347384 _____ (ESET) C:\Users\Matthew\Downloads\esetsmartinstaller_enu.exe 2013-11-10 15:45 - 2013-11-08 13:26 - 04208656 _____ (Piriform Ltd) C:\Users\Matthew\Downloads\dfsetup216.exe 2013-11-10 08:38 - 2013-11-10 08:38 - 00000000 ____D C:\Users\Maggie(magoo)\AppData\Roaming\AVG2014 2013-11-10 08:38 - 2013-11-10 08:38 - 00000000 ____D C:\Users\Maggie(magoo)\AppData\Local\Avg2014 2013-11-10 06:04 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF 2013-11-10 01:39 - 2013-11-10 01:39 - 00352212 _____ C:\Users\Matthew\Documents\deminsions.xps 2013-11-08 23:36 - 2013-11-08 23:36 - 00000000 _____ C:\Windows\setuperr.log 2013-11-08 00:23 - 2013-08-19 23:57 - 00000000 ____D C:\Users\Matthew\AppData\Local\Adobe 2013-11-08 00:23 - 2013-08-17 10:24 - 00000000 ____D C:\Users\Matthew\AppData\Roaming\Adobe 2013-11-08 00:20 - 2013-08-19 23:59 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-11-08 00:08 - 2013-09-08 17:24 - 00000000 ____D C:\Users\Matthew\Documents\TAMUCT 2013-11-06 17:02 - 2013-11-06 17:02 - 00000000 ____D C:\Users\Matthew\AppData\Local\ESN 2013-11-06 17:01 - 2013-11-06 17:01 - 03820328 _____ C:\Users\Matthew\Downloads\battlelog-web-plugins_2.3.0_119.exe 2013-11-06 17:01 - 2013-11-06 17:01 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins 2013-11-06 11:37 - 2013-11-06 11:37 - 00000000 ____D C:\Users\Matthew\Desktop\add and send 2013-11-06 10:41 - 2013-11-06 10:41 - 01343192 _____ (Microsoft Corporation) C:\Users\Matthew\Downloads\VS2012.3.exe 2013-11-04 22:44 - 2013-11-04 22:40 - 00000000 ____D C:\Users\Matthew\Documents\WPA Files 2013-11-04 20:06 - 2013-11-04 22:48 - 00000000 _____ C:\Users\Matthew\Downloads\PASSWD.LOG 2013-11-04 16:25 - 2013-11-04 22:48 - 00009574 _____ C:\Users\Matthew\Downloads\wiatrace.log 2013-11-04 11:09 - 2013-08-23 16:59 - 00000000 ____D C:\Users\Matthew\AppData\Local\HP 2013-11-04 02:14 - 2013-10-19 09:24 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Matthew\Downloads\mbar-1.07.0.1007.exe 2013-11-04 01:39 - 2013-11-04 01:39 - 00000000 ____D C:\Program Files (x86)\FileASSASSIN 2013-11-03 20:13 - 2013-11-03 20:13 - 00112744 _____ C:\Users\Matthew\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-03 18:26 - 2013-11-03 18:25 - 05109136 _____ C:\Windows\System32\FNTCACHE.DAT 2013-11-03 16:33 - 2013-11-03 10:42 - 00020360 _____ C:\Users\Matthew\Desktop\avgrep.txt 2013-11-02 00:34 - 2009-07-13 20:45 - 00027648 _____ C:\Windows\System32\umstartup.etl 2013-11-01 21:02 - 2013-11-01 21:02 - 00000056 _____ C:\Users\Matthew\Documents\FIFA14 UT site.txt 2013-11-01 18:37 - 2013-11-01 18:37 - 00000000 ____D C:\Users\Matthew\Documents\Microsoft AGREEMENTS 2013-11-01 09:05 - 2013-11-01 09:05 - 00000374 _____ C:\Users\Matthew\Documents\214 INF Bco Iraq 2003-2007.txt 2013-10-28 23:36 - 2013-09-08 19:23 - 00000000 ____D C:\Users\Matthew\Documents\My Web Sites 2013-10-28 00:20 - 2013-10-28 00:20 - 00000815 _____ C:\Users\Matthew\Desktop\mbar.exe - Shortcut.lnk 2013-10-27 23:59 - 2013-10-27 23:59 - 04379048 _____ (Piriform Ltd) C:\Users\Matthew\Downloads\ccsetup407.exe 2013-10-26 13:35 - 2013-10-26 13:35 - 00518740 _____ C:\Users\Matthew\Documents\HP update for HD oct1,2013.xps 2013-10-26 13:24 - 2013-10-26 13:24 - 07008468 _____ C:\Users\Matthew\Documents\Accsessability Options Win7 by HP.xps 2013-10-20 19:29 - 2013-08-21 10:17 - 00000000 ____D C:\Program Files\Recuva ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= 5 Restore point made on: 2013-11-11 14:36:29 Restore point made on: 2013-11-12 15:44:49 Restore point made on: 2013-11-12 16:01:56 Restore point made on: 2013-11-12 16:18:48 Restore point made on: 2013-11-12 19:49:04 ==================== Memory info =========================== Percentage of memory in use: 19% Total physical RAM: 4056.36 MB Available physical RAM: 3268.75 MB Total Pagefile: 4056.36 MB Available Pagefile: 3277.91 MB Total Virtual: 8192 MB Available Virtual: 8191.86 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:289.4 GB) (Free:76.26 GB) NTFS Drive d: (CRUCIAL) (Removable) (Total:1.87 GB) (Free:1.86 GB) FAT Drive g: (Repair disc Windows 8 64-bit) (CDROM) (Total:0.22 GB) (Free:0 GB) UDF Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (RECOVERY) (Fixed) (Total:8.61 GB) (Free:8.06 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 08000000) Partition 1: (Not Active) - (Size=78 MB) - (Type=DE) Partition 2: (Active) - (Size=9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=289 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 2 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=2 GB) - (Type=06) LastRegBack: 2013-11-10 22:49 ==================== End Of Log ============================ Windows Error Report of BSOD Problem signature: Problem Event Name: BlueScreen OS Version: 6.1.7601.2.1.0.768.3 Locale ID: 1033 Additional information about the problem: BCCode: 109 BCP1: A3A039D89B1E5920 BCP2: B3B7465EED9C93AA BCP3: FFFFF80000B95080 BCP4: 0000000000000002 OS Version: 6_1_7601 Service Pack: 1_0 Product: 768_1 Files that help describe the problem: C:\Windows\Minidump\111813-22276-01.dmp C:\Users\Matthew\AppData\Local\Temp\WER-57096-0.sysdata.xml Read our privacy statement online: http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409 If the online privacy statement is not available, please read our privacy statement offline: C:\Windows\system32\en-US\erofflps.txt Thank you again

cool, Ill run it now 130pm usa CST will let you know

I almost forgot. I rebooted in from the BSOD in safe mode to get the minidump, and error codes and event logs. I then rebooted in normal mode and re ran the GMER program, that is what is in the ark.txt file I posted.

OK, Here is the ark.txt file. I had to run it two times. After the first run, when I was saving the file, the computer locked up and went to blue screen of death. I rebooted in safemode with networking, and after the ark.txt, I will place the info from the crash. It the even log for Kernal Power and those that were relvent and windows error code for the crash. I have the minidump file if you would like that as well. But, I dont want to attach anything until I know if you want it thanks Ark.txt GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2013-11-18 03:45:27 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0 298.09GB Running: m8x4yqlt.exe; Driver: C:\Users\Matthew\AppData\Local\Temp\pwdiipog.sys ---- Threads - GMER 2.1 ---- Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2684] 00000000779c3e85 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2736] 00000000779c2e65 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2896] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2900] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2904] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2908] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2912] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2916] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2920] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2924] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2928] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2940] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2944] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2948] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2952] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2956] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2960] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2964] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2968] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2972] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2976] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2980] 00000000779c3e85 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2984] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2988] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2992] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:3004] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:3008] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:3120] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:3124] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:3568] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:3704] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2648] 00000000730429e1 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:3724] 00000000779c3e85 Thread c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2600:2752] 00000000779c7151 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application@Sources MSDMine?wltrys Reg HKLM\SYSTEM\ControlSet002\services\eventlog\Application@Sources MSDMine?wltrys ---- EOF - GMER 2.1 ---- Blue Screen of Death files Windows Error info on BSOD Log Name: System Source: EventLog Date: 11/18/2013 3:12:33 AM Event ID: 6008 Task Category: None Level: Error Keywords: Classic User: N/A Computer: BigOne-PC Description: The previous system shutdown at 3:11:02 AM on ‎11/‎18/‎2013 was unexpected. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="EventLog" /> <EventID Qualifiers="32768">6008</EventID> <Level>2</Level> <Task>0</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2013-11-18T09:12:33.000000000Z" /> <EventRecordID>30064</EventRecordID> <Channel>System</Channel> <Computer>BigOne-PC</Computer> <Security /> </System> <EventData> <Data>3:11:02 AM</Data> <Data>‎11/‎18/‎2013</Data> <Data> </Data> <Data> </Data> <Data>160656</Data> <Data> </Data> <Data> </Data> <Binary>DD070B000100120003000B000200A202DD070B000100120009000B000200A202600900003C000000010000006009000000000000B004000001000000D7280100</Binary> </EventData> </Event> Kernal Power Error Log - <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> - <System> <Provider Name="Microsoft-Windows-Kernel-Power" Guid="{331C3B3A-2005-44C2-AC5E-77220C37D6B4}" /> <EventID>41</EventID> <Version>2</Version> <Level>1</Level> <Task>63</Task> <Opcode>0</Opcode> <Keywords>0x8000000000000002</Keywords> <TimeCreated SystemTime="2013-11-18T09:12:16.986414900Z" /> <EventRecordID>30068</EventRecordID> <Correlation /> <Execution ProcessID="4" ThreadID="8" /> <Channel>System</Channel> <Computer>BigOne-PC</Computer> <Security UserID="S-1-5-18" /> </System> - <EventData> <Data Name="BugcheckCode">265</Data> <Data Name="BugcheckParameter1">0xa3a039d89b50e7ec</Data> <Data Name="BugcheckParameter2">0xb3b7465eedcf2266</Data> <Data Name="BugcheckParameter3">0xfffff80000b95080</Data> <Data Name="BugcheckParameter4">0x2</Data> <Data Name="SleepInProgress">false</Data> <Data Name="PowerButtonTimestamp">0</Data> </EventData> </Event>

will do ill let you know thank you

apologizes if I ran this post twice, didn’t mean too, long work days I get my forums and junk confused. thanks

So just so this topic does not get removed again, how long am I to wait for a response. I know that there is 10000 requests for each one of you to help, but should I repost this again, or what? Thank you

Guys, Here is some notes and questions off bat. I am currently using Lookout Vers 8.24-59c0ddc on my Note 2. SGH-I317 Android 4.1.2 Also put the MBAM for the phone ver 1.00.0.0400 and updated it for today. Ran fine, nothing found, no issues. I then ran Lookout and it did try to block it or delete it. Need some info thought. Most antiviruses want administrator permissions for Droid, and you have to give them that, does MBAM for mobile, need admin. Or not, currently Im running it without, just to see. White list, how do you add programs to it, tried a few ways, and no luck Security Audit Notice that its flagging programs based on their google play permissions, and at first it wanted me to turn off items that were already off, now its cool, it figured it out. Also it should let you know that in security Audit, that this is what you should have off, or disabled, and tell you if the item is ON, OFF, or Disabled. That way you can look it up super fast. Also, and all virus programs do this, but it would be super helpful (and super hard) but telling me that say Lookout has access to my text messages and calls is cool, but tell me what that program can do, not just a general, "it could possabily install and listen to your calls and use your SIM to make toll calls..... etc etc" I know how crazy and huge a undertaking that would be, but it would be a new item no one is doing now. So far nice, super fast scan I think mine was 20 secs. Does it also offer phone call and text protection ? great so far, Ill let you know more if that is what you want thanks again

ok, so do I continue with the orgional steps in this topic?

Guys, Here is some notes and questions off bat. I am currently using Lookout Vers 8.24-59c0ddc on my Note 2. SGH-I317 Android 4.1.2 Also put the MBAM for the phone ver 1.00.0.0400 and updated it for today. Ran fine, nothing found, no issues. I then ran Lookout and it did try to block it or delete it. Need some info thought. Most antiviruses want administrator permissions for Droid, and you have to give them that, does MBAM for mobile, need admin. Or not, currently Im running it without, just to see. White list, how do you add programs to it, tried a few ways, and no luck Security Audit Notice that its flagging programs based on their google play permissions, and at first it wanted me to turn off items that were already off, now its cool, it figured it out. Also it should let you know that in security Audit, that this is what you should have off, or disabled, and tell you if the item is ON, OFF, or Disabled. That way you can look it up super fast. Also, and all virus programs do this, but it would be super helpful (and super hard) but telling me that say Lookout has access to my text messages and calls is cool, but tell me what that program can do, not just a general, "it could possabily install and listen to your calls and use your SIM to make toll calls..... etc etc" I know how crazy and huge a undertaking that would be, but it would be a new item no one is doing now. So far nice, super fast scan I think mine was 20 secs. Does it also offer phone call and text protection ? great so far, Ill let you know more if that is what you want thanks again

Guys, and Gals, Been dealing with this for a while now. Stated when Firefox 25 froze the whole computer and I had to do a hard restart (couldn’t push any buttons, when I did gave me the beep sound from BIOS). Happened the next day when using a word document. Wife’s computer, it’s a Dell, went from Windows 7 to Windows 8. Then back to Win7 because Windows 8 was garbage, and a student test copy, but I digress. Looking at the logs from DDS I now see some of the issues, but I will leave it with the pros, being that I got work to do. I've tried the following: AVG 2014 free addition antivirus and rootkit scan (I’ve added Malewarebytes, and Malewarebytes Root Kit to AVG excluded list as per the info from y’all), Ran full scans with Malewarebytes, Mbar RootKit, (even did both with Chameleon just to be sure, first time this happened 5 days ago I couldn’t get Rootkit to run without Chameleon). Tried to fixdamage.exe, ran CCleaner, also did all of these in Safe Mode w/Networking. Ran BIOS tests, (full test took a day to do), Memory, HD, cards etc. Windows updater, maintenance, almost everything I know of. (Short of burning the system down…. Again) Turned off as many processes and services as I could; WIA, search, IPv6, Windows Search, on an on, just trying to get indexing to stop, and memory to come down. Cleaned and turned off as many items during startup as I could to stop my memory hog. In safe mode it runs a lot better, but didn't do a side by side to see the rate of change. I know a lot of Event and Admin Logs in Windows are turned on, but they should over write. Any ways, here a screen shot of my memory usage when I started to type this letter. And the logs. Is this a virus? Old Win8 process? Some help please. Thanks in advanced. (Side note, I have the .old.Windows file still on the Computer, I plan on moving it over to external storage, but I will wait to see if you want me to or not. That is why the HD has limited space and could be some of the issue. Screen Shot is attached. Shows total memory at 4056, cached 2056 Available 2033 Free 0 LOGS . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 8/16/2013 11:34:31 PM System Uptime: 11/4/2013 4:47:45 AM (1 hours ago) . Motherboard: Dell Inc. | | 0F642T Processor: Pentium® Dual-Core CPU T4400 @ 2.20GHz | Microprocessor | 1188/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 289 GiB total, 8.067 GiB free. D: is CDROM () E: is FIXED (NTFS) - 9 GiB total, 8.058 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft Virtual WiFi Miniport Adapter Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&19F9555E&0&01 Manufacturer: Microsoft Name: Microsoft Virtual WiFi Miniport Adapter PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&19F9555E&0&01 Service: vwifimp . ==== System Restore Points =================== . RP48: 10/18/2013 6:13:53 PM - Installed Microsoft OneNote 2013 RP49: 10/18/2013 6:14:53 PM - ONENOTER RP50: 10/18/2013 6:48:25 PM - Installed Microsoft Visio Professional 2013 RP51: 10/18/2013 6:48:47 PM - VISPROR RP52: 10/18/2013 9:49:16 PM - Installed Microsoft Access 2013 RP53: 10/18/2013 9:49:57 PM - ACCESSR RP54: 10/19/2013 11:46:32 PM - Windows Update RP55: 10/27/2013 9:10:54 PM - Scheduled Checkpoint RP56: 10/28/2013 3:11:51 AM - Removed Balsamiq Mockups For Desktop . ==== Installed Programs ====================== . Tools for .Net 3.5 Adobe AIR Adobe Flash Player 11 Plugin AVG 2014 Blend for Visual Studio 2012 Blend for Visual Studio 2012 ENU resources Business Contact Manager for Outlook 2007 SP2 CCleaner Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition Defraggler Dell Resource CD Dell Touchpad Dell Wireless WLAN Card Utility Dotfuscator and Analytics Community Edition Entity Framework Designer for Visual Studio 2012 - enu FileASSASSIN HP Officejet 6600 Basic Device Software IIS 8.0 Express IIS Express Application Compatibility Database for x64 IIS Express Application Compatibility Database for x86 Intel® Rapid Storage Technology LocalESPC LocalESPCui for en-us Malwarebytes Anti-Malware version 1.75.0.1300 Marvell Miniport Driver Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft .NET Framework 4.5 Microsoft .NET Framework 4.5 Multi-Targeting Pack Microsoft .NET Framework 4.5 SDK Microsoft Access 2013 Microsoft Access MUI (English) 2013 Microsoft Access Setup Metadata MUI (English) 2013 Microsoft ASP.NET MVC 3 Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools Microsoft ASP.NET MVC 4 Runtime Microsoft ASP.NET Web Pages Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools Microsoft ASP.NET Web Pages 2 Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools Microsoft ASP.NET Web Pages 2 Runtime Microsoft Help Viewer 2.0 Microsoft LightSwitch for Visual Studio 2012 Core Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU Microsoft NuGet - Visual Studio 2012 Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 64-bit Components 2013 Microsoft Office Accounting 2007 Microsoft Office Accounting ADP Payroll Addin Microsoft Office Accounting Equifax Addin Microsoft Office Accounting Fixed Asset Manager Microsoft Office Accounting PayPal Addin Microsoft Office Excel MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OSM MUI (English) 2013 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing (English) 2013 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Proofing Tools 2013 - English Microsoft Office Proofing Tools 2013 - Español Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2013 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (English) 2013 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2013 Microsoft Office Small Business 2007 Microsoft Office Small Business Connectivity Components Microsoft Office Word MUI (English) 2007 Microsoft OneNote 2013 Microsoft OneNote MUI (English) 2013 Microsoft Portable Library Multi-Targeting Pack Microsoft Portable Library Multi-Targeting Pack Language Pack - enu Microsoft Report Viewer Add-On for Visual Studio 2012 Microsoft Silverlight Microsoft Silverlight 4 SDK Microsoft Silverlight 5 SDK Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 R2 Native Client Microsoft SQL Server 2012 Command Line Utilities Microsoft SQL Server 2012 Data-Tier App Framework Microsoft SQL Server 2012 Express LocalDB Microsoft SQL Server 2012 Management Objects Microsoft SQL Server 2012 Management Objects (x64) Microsoft SQL Server 2012 Native Client Microsoft SQL Server 2012 T-SQL Language Service Microsoft SQL Server 2012 Transact-SQL Compiler Service Microsoft SQL Server 2012 Transact-SQL ScriptDom Microsoft SQL Server Compact 4.0 SP1 Scripting Tools ENU CTP1 Microsoft SQL Server Compact 4.0 SP1 x64 ENU Microsoft SQL Server Compact 4.0 Web Tools ENU Microsoft SQL Server Data Tools - enu (11.1.20627.00) Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server System CLR Types Microsoft SQL Server System CLR Types (x64) Microsoft SQL Server VSS Writer Microsoft System CLR Types for SQL Server 2012 Microsoft System CLR Types for SQL Server 2012 (x64) Microsoft Visio MUI (English) 2013 Microsoft Visio Professional 2013 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727 Microsoft Visual C++ 2012 Compilers Microsoft Visual C++ 2012 Compilers - ENU Resources Microsoft Visual C++ 2012 Core Libraries Microsoft Visual C++ 2012 Extended Libraries Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 Microsoft Visual Studio 2010 Office Developer Tools (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2012 Devenv Microsoft Visual Studio 2012 Devenv Resources Microsoft Visual Studio 2012 Performance Collection Tools Microsoft Visual Studio 2012 Performance Collection Tools - ENU Microsoft Visual Studio 2012 Preparation Microsoft Visual Studio 2012 SharePoint Developer Tools Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack Microsoft Visual Studio 2012 Shell (Minimum) Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies Microsoft Visual Studio 2012 Shell (Minimum) Resources Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU Microsoft Visual Studio Professional 2012 Microsoft Visual Studio Professional 2012 - ENU Microsoft Visual Studio Team Foundation Server 2012 Object Model Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources Microsoft Web Deploy 3.0 Microsoft Web Deploy dbSqlPackage Provider - enu Microsoft Web Developer Tools - Visual Studio 2012 Microsoft Web Platform Installer 4.6 Microsoft WebMatrix 3 Mozilla Firefox 25.0 (x86 en-US) MySQL Connector Net 6.5.4 Outils de vérification linguistique 2013 de Microsoft Office - Français PreEmptive Analytics Visual Studio Components Prerequisites for SSDT Realtek USB 2.0 Card Reader Recuva SafeHouse Explorer 3.01 Secure Download Manager Security Update for Microsoft .NET Framework 4.5 (KB2737083) Security Update for Microsoft .NET Framework 4.5 (KB2742613) Security Update for Microsoft .NET Framework 4.5 (KB2789648) Security Update for Microsoft .NET Framework 4.5 (KB2804582) Security Update for Microsoft .NET Framework 4.5 (KB2833957) Security Update for Microsoft .NET Framework 4.5 (KB2840642v2) Security Update for Microsoft .NET Framework 4.5 (KB2861208) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition Security Update for Microsoft Office 2013 (KB2810009) 32-Bit Edition Security Update for Microsoft Office 2013 (KB2817623) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition Speccy Update for (KB2504637) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4.5 (KB2750147) Update for Microsoft .NET Framework 4.5 (KB2805221) Update for Microsoft .NET Framework 4.5 (KB2805226) Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition Update for Microsoft Lync 2013 (KB2817621) 32-Bit Edition Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition Update for Microsoft Office 2013 (KB2737954) 32-Bit Edition Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition Update for Microsoft Office 2013 (KB2760257) 32-Bit Edition Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition Update for Microsoft Office 2013 (KB2817309) 32-Bit Edition Update for Microsoft Office 2013 (KB2817311) 32-Bit Edition Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition Update for Microsoft Office 2013 (KB2817493) 32-Bit Edition Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition Update for Microsoft Office 2013 (KB2817640) 32-Bit Edition Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition Update for Microsoft Office 2013 (KB2827228) 32-Bit Edition Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition Update for Microsoft Office 2013 (KB2827235) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update for Microsoft OneNote 2013 (KB2810016) 32-Bit Edition Update for Microsoft Outlook 2013 (KB2825632) 32-Bit Edition Update for Microsoft Project 2013 (KB2767859) 32-Bit Edition Update for Microsoft SkyDrive Pro (KB2825633) 32-Bit Edition Update for Microsoft Visio 2013 (KB2752018) 32-Bit Edition Update for Microsoft Visio 2013 (KB2810008) 32-Bit Edition Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition Update for Microsoft Visual Studio 2012 (KB2781514) Visual Studio 2012 Prerequisites Visual Studio 2012 Prerequisites - ENU Language Pack Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Visual Studio Extensions for Windows Library for JavaScript VLC media player 2.0.8 WCF Data Services 5.0 (for OData v3) Primary Components WCF Data Services Tools for Microsoft Visual Studio 2012 WCF RIA Services V1.0 SP2 Windows App Certification Kit Native Components Windows App Certification Kit x64 Windows Runtime Intellisense Content - en-us Windows Software Development Kit Windows Software Development Kit DirectX x64 Remote Windows Software Development Kit DirectX x86 Remote Windows Software Development Kit for Windows Store Apps Windows Software Development Kit for Windows Store Apps DirectX x64 Remote Windows Software Development Kit for Windows Store Apps DirectX x86 Remote . ==== Event Viewer Messages From Past Week ======== . 11/4/2013 4:47:05 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 11/4/2013 4:24:40 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 11/4/2013 4:24:40 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261- 43CE-924B-0704BD730D5F} 11/4/2013 4:24:40 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A- 4927-A040-7C35AD3180EF} 11/4/2013 4:23:21 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0 -8F20-00805F2CD064} 11/4/2013 4:23:20 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A- 11D8-B9A5-505054503030} 11/4/2013 4:23:20 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08- 4F1F-BEB7-5C22C517CE39} 11/4/2013 4:23:14 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766- 5536-11D1-B726-00C04FB926AF} 11/4/2013 4:23:04 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 11/4/2013 4:22:50 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21 11/4/2013 4:22:34 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgdiska AVGIDSDriver Avgldx64 discache SafDskNT spldr Wanarpv6 11/4/2013 4:22:31 AM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning. 11/4/2013 4:16:31 AM, Error: mbamchameleon [61440] - 11/3/2013 8:27:41 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 11/3/2013 8:27:41 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16720 Run by Matthew at 5:35:51 on 2013-11-04 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4056.2121 [GMT -6:00] . AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k apphost C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe C:\Windows\system32\taskhost.exe C:\Windows\System32\tcpsvcs.exe c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\svchost.exe -k iissvcs C:\Windows\Explorer.EXE c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\AVG\AVG2014\avgcfgex.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\splwow64.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY StartupFolder: C:\Users\Matthew\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:255 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} Trusted Zone: dell.com TCP: NameServer = 209.18.47.61 209.18.47.62 192.168.1.1 TCP: Interfaces\{208C2BE8-74B5-477D-977E-BEEB3844B471} : DHCPNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 TCP: Interfaces\{AD79CE5D-73CC-4CE1-BDC7-C63DF6068424} : DHCPNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL SSODL: WebCheck - <orphaned> x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\ud6fykvd.default\ FF - prefs.js: browser.search.selectedEngine - Google SSL FF - plugin: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll FF - ExtSQL: 2013-10-05 12:25; {3975c680-be94-11dd-ad8b-0800200c9a66}; C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\ud6fykvd.default\extensions\{3975c680-be94-11dd-ad8b- 0800200c9a66}.xpi FF - ExtSQL: 2013-10-05 12:25; tineye@ideeinc.com; C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\ud6fykvd.default\extensions\tineye@ideeinc.com.xpi FF - ExtSQL: 2013-10-12 22:25; {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}; C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\ud6fykvd.default\extensions\{9c51bd27-6ed8-4000-a2bf- 36cb95c0c947}.xpi FF - ExtSQL: 2013-10-12 22:25; client@anonymox.net; C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\ud6fykvd.default\extensions\client@anonymox.net.xpi . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-9-2 192824] R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-9-2 294712] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-8-20 123704] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-8 31544] R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-9-25 148792] R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-9-2 241464] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-9-2 212280] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192] R1 SafDskNT;SafeHouse;C:\Windows\System32\drivers\SAFDSKNT.SYS [2013-10-4 76112] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-25 301152] R2 MsDepSvc;Web Deployment Agent Service;C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2012-9-6 80472] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2013-8-20 215552] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-9-28 395264] S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-10-3 3538480] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-8 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856] S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2013-11-3 91352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-8-17 19456] S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-7-25 126976] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-8-17 57856] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-8-17 1255736] . =============== Created Last 30 ================ . 2013-11-04 09:39:12 -------- d-----w- C:\Program Files (x86)\FileASSASSIN 2013-11-03 08:06:33 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2013-11-02 06:26:28 -------- d-----w- C:\Users\Matthew\AppData\Local\ElevatedDiagnostics 2013-10-19 17:25:50 -------- d-----w- C:\mbar 2013-10-18 23:50:15 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2013-10-09 07:00:58 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-10-09 03:25:54 -------- d-----w- C:\Users\Matthew\AppData\Roaming\Systenance 2013-10-08 04:25:34 -------- d-----w- C:\SymCache 2013-10-07 02:27:36 -------- d-----w- C:\Users\Matthew\AppData\Roaming\BalsamiqMockupsForDesktop.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1 2013-10-07 02:27:34 -------- d-----w- C:\Users\Matthew\AppData\Roaming\BalsamiqMockupsForDesktop 2013-10-07 00:03:57 -------- d-----w- C:\Users\Matthew\AppData\Roaming\NuGet 2013-10-06 22:21:53 2489504 ----a-w- C:\ProgramData\Microsoft\VisualStudio\11.0\1033\ResourceCache.dll 2013-10-06 22:15:16 -------- d-----w- C:\Program Files\Application Verifier 2013-10-06 22:15:16 -------- d-----w- C:\Program Files (x86)\Application Verifier 2013-10-06 22:15:12 -------- d-----w- C:\ProgramData\Windows App Certification Kit 2013-10-06 22:14:19 -------- d-----w- C:\Program Files (x86)\Common Files\Microsoft 2013-10-06 22:13:58 -------- d-----w- C:\ProgramData\PreEmptive Solutions 2013-10-06 22:11:32 -------- d-----w- C:\Program Files (x86)\Microsoft Web Tools 2013-10-06 22:10:39 -------- d-----w- C:\Program Files (x86)\NuGet 2013-10-06 22:10:31 -------- d-----w- C:\Program Files (x86)\Microsoft WCF Data Services 2013-10-06 22:09:06 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll 2013-10-06 22:08:11 -------- d-----w- C:\Program Files (x86)\Windows Kits 2013-10-06 22:03:55 -------- d-----w- C:\Program Files (x86)\HTML Help Workshop 2013-10-06 22:03:09 -------- d-----w- C:\Program Files (x86)\Microsoft Help Viewer 2013-10-06 21:57:45 -------- d-----w- C:\Program Files (x86)\Common Files\Merge Modules 2013-10-06 21:56:40 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 11.0 2013-10-06 21:56:21 -------- d-----w- C:\Program Files\Microsoft Visual Studio 11.0 2013-10-06 21:30:22 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft . ==================== Find3M ==================== . 2013-10-09 15:59:18 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-09 15:59:18 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-09-26 02:07:30 148792 ----a-w- C:\Windows\System32\drivers\avgdiska.sys 2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll 2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-09-16 22:43:44 252399 ----a-w- C:\ProgramData\1379371371.bdinstall.bin 2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-09-09 03:11:42 31544 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys 2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll 2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll 2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-09-02 15:59:14 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys 2013-09-02 15:29:18 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys 2013-09-02 15:26:50 192824 ----a-w- C:\Windows\System32\drivers\avgidsha.sys 2013-09-02 15:26:42 241464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys 2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll 2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll 2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll 2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll 2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll 2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll 2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll 2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys 2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll 2013-08-25 04:19:26 889416 ----a-w- C:\Users\Matthew\AppData\Roaming\dotNetFx40_Full_setup.exe 2013-08-21 03:53:58 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys 2013-08-17 08:23:26 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2013-08-17 08:23:25 175616 ----a-w- C:\Windows\System32\msclmd.dll 2013-08-17 05:07:28 604211 ----a-w- C:\ProgramData\1376715695.bdinstall.bin 2013-08-17 03:12:53 268435456 --sha-w- C:\swapfile.sys . ============= FINISH: 5:37:36.27 ===============