ScottyChaos

Addition Additional scan result of Farbar Recovery Scan Tool (x86) Version:11-05-2014 01 Ran by End User at 2014-05-12 21:44:33 Running from C:\Users\End User\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C} AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated) Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Help Manager (Version: 4.0.244 - Adobe Systems Incorporated) Hidden Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.) Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) AMD APP SDK Runtime (Version: 10.0.851.4 - Advanced Micro Devices Inc.) Hidden AMD Catalyst Install Manager (HKLM\...\{B33D8DA3-28E5-2EA8-CC16-8D8A9CED91C4}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.) AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden AMD Media Foundation Decoders (Version: 1.0.61205.2219 - Advanced Micro Devices, Inc.) Hidden AOL Messaging Toolbar (HKCU\...\AOL Messaging Toolbar) (Version: - ) Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.20007 - Ask.com) <==== ATTENTION avast! Free Antivirus (HKLM\...\avast) (Version: 6.0.1367.0 - AVAST Software) BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.1.30889 - BitTorrent Inc.) BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Bundled software uninstaller (HKLM\...\bi_uninstaller) (Version: - ) <==== ATTENTION Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version: - ) Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center (Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden CCC Help English (Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden ccc-utility (Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Citrix Online Launcher (HKLM\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix) Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.5) (Version: 5.0.0.5 - Coupons.com Incorporated) DC Universe Online (HKLM\...\Steam App 24200) (Version: - Sony Online Entertainment) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version: - Microsoft) Diablo III (HKLM\...\Diablo III) (Version: 1.0.8.16603 - Blizzard Entertainment) Download Updater (AOL Inc.) (HKLM\...\SoftwareUpdUtility) (Version: - AOL Inc.) <==== ATTENTION Elizabeth Find M.D. (HKLM\...\{27FEB834-4E59-42AC-BBE9-69B875E78A96}) (Version: 1.00.0000 - Valusoft) EverQuest II (HKLM\...\Steam App 201230) (Version: - Sony Online Entertainment) Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited) Fallout 3 (HKLM\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks) Fallout Mod Manager 0.13.21 (HKLM\...\Generic Mod Manager_is1) (Version: - Q, Timeslip) ffdshow v1.2.4422 [2012-04-09] (HKLM\...\ffdshow_is1) (Version: 1.2.4422.0 - ) GameXN GO (HKCU\...\Game Organizer) (Version: - GameXN AS) Google Talk Plugin (HKLM\...\{2A83AD05-56E6-3FBD-8752-B4143162EF59}) (Version: 4.9.1.16010 - Google) GoToAssist Customer 2.0.0.637 (HKLM\...\GoToAssist Express Customer) (Version: 2.0.0.637 - Citrix Online) HDVidCodec (HKLM\...\1ClickDownload) (Version: 2.1 Build 26473 - hdvidcodec.com) Hi-Rez Studios Games (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) HP Deskjet 2510 series Basic Device Software (HKLM\...\{867988FA-BCE7-46E9-A7E8-DC084A843319}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet 2510 series Help (HKLM\...\{234DADAD-3C3C-4FB1-90A4-0AF015D56E18}) (Version: 27.0.0 - Hewlett Packard) HP Deskjet 2510 series Product Improvement Study (HKLM\...\{79992AEE-6F58-4DAB-97D0-ADDF278F08F4}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet 2510 series Setup Guide (HKLM\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard) HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.12412 - HP) HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.) INTELLINET WLAN (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.5.0 - INTELLINET) iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.) Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Java 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.290 - Oracle) League of Legends (HKLM\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games) League of Legends (Version: 3.0.0 - Riot Games) Hidden LG USB Modem driver (HKLM\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: - ) Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.) Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Home and Student 2010 - English (HKLM\...\{90140011-0061-0409-0000-0000000FF1CE}) (Version: 14.0.5123.5002 - Microsoft Corporation) Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden Mozilla Firefox 25.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 25.0.1 (x86 en-US)) (Version: 25.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla) Mplayer 0.6.9 (HKLM\...\Mplayer) (Version: 0.6.9 - ) Mysearchdial (HKLM\...\mysearchdial) (Version: - Mysearchdial) <==== ATTENTION Nitro Reader 3 (HKLM\...\{F5451D00-B448-4E9A-82DC-1929F4F1910D}) (Version: 3.5.6.5 - Nitro) Norton Internet Security (Version: 18.5.0.125 - Symantec Corporation) Hidden NVIDIA PhysX (HKLM\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) On Networks N300MA (HKLM\...\{426673D5-5853-4B0C-A0CD-01EF434D64F7}) (Version: 1.0.0.16 - On Networks) OpenOffice.org 3.1 (HKLM\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9399 - OpenOffice.org) Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.) Planescape Torment (HKLM\...\Planescape Torment_is1) (Version: - GOG.com) PowerISO (HKLM\...\PowerISO) (Version: 5.9 - Power Software Ltd) QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) RAGE (HKLM\...\Steam App 9200) (Version: - ) RaidCall (HKLM\...\RaidCall) (Version: 7.3.0-1.0.10926.49 - raidcall.com) Saints Row: The Third - Initiation Station (HKLM\...\Steam App 55370) (Version: - Volition) Sendori (HKLM\...\Sendori) (Version: 2.0.17 - Sendori, Inc.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation) Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.) Starcraft Brood War (RAZOR 1911) (HKLM\...\Starcraft Brood War (RAZOR 1911)) (Version: - ) Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.12799 - TeamViewer) The Lord of the Rings Online™ (HKLM\...\Steam App 212500) (Version: - ) TomTom HOME (HKLM\...\{EC5F4C1B-F838-4CB7-8561-8F809296428B}) (Version: 2.9.5 - TomTom) TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Tube Dimmer (HKLM\...\TubeDimmer) (Version: 2.6.43 - Creative Island Media, LLC) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.WORD_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.WORD_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.WORD_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft) Updater (HKLM\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.43 - Creative Island Media, LLC) <==== ATTENTION VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.) Wedding Dash (HKLM\...\Wedding Dash) (Version: - PlayFirst, Inc.) Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) Yontoo 2.04.1 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 2.04.1 - Yontoo LLC) <==== ATTENTION ==================== Restore Points ========================= 08-05-2014 07:00:20 Windows Update 09-05-2014 07:00:19 Windows Update 11-05-2014 23:00:08 Windows Backup ==================== Hosts content: ========================== 2009-07-13 22:04 - 2013-04-06 19:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {015992A5-2B0B-4693-9F3D-EAF856231261} - System32\Tasks\ProgramUpdateCheck => C:\Program Files\File Type Assistant\TSAssist.exe <==== ATTENTION Task: {11218BC2-5F02-48AB-AA3F-F85452139DF3} - System32\Tasks\bench-sys => C:\Program Files\Bench\Updater\Updater.exe <==== ATTENTION Task: {1C476BCA-C5F1-46D6-95A8-851454C03277} - System32\Tasks\{6C2AAB51-7C79-4CC1-BEEA-189D9AAC88FF} => c:\program files\safari\safari.exe Task: {25A8D906-47DC-4E8D-8355-A12643A9ED49} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3936776656-3842963282-3635982794-1000UA => C:\Users\End User\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-17] (Google Inc.) Task: {28D9E656-31AF-44E4-96E4-D624B4D3D777} - System32\Tasks\TidyNetwork Update => C:\Users\End User\AppData\Local\TidyNetwork\petnupdate.exe Task: {3B8211FF-6063-4F20-BD4E-596D0F5E69A7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {3CC5B865-0178-4030-A858-DFCC7426B793} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2013-11-29] () Task: {86AAC4AF-93DE-4FC8-9880-7DC8D9A6D388} - System32\Tasks\HPCustParticipation HP Deskjet 2510 series => C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.) Task: {8A3BB211-38CC-474B-A2ED-AABD24AB978A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3936776656-3842963282-3635982794-1000Core => C:\Users\End User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-17] (Facebook Inc.) Task: {98BD0A90-FE40-4006-8FC2-079049B1088F} - System32\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel => C:\Program Files\AVG SafeGuard toolbar\AVG-Secure-Search-Update_MAY2013_TB.exe Task: {9AA20976-102D-49AC-8D46-EC06F9F565F3} - System32\Tasks\{7F37E5BE-CAC0-4978-94F1-410793181C3C} => C:\Program Files\Skype\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.) Task: {9BCE13F4-2642-4526-88A9-146E3B6D3614} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3936776656-3842963282-3635982794-1000UA => C:\Users\End User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-17] (Facebook Inc.) Task: {ADA91FE8-0D66-474B-AA7B-1D5480088159} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated) Task: {AE27C816-3A93-4A5D-92BE-2D8FFCF0C288} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {B1714868-DF2B-425B-B02F-02BAE528C715} - System32\Tasks\bench-S-1-5-21-3936776656-3842963282-3635982794-1000 => C:\Program Files\Bench\Updater\Updater.exe <==== ATTENTION Task: {BA3C2847-036F-48C6-983A-075DA0420C98} - System32\Tasks\MySearchDial => C:\Users\ENDUSE~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {BF2B928F-A872-4CF2-A0BE-A78D22C099B9} - System32\Tasks\{FF279205-2856-47CA-A1CA-3F438941E445} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=4.2.0.187.259&LastError=404 Task: {BFC9A0BD-4F16-4128-BB83-449D513294A2} - System32\Tasks\AmiUpdXp => C:\Users\End User\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION Task: {D357FD75-AFEA-425A-A424-21CBDE123FCB} - System32\Tasks\ProgramRefresh-ATFST => C:\Program Files\File Type Assistant\tsasetup.exe <==== ATTENTION Task: {EAA13E51-C755-47D6-B7D8-817E64CD2613} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2012-01-03] () <==== ATTENTION Task: {F162E8F0-E322-425A-87B7-3DABFA312992} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3936776656-3842963282-3635982794-1000Core => C:\Users\End User\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-17] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel.job => C:\Program Files\AVG SafeGuard toolbar\AVG-Secure-Search-Update_MAY2013_TB.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3936776656-3842963282-3635982794-1000Core.job => C:\Users\End User\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3936776656-3842963282-3635982794-1000UA.job => C:\Users\End User\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3936776656-3842963282-3635982794-1000Core.job => C:\Users\End User\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3936776656-3842963282-3635982794-1000UA.job => C:\Users\End User\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\ENDUSE~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: C:\Windows\Tasks\{BE272495-317E-4606-AB9C-34B6F83B8FEF}.job => c:\program files\mozilla firefox\firefox.exe ==================== Loaded Modules (whitelisted) ============= 2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2010-09-11 22:45 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll 2013-11-29 22:00 - 2013-11-12 23:39 - 03363952 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2014-04-28 15:38 - 2014-04-28 15:38 - 16351920 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll 2013-11-29 21:15 - 2013-11-29 21:15 - 00185920 _____ () C:\ProgramData\HP Photo Creations\Communicator.exe ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:373E1720 AlternateDataStreams: C:\ProgramData\TEMP:70B3C619 ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\69998152.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\69998152.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist Remote Support Customer => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service" ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: avast! Antivirus => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: ioloSystemService => 2 MSCONFIG\Services: npggsvc => 3 MSCONFIG\Services: RalinkRegistryWriter => 2 MSCONFIG\Services: SProtection => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: SwitchBoard => 3 MSCONFIG\Services: TeamViewer7 => 2 MSCONFIG\Services: WSN300MA => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^INTELLINET Wireless Utility.lnk => C:\Windows\pss\INTELLINET Wireless Utility.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^End User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\End User\AppData\Local\Akamai\netsession_win.exe" MSCONFIG\startupreg: AllTubeDownloader => "C:\Program Files\AllTubeDownloader\AllTubeDownloader.exe" --hide MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe" MSCONFIG\startupreg: BitTorrent => "C:\Program Files\BitTorrent\BitTorrent.exe" /MINIMIZED MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE MSCONFIG\startupreg: Facebook Update => "C:\Users\End User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: GameXN GO => "C:\ProgramData\GameXN\GameXNGO.exe" /startup MSCONFIG\startupreg: Google Update => "C:\Users\End User\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: Iminent => C:\Program Files\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C" MSCONFIG\startupreg: IminentMessenger => C:\Program Files\Iminent\Iminent.Messengers.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: MouseDriver => TiltWheelMouse.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: Realtime Audio Engine => "mmrtkrnl.exe" /i MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\Steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: Yontoo Desktop => "C:\Users\End User\AppData\Roaming\Yontoo\YontooDesktop.exe" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/12/2014 11:03:14 AM) (Source: BstHdAndroidSvc) (User: ) (EventID: 0) Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (05/12/2014 09:31:11 AM) (Source: Google Update) (User: ROBERTR-PC) (EventID: 20) Description: Network Request Error. Error: 0x8004212e. Http status code: 302. Url=https://www.facebook.com/omaha/update.php Trying config: source=FireFox, direct connection. trying CUP:WinHTTP. Send request returned 0x8004212e. Http status code 302. trying WinHTTP. Send request returned 0x80072efd. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x8004212e. Http status code 302. trying WinHTTP. Send request returned 0x80072efd. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=FireFox, direct connection. trying CUP:WinHTTP. Send request returned 0x8004212e. Http status code 302. trying WinHTTP. Send request returned 0x80072efd. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request r Error: (05/12/2014 02:08:40 AM) (Source: SideBySide) (User: ) (EventID: 33) Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (05/12/2014 02:07:16 AM) (Source: SideBySide) (User: ) (EventID: 33) Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (05/12/2014 02:05:49 AM) (Source: SideBySide) (User: ) (EventID: 33) Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (05/11/2014 00:09:21 AM) (Source: SideBySide) (User: ) (EventID: 33) Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (05/11/2014 00:06:14 AM) (Source: SideBySide) (User: ) (EventID: 33) Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (05/11/2014 00:03:57 AM) (Source: SideBySide) (User: ) (EventID: 33) Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (05/09/2014 10:07:51 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY) (EventID: 3011) Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (05/09/2014 10:07:51 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY) (EventID: 3012) Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. System errors: ============= Error: (05/12/2014 07:05:04 PM) (Source: Service Control Manager) (User: ) (EventID: 7031) Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (05/12/2014 03:03:58 PM) (Source: Service Control Manager) (User: ) (EventID: 7031) Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (05/12/2014 11:03:56 AM) (Source: Service Control Manager) (User: ) (EventID: 7026) Description: The following boot-start or system-start driver(s) failed to load: wgvcv Error: (05/12/2014 11:03:14 AM) (Source: Service Control Manager) (User: ) (EventID: 7023) Description: The BlueStacks Android Service service terminated with the following error: %%1064 Error: (05/12/2014 11:01:07 AM) (Source: DCOM) (User: ) (EventID: 10010) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/12/2014 07:50:54 AM) (Source: Service Control Manager) (User: ) (EventID: 7031) Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (05/12/2014 03:49:51 AM) (Source: Service Control Manager) (User: ) (EventID: 7031) Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (05/11/2014 11:48:47 PM) (Source: Service Control Manager) (User: ) (EventID: 7031) Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (05/11/2014 07:47:44 PM) (Source: Service Control Manager) (User: ) (EventID: 7031) Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (05/11/2014 03:46:39 PM) (Source: Service Control Manager) (User: ) (EventID: 7031) Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Microsoft Office Sessions: ========================= Error: (05/12/2014 11:03:14 AM) (Source: BstHdAndroidSvc) (User: ) (EventID: 0) Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (05/12/2014 09:31:11 AM) (Source: Google Update) (User: ROBERTR-PC) (EventID: 20) Description: Network Request Error. Error: 0x8004212e. Http status code: 302. Url=https://www.facebook.com/omaha/update.php Trying config: source=FireFox, direct connection. trying CUP:WinHTTP. Send request returned 0x8004212e. Http status code 302. trying WinHTTP. Send request returned 0x80072efd. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x8004212e. Http status code 302. trying WinHTTP. Send request returned 0x80072efd. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=FireFox, direct connection. trying CUP:WinHTTP. Send request returned 0x8004212e. Http status code 302. trying WinHTTP. Send request returned 0x80072efd. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request r Error: (05/12/2014 02:08:40 AM) (Source: SideBySide) (User: ) (EventID: 33) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\on networks\N300MA\WPSAgt64.exe Error: (05/12/2014 02:07:16 AM) (Source: SideBySide) (User: ) (EventID: 33) Description: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\Users\all users\GameXN\ezShell64Run.exe Error: (05/12/2014 02:05:49 AM) (Source: SideBySide) (User: ) (EventID: 33) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 2510 series\DriverStore\Pipeline\amd64\hpinkinsAC11.exe Error: (05/11/2014 00:09:21 AM) (Source: SideBySide) (User: ) (EventID: 33) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\on networks\N300MA\WPSAgt64.exe Error: (05/11/2014 00:06:14 AM) (Source: SideBySide) (User: ) (EventID: 33) Description: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\Users\all users\GameXN\ezShell64Run.exe Error: (05/11/2014 00:03:57 AM) (Source: SideBySide) (User: ) (EventID: 33) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 2510 series\DriverStore\Pipeline\amd64\hpinkinsAC11.exe Error: (05/09/2014 10:07:51 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY) (EventID: 3011) Description: WmiApRplWmiApRpl8F20300004D070000 Error: (05/09/2014 10:07:51 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY) (EventID: 3012) Description: Performance1637070000000000000000000009030000 CodeIntegrity Errors: =================================== Date: 2014-04-28 22:23:19.326 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-28 22:20:28.681 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-28 21:59:23.394 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-28 21:57:04.556 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-28 20:24:07.454 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-28 03:23:03.097 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-27 21:43:16.208 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-27 15:56:22.605 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-27 13:58:04.562 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-27 13:47:51.138 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 51% Total physical RAM: 3067.63 MB Available physical RAM: 1493.08 MB Total Pagefile: 6133.54 MB Available Pagefile: 3791.1 MB Total Virtual: 2047.88 MB Available Virtual: 1874.39 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:32.24 GB) NTFS Drive d: (CASIO) (CDROM) (Total:0.41 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 0C7CCE70) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ==================== End Of Log ============================

I can go through here, I'm not a paying customer. Here are the two logs FRST Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-05-2014 01 Ran by End User (administrator) on ROBERTR-PC on 12-05-2014 21:43:08 Running from C:\Users\End User\Desktop Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Coupons.com Inc.) C:\Program Files\Coupons\CouponPrinterService.exe (Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe (Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Sendori) C:\Program Files\Sendori\sndappv2.exe (TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Sendori, Inc.) C:\Program Files\Sendori\SendoriSvc.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Sendori, Inc.) C:\Program Files\Sendori\SendoriUp.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Sendori, Inc.) C:\Program Files\Sendori\SendoriTray.exe (BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe (Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (BitTorrent Inc.) C:\Users\End User\AppData\Roaming\BitTorrent\BitTorrent.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\javaws.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (sendori) C:\Program Files\Sendori\Sendori.Service.exe () C:\ProgramData\HP Photo Creations\Communicator.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.) HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM\...\Run: [] => [X] HKLM\...\Run: [sendori Tray] => C:\Program Files\Sendori\SendoriTray.exe [83232 2014-05-07] (Sendori, Inc.) HKLM\...\Run: [RaidCall] => C:\Program Files\RaidCall\raidcall.exe [3440312 2013-10-24] (RAIDCALL.COM) HKLM\...\Run: [blueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [807696 2013-12-20] (BlueStack Systems, Inc.) HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [337432 2014-03-11] (Power Software Ltd) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) Winlogon\Notify\GoToAssist Express Customer: C:\Program Files\Citrix\GoToAssist Remote Support Customer\637\g2ax_winlogon.dll (Citrix Online, a division of Citrix Systems, Inc.) HKU\S-1-5-21-3936776656-3842963282-3635982794-1000\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-03-22] (TomTom) HKU\S-1-5-21-3936776656-3842963282-3635982794-1000\...\Run: [Google Update] => C:\Users\End User\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-17] (Google Inc.) HKU\S-1-5-21-3936776656-3842963282-3635982794-1000\...\Run: [bitTorrent] => C:\Users\End User\AppData\Roaming\BitTorrent\BitTorrent.exe [1240664 2014-05-07] (BitTorrent Inc.) HKU\S-1-5-21-3936776656-3842963282-3635982794-1000\...\Run: [DW7] => "C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe" HKU\S-1-5-21-3936776656-3842963282-3635982794-1000\...\Run: [AIM for Windows] => "C:\Users\End User\AppData\Local\AOL\AIM\aim.exe" HKU\S-1-5-21-3936776656-3842963282-3635982794-1000\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\End User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 2510 series.lnk ShortcutTarget: Monitor Ink Alerts - HP Deskjet 2510 series.lnk -> C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) Startup: C:\Users\End User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (No File) Startup: C:\Users\End User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x28B5242ADB50CB01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd HKCU\Software\Microsoft\Internet Explorer\Main,Old Start Page = http://search.coupons.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Old Start Page = http://search.coupons.com/ URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046} URLSearchHook: HKLM - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File SearchScopes: HKLM - DefaultScope {0CF3504F-FFC0-4DB2-8FCC-AAEDA32D7008} URL = SearchScopes: HKLM - _tmp URL = SearchScopes: HKLM - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us&tb_uuid=20111013230446791&tb_oid=13-10-2011&tb_mrud=13-10-2011 SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ieb&appid=20&systemid=1&sr=0&q={searchTerms} SearchScopes: HKCU - D05118740D7445A98F71C46D041D225D URL = http://search.yahoo.com/search?ei=utf-8&fr=befds&p={searchTerms}&type=ieds-3.8-1312 SearchScopes: HKCU - _tmp URL = SearchScopes: HKCU - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us&tb_uuid=20111013230446791&tb_oid=13-10-2011&tb_mrud=13-10-2011 SearchScopes: HKCU - {0CF3504F-FFC0-4DB2-8FCC-AAEDA32D7008} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289663&CUI=UN25423557993903115&UM=2 SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=5e72bdf80000000000004c60def4ece1 SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = SearchScopes: HKCU - {180780f0-b348-4b44-8210-94a8f3ee15b2} URL = http://search.comcast.net/search/?cat=Web&con=toolbar&q={searchTerms} SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://search.coupons.com/search.asp?p=df&q={searchTerms} SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ieb&appid=20&systemid=1&sr=0&q={searchTerms} SearchScopes: HKCU - {FEEB8D47-9C83-43B9-840C-9A87F011B6CB} URL = http://www.mysearchresults.com/search?&c=2652&t=03&q={searchTerms} BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: DownloadTerms - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\End User\AppData\Local\DownloadTerms\temp.dat () BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: PETN - {FC69A069-8899-4CE5-8E12-085BC90170CB} - C:\Users\End User\AppData\Local\TidyNetwork\petn.dll No File BHO: TBSB07898 Class - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll No File Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Winsock: Catalog9 01 C:\Windows\system32\Sendori.dll [325920] (Sendori) Winsock: Catalog9 02 C:\Windows\system32\Sendori.dll [325920] (Sendori) Winsock: Catalog9 03 C:\Windows\system32\Sendori.dll [325920] (Sendori) Winsock: Catalog9 04 C:\Windows\system32\Sendori.dll [325920] (Sendori) Winsock: Catalog9 15 C:\Windows\system32\Sendori.dll [325920] (Sendori) Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 FireFox: ======== FF ProfilePath: C:\Users\End User\AppData\Roaming\Mozilla\Firefox\Profiles\apa407pu.default FF user.js: detected! => C:\Users\End User\AppData\Roaming\Mozilla\Firefox\Profiles\apa407pu.default\user.js FF NewTab: about:blank FF SearchEngineOrder.3: Bing FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File FF Plugin: @nitropdf.com/NitroPDF - C:\Program Files\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF) FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin: @raidcall.en/RCplugin - C:\Users\End User\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall) FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\End User\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\End User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\End User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\End User\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\End User\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\End User\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\End User\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\End User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\End User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\End User\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin ProgramFiles/Appdata: C:\Users\End User\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF SearchPlugin: C:\Users\End User\AppData\Roaming\Mozilla\Firefox\Profiles\apa407pu.default\searchplugins\bingp.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\xfinity.xml FF Extension: Adblock Plus - C:\Users\End User\AppData\Roaming\Mozilla\Firefox\Profiles\apa407pu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-11] FF Extension: DownloadTerms - C:\Program Files\Mozilla Firefox\extensions\cxfnl@nxazbwxrbgsgfqqp.net [2013-05-28] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-22] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-22] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF FF Extension: avast! WebRep - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-11-12] FF HKLM\...\Firefox\Extensions: [{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}] - C:\Program Files\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi Chrome: ======= CHR HKLM\...\Chrome\Extension: [hemjgdpngmhbimofcicjfhibkdbigdmb] - C:\ProgramData\comcastModemRelease\shortcuts\chrome\xfinity.crx [2013-02-08] CHR HKCU\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\End User\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [2013-10-24] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= R2 Application Sendori; C:\Program Files\Sendori\SendoriSvc.exe [120096 2014-05-07] (Sendori, Inc.) S4 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [44768 2011-11-28] (AVAST Software) S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation) R2 CouponPrinterService; C:\Program Files\Coupons\CouponPrinterService.exe [151536 2014-01-08] (Coupons.com Inc.) S3 GoToAssist Remote Support Customer; C:\Program Files\Citrix\GoToAssist Remote Support Customer\637\g2ax_service.exe [610888 2014-04-10] (Citrix Online, a division of Citrix Systems, Inc.) U2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-15] (McAfee, Inc.) R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-07-26] (Nitro PDF Software) S4 npggsvc; C:\Windows\system32\GameMon.des [3893752 2010-08-29] (INCA Internet Co., Ltd.) S4 RalinkRegistryWriter; C:\Program Files\INTELLINET\Common\RaRegistry.exe [185632 2009-12-17] (Ralink Technology, Corp.) R2 Service Sendori; C:\Program Files\Sendori\Sendori.Service.exe [22304 2014-05-07] (sendori) R2 sndappv2; C:\Program Files\Sendori\sndappv2.exe [3623200 2014-05-07] (Sendori) S4 WSN300MA; C:\Program Files\On Networks\N300MA\WifiSvc.exe [307456 2012-02-15] () ==================== Drivers (Whitelisted) ==================== S3 apf003; C:\Windows\system32\apf003.sys [13232 2013-04-09] () R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [20568 2011-11-28] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [55128 2011-11-28] (AVAST Software) R1 aswRdr; C:\Windows\system32\Drivers\aswRdr.sys [34392 2011-11-28] (AVAST Software) R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [435032 2011-11-28] (AVAST Software) R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [314456 2011-11-28] (AVAST Software) R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [52952 2011-11-28] (AVAST Software) R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-05-10] (AVG Technologies) R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [106256 2013-12-20] (BlueStack Systems) S3 ByakkoDriver; C:\Program Files\EliteKingdoms\Cabal Reloaded\Byakko.K32 [7936 2011-10-17] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-12] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation) S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [807936 2009-09-15] (Ralink Technology Corp.) R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114408 2014-03-11] (Power Software Ltd) R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [5120 2012-12-19] () S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2008-11-11] (LG Electronics Inc.) S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-11] (LG Electronics Inc.) S3 UsbGps; C:\Windows\System32\DRIVERS\lgusbgps.sys [19968 2008-11-11] (LG Electronics Inc.) S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-11] (LG Electronics Inc.) S3 wna3100m; C:\Windows\System32\DRIVERS\n300ma.sys [951552 2012-01-09] (NETGEAR Corporation ) S3 catchme; \??\C:\Users\ENDUSE~1\AppData\Local\Temp\catchme.sys [X] S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X] S3 mcdbus; system32\DRIVERS\mcdbus.sys [X] S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] S0 wgvcv; System32\drivers\mtdv.sys [X] S3 XDva359; \??\C:\Windows\system32\XDva359.sys [X] S3 XDva400; \??\C:\Windows\system32\XDva400.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-12 21:43 - 2014-05-12 21:43 - 00024265 _____ () C:\Users\End User\Desktop\FRST.txt 2014-05-12 21:43 - 2014-05-12 21:43 - 00000000 ____D () C:\FRST 2014-05-12 21:42 - 2014-05-12 21:42 - 01056256 _____ (Farbar) C:\Users\End User\Desktop\FRST.exe 2014-05-12 21:38 - 2014-05-12 21:38 - 00000000 ____D () C:\Users\End User\Downloads\The Sims Castaway Stories [PROPER] [PC] [English] [spaTorrent.com] 2014-05-12 11:20 - 2014-05-12 11:20 - 00002018 _____ () C:\Users\Public\Desktop\Planescape Torment.lnk 2014-05-12 11:20 - 2014-05-12 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2014-05-12 11:18 - 2014-05-12 11:18 - 00797186 _____ () C:\Users\End User\Downloads\widescreen-v3.05.exe 2014-05-12 11:17 - 2014-05-12 11:17 - 00000000 ____D () C:\Program Files\GOG.com 2014-05-12 08:57 - 2014-05-12 12:16 - 00000000 ____D () C:\Users\End User\Desktop\Planescape Torment [GOG] 2014-05-11 16:04 - 2014-05-11 20:15 - 00000000 ____D () C:\Users\End User\Desktop\NO$GBA 2014-05-11 16:00 - 2014-05-11 16:07 - 00000000 ____D () C:\Users\End User\Downloads\Captain America The Winter Soldier 2014 TS XviD MP3 MiLLENiUM 2014-05-11 13:12 - 2014-05-11 13:12 - 00000000 ____D () C:\Users\End User\Documents\My Cheat Tables 2014-05-11 11:20 - 2014-05-11 11:20 - 00000000 ____D () C:\Users\End User\AppData\Local\2K Games 2014-05-08 17:59 - 2014-05-08 18:09 - 1573835996 _____ () C:\Users\End User\Downloads\Jack.Ryan.Shadow.Recruit.2014.HDRip.XviD.AC3-EVO.avi 2014-05-08 11:28 - 2014-05-08 11:32 - 00000000 ____D () C:\Users\End User\Downloads\RoboCop (2014) DVDRip XviD-MAXSPEED 2014-05-08 03:04 - 2014-05-08 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help 2014-05-08 03:04 - 2014-05-08 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help 2014-05-07 22:39 - 2014-05-07 22:39 - 00000000 ____D () C:\Users\End User\AppData\Local\Skype 2014-05-07 22:38 - 2014-05-07 22:38 - 00002685 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-05-07 22:38 - 2014-05-07 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-05-07 22:38 - 2014-05-07 22:38 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-05-06 17:57 - 2014-05-06 17:57 - 00000000 _____ () C:\Users\End 2014-05-06 17:51 - 2014-05-06 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-05-06 17:51 - 2014-05-06 17:51 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services 2014-05-06 17:51 - 2014-05-06 17:51 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition 2014-05-06 17:49 - 2014-05-09 03:04 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-05-06 17:49 - 2014-05-06 17:49 - 00000000 ____D () C:\Users\End User\AppData\Local\Microsoft Help 2014-05-06 03:00 - 2014-05-06 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-06 02:35 - 2014-04-13 22:11 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-06 02:35 - 2014-04-13 22:07 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-05 14:44 - 2014-05-05 14:46 - 00000000 ____D () C:\Users\End User\Documents\Witcher 2 2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\Users\End User\AppData\Local\The Witcher 2 2014-05-04 22:16 - 2014-05-04 22:17 - 00000000 ____D () C:\Users\End User\Downloads\50 Cent (2003) - Get Rich Or Die Tryin 2014-05-04 21:39 - 2014-05-04 21:44 - 203918716 _____ () C:\Users\End User\Downloads\White Lion - Definitive Rock (2007) [Mp3][www.zonatorrent.com].rar 2014-05-04 21:30 - 2014-05-04 21:32 - 00000000 ____D () C:\Users\End User\Downloads\Protest The Hero - Volition [2013] 2014-05-04 19:44 - 2014-05-04 19:48 - 25001573 _____ () C:\Users\End User\Downloads\Elliott Yamin - Elliott Yamin.rar 2014-05-04 18:08 - 2014-05-04 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-05-04 18:08 - 2014-05-04 18:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-05-04 14:27 - 2014-05-04 14:27 - 00000000 ____D () C:\Users\End User\AppData\Roaming\Unity 2014-05-04 14:19 - 2014-05-04 14:19 - 01070496 _____ (Unity Technologies ApS) C:\Users\End User\Downloads\UnityWebPlayer.exe 2014-05-04 14:19 - 2014-05-04 14:19 - 00000000 ____D () C:\Users\End User\AppData\Local\Unity 2014-05-03 03:00 - 2014-04-29 08:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-03 03:00 - 2014-04-29 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-01 13:46 - 2014-05-01 13:46 - 00001713 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-01 13:46 - 2014-05-01 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-01 13:45 - 2014-05-01 13:46 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-05-01 13:45 - 2014-05-01 13:46 - 00000000 ____D () C:\Program Files\iTunes 2014-05-01 13:45 - 2014-05-01 13:45 - 00000000 ____D () C:\Program Files\iPod 2014-05-01 13:40 - 2014-05-01 13:40 - 00001775 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-05-01 13:40 - 2014-05-01 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-05-01 13:40 - 2014-05-01 13:40 - 00000000 ____D () C:\Program Files\QuickTime 2014-04-29 17:06 - 2014-04-29 17:06 - 01431999 _____ (Timeslip, Q ) C:\Users\End User\Downloads\Old FOMM-640.exe 2014-04-29 17:06 - 2014-04-29 17:06 - 01404186 _____ (Q, Timeslip ) C:\Users\End User\Downloads\New FOMM-640-0-13-21(1).exe 2014-04-29 16:59 - 2014-04-29 16:59 - 00000000 ____D () C:\Users\End User\AppData\Local\FOMM 2014-04-29 16:59 - 2014-04-29 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout Mod Manager 2014-04-29 16:59 - 2014-04-29 16:59 - 00000000 ____D () C:\Program Files\GeMM 2014-04-29 16:58 - 2014-04-29 16:58 - 01404186 _____ (Q, Timeslip ) C:\Users\End User\Downloads\New FOMM-640-0-13-21.exe 2014-04-29 16:43 - 2014-04-29 17:16 - 00000000 ____D () C:\Users\End User\AppData\Local\Fallout3 2014-04-29 16:42 - 2014-04-29 16:42 - 00001298 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk 2014-04-29 16:42 - 2014-04-29 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace 2014-04-29 16:42 - 2014-04-29 16:42 - 00000000 ____D () C:\Program Files\Microsoft Games for Windows - LIVE 2014-04-29 16:41 - 2014-04-29 16:41 - 00638104 _____ (Microsoft Corporation) C:\Users\End User\Downloads\gfwlivesetup.exe 2014-04-29 16:19 - 2014-04-29 16:19 - 00000000 ____D () C:\Program Files\Bethesda Softworks 2014-04-29 16:16 - 2014-04-29 16:16 - 00000000 ____D () C:\Windows\system32\xlive 2014-04-29 13:20 - 2014-04-29 13:20 - 00000042 _____ () C:\Users\End User\AppData\Roaming\WB.CFG 2014-04-29 13:03 - 2014-04-29 13:03 - 00000000 ____D () C:\Users\End User\AppData\Roaming\PowerISO 2014-04-29 13:02 - 2014-04-29 13:02 - 00000951 _____ () C:\Users\Public\Desktop\PowerISO.lnk 2014-04-29 13:02 - 2014-04-29 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO 2014-04-29 13:02 - 2014-04-29 13:02 - 00000000 ____D () C:\Program Files\PowerISO 2014-04-29 12:20 - 2014-05-12 21:20 - 00000304 _____ () C:\Windows\Tasks\MySearchDial.job 2014-04-29 12:14 - 2014-04-29 12:39 - 00000000 ____D () C:\Users\End User\Downloads\Fallout 3 - Game of the Year Edition [Final]-RELOADED 2014-04-29 03:01 - 2014-03-06 04:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-29 03:01 - 2014-03-06 04:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-29 03:01 - 2014-03-06 04:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-29 03:01 - 2014-03-06 03:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-29 03:01 - 2014-03-06 03:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-29 03:01 - 2014-03-06 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-29 03:01 - 2014-03-06 03:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-29 03:01 - 2014-03-06 03:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-29 03:01 - 2014-03-06 03:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-29 03:01 - 2014-03-06 03:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-29 03:01 - 2014-03-06 03:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-29 03:01 - 2014-03-06 03:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-29 03:01 - 2014-03-06 03:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-29 03:01 - 2014-03-06 02:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-29 03:01 - 2014-03-06 01:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-29 03:00 - 2014-03-06 04:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-29 03:00 - 2014-03-06 03:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-29 03:00 - 2014-03-06 03:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-29 03:00 - 2014-03-06 03:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-29 03:00 - 2014-03-06 03:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-29 03:00 - 2014-03-06 02:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-29 03:00 - 2014-03-06 02:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-29 03:00 - 2014-03-06 01:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-29 03:00 - 2014-03-06 01:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-28 22:36 - 2014-04-28 22:36 - 00000000 ____D () C:\TDSSKiller_Quarantine 2014-04-28 22:03 - 2014-05-12 18:49 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-28 22:03 - 2014-04-28 22:03 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\End User\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-28 22:03 - 2014-04-28 22:03 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-04-28 22:03 - 2014-04-28 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-04-28 22:03 - 2014-04-28 22:03 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-04-28 22:03 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-28 22:03 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-28 22:03 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-04-28 15:38 - 2014-04-28 15:38 - 17931952 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe 2014-04-27 13:52 - 2014-04-27 13:52 - 00000000 ____D () C:\Users\test\AppData\Roaming\Adobe 2014-04-27 13:52 - 2014-04-27 13:52 - 00000000 ____D () C:\Users\test\AppData\Local\Adobe 2014-04-27 13:50 - 2014-04-27 13:56 - 00000000 ___RD () C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-04-27 13:50 - 2013-12-22 13:11 - 00000000 ____D () C:\Users\test\AppData\Roaming\Macromedia 2014-04-27 13:49 - 2014-04-27 13:56 - 00000000 ____D () C:\Users\test 2014-04-25 18:07 - 2014-05-12 21:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-25 18:07 - 2014-05-04 18:08 - 00001972 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-04-25 18:07 - 2014-04-28 15:38 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-04-25 18:07 - 2014-04-27 13:56 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-04-25 15:03 - 2014-04-28 15:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-04-24 19:58 - 2014-04-24 19:58 - 00000000 ____D () C:\Users\End User\AppData\Roaming\Awesomium 2014-04-24 19:49 - 2014-04-27 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios 2014-04-24 19:49 - 2014-04-24 19:50 - 00000000 ____D () C:\Program Files\Hi-Rez Studios 2014-04-24 19:49 - 2014-04-24 19:49 - 00001943 _____ () C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk 2014-04-24 19:49 - 2014-04-24 19:49 - 00001934 _____ () C:\Users\Public\Desktop\Smite.lnk 2014-04-24 19:49 - 2014-04-24 19:49 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios 2014-04-24 19:42 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-04-24 19:37 - 2014-02-06 21:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-04-24 19:37 - 2014-02-03 22:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-24 19:37 - 2014-02-03 22:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-24 19:37 - 2014-02-03 22:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-24 19:37 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-24 19:37 - 2014-01-27 22:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-04-24 19:36 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-04-24 19:36 - 2014-01-23 22:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-24 19:28 - 2014-03-04 05:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-24 19:28 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-04-24 19:12 - 2014-04-24 19:12 - 39967251 _____ (Hi-Rez Studios) C:\Users\End User\Downloads\InstallHiRezGamesEnglish.exe 2014-04-18 19:04 - 2014-04-18 19:04 - 21786864 _____ () C:\Users\End User\Downloads\N300MA_V1.1.0.1.zip ==================== One Month Modified Files and Folders ======= 2014-05-12 21:43 - 2014-05-12 21:43 - 00024265 _____ () C:\Users\End User\Desktop\FRST.txt 2014-05-12 21:43 - 2014-05-12 21:43 - 00000000 ____D () C:\FRST 2014-05-12 21:42 - 2014-05-12 21:42 - 01056256 _____ (Farbar) C:\Users\End User\Desktop\FRST.exe 2014-05-12 21:42 - 2010-09-10 07:49 - 00000000 ____D () C:\Users\End User\AppData\Roaming\BitTorrent 2014-05-12 21:40 - 2011-12-17 23:12 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3936776656-3842963282-3635982794-1000UA.job 2014-05-12 21:39 - 2013-11-29 21:15 - 00000330 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job 2014-05-12 21:38 - 2014-05-12 21:38 - 00000000 ____D () C:\Users\End User\Downloads\The Sims Castaway Stories [PROPER] [PC] [English] [spaTorrent.com] 2014-05-12 21:38 - 2014-04-25 18:07 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-12 21:31 - 2011-10-17 20:38 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3936776656-3842963282-3635982794-1000UA.job 2014-05-12 21:20 - 2014-04-29 12:20 - 00000304 _____ () C:\Windows\Tasks\MySearchDial.job 2014-05-12 19:53 - 2010-09-11 22:26 - 00000000 ____D () C:\Users\End User\AppData\Local\PMB Files 2014-05-12 18:49 - 2014-04-28 22:03 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-12 15:31 - 2011-10-17 20:38 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3936776656-3842963282-3635982794-1000Core.job 2014-05-12 14:02 - 2010-09-03 01:15 - 01294353 _____ () C:\Windows\WindowsUpdate.log 2014-05-12 12:16 - 2014-05-12 08:57 - 00000000 ____D () C:\Users\End User\Desktop\Planescape Torment [GOG] 2014-05-12 11:20 - 2014-05-12 11:20 - 00002018 _____ () C:\Users\Public\Desktop\Planescape Torment.lnk 2014-05-12 11:20 - 2014-05-12 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2014-05-12 11:18 - 2014-05-12 11:18 - 00797186 _____ () C:\Users\End User\Downloads\widescreen-v3.05.exe 2014-05-12 11:17 - 2014-05-12 11:17 - 00000000 ____D () C:\Program Files\GOG.com 2014-05-12 11:10 - 2009-07-14 00:34 - 00015376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-12 11:10 - 2009-07-14 00:34 - 00015376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-12 11:03 - 2013-05-25 00:23 - 00000340 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel.job 2014-05-12 11:03 - 2011-12-27 15:50 - 00078594 _____ () C:\Windows\setupact.log 2014-05-12 11:03 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-12 11:02 - 2010-09-10 22:59 - 00853532 _____ () C:\Windows\PFRO.log 2014-05-12 11:02 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\Branding 2014-05-12 11:00 - 2010-10-04 01:55 - 00000000 ____D () C:\Users\End User\AppData\Roaming\Skype 2014-05-12 09:32 - 2012-01-28 20:27 - 00000000 ____D () C:\Program Files\Steam 2014-05-12 04:40 - 2011-12-17 23:12 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3936776656-3842963282-3635982794-1000Core.job 2014-05-11 20:15 - 2014-05-11 16:04 - 00000000 ____D () C:\Users\End User\Desktop\NO$GBA 2014-05-11 16:07 - 2014-05-11 16:00 - 00000000 ____D () C:\Users\End User\Downloads\Captain America The Winter Soldier 2014 TS XviD MP3 MiLLENiUM 2014-05-11 13:12 - 2014-05-11 13:12 - 00000000 ____D () C:\Users\End User\Documents\My Cheat Tables 2014-05-11 11:20 - 2014-05-11 11:20 - 00000000 ____D () C:\Users\End User\AppData\Local\2K Games 2014-05-11 10:16 - 2010-09-11 22:26 - 00000000 ____D () C:\ProgramData\PMB Files 2014-05-09 22:07 - 2010-09-03 01:19 - 00006648 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-09 15:16 - 2011-11-13 00:49 - 00000000 ____D () C:\Users\End User\AppData\Local\CrashDumps 2014-05-09 03:04 - 2014-05-06 17:49 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-05-08 21:43 - 2013-11-29 21:00 - 00000000 ____D () C:\Users\End User\AppData\Roaming\HpUpdate 2014-05-08 18:09 - 2014-05-08 17:59 - 1573835996 _____ () C:\Users\End User\Downloads\Jack.Ryan.Shadow.Recruit.2014.HDRip.XviD.AC3-EVO.avi 2014-05-08 11:32 - 2014-05-08 11:28 - 00000000 ____D () C:\Users\End User\Downloads\RoboCop (2014) DVDRip XviD-MAXSPEED 2014-05-08 10:56 - 2012-02-12 19:39 - 00000000 ____D () C:\Program Files\iMesh Applications 2014-05-08 03:24 - 2009-07-14 00:33 - 03715776 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-05-08 03:10 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-05-08 03:04 - 2014-05-08 03:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help 2014-05-08 03:04 - 2014-05-08 03:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help 2014-05-07 23:07 - 2010-09-10 07:00 - 00068568 _____ () C:\Users\End User\AppData\Local\GDIPFONTCACHEV1.DAT 2014-05-07 22:39 - 2014-05-07 22:39 - 00000000 ____D () C:\Users\End User\AppData\Local\Skype 2014-05-07 22:39 - 2010-10-04 01:55 - 00000000 ____D () C:\ProgramData\Skype 2014-05-07 22:38 - 2014-05-07 22:38 - 00002685 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-05-07 22:38 - 2014-05-07 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-05-07 22:38 - 2014-05-07 22:38 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-05-07 22:38 - 2013-10-01 18:24 - 00000000 ___RD () C:\Program Files\Skype 2014-05-07 20:10 - 2013-11-30 20:02 - 00000000 ____D () C:\Program Files\Sendori 2014-05-07 13:53 - 2013-11-30 20:03 - 00325920 _____ (Sendori) C:\Windows\system32\Sendori.dll 2014-05-06 17:57 - 2014-05-06 17:57 - 00000000 _____ () C:\Users\End 2014-05-06 17:51 - 2014-05-06 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-05-06 17:51 - 2014-05-06 17:51 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services 2014-05-06 17:51 - 2014-05-06 17:51 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition 2014-05-06 17:51 - 2011-10-15 03:01 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-05-06 17:51 - 2010-09-26 01:49 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-05-06 17:51 - 2009-07-13 22:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-05-06 17:49 - 2014-05-06 17:49 - 00000000 ____D () C:\Users\End User\AppData\Local\Microsoft Help 2014-05-06 03:00 - 2014-05-06 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-05 14:46 - 2014-05-05 14:44 - 00000000 ____D () C:\Users\End User\Documents\Witcher 2 2014-05-05 14:44 - 2014-05-05 14:44 - 00000000 ____D () C:\Users\End User\AppData\Local\The Witcher 2 2014-05-04 22:17 - 2014-05-04 22:16 - 00000000 ____D () C:\Users\End User\Downloads\50 Cent (2003) - Get Rich Or Die Tryin 2014-05-04 21:44 - 2014-05-04 21:39 - 203918716 _____ () C:\Users\End User\Downloads\White Lion - Definitive Rock (2007) [Mp3][www.zonatorrent.com].rar 2014-05-04 21:32 - 2014-05-04 21:30 - 00000000 ____D () C:\Users\End User\Downloads\Protest The Hero - Volition [2013] 2014-05-04 21:15 - 2011-12-17 23:57 - 00019968 ___SH () C:\Users\End User\Downloads\Thumbs.db 2014-05-04 19:48 - 2014-05-04 19:44 - 25001573 _____ () C:\Users\End User\Downloads\Elliott Yamin - Elliott Yamin.rar 2014-05-04 18:08 - 2014-05-04 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-05-04 18:08 - 2014-05-04 18:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-05-04 18:08 - 2014-04-25 18:07 - 00001972 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-05-04 14:27 - 2014-05-04 14:27 - 00000000 ____D () C:\Users\End User\AppData\Roaming\Unity 2014-05-04 14:19 - 2014-05-04 14:19 - 01070496 _____ (Unity Technologies ApS) C:\Users\End User\Downloads\UnityWebPlayer.exe 2014-05-04 14:19 - 2014-05-04 14:19 - 00000000 ____D () C:\Users\End User\AppData\Local\Unity 2014-05-03 12:47 - 2010-09-26 01:50 - 00000000 ____D () C:\Users\End User\AppData\Roaming\SoftGrid Client 2014-05-03 03:18 - 2009-07-13 22:37 - 00000000 __RSD () C:\Windows\Media 2014-05-01 15:55 - 2013-04-08 09:30 - 00000000 ____D () C:\Games 2014-05-01 13:46 - 2014-05-01 13:46 - 00001713 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-01 13:46 - 2014-05-01 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-01 13:46 - 2014-05-01 13:45 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-05-01 13:46 - 2014-05-01 13:45 - 00000000 ____D () C:\Program Files\iTunes 2014-05-01 13:45 - 2014-05-01 13:45 - 00000000 ____D () C:\Program Files\iPod 2014-05-01 13:45 - 2010-10-01 19:52 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-05-01 13:40 - 2014-05-01 13:40 - 00001775 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-05-01 13:40 - 2014-05-01 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-05-01 13:40 - 2014-05-01 13:40 - 00000000 ____D () C:\Program Files\QuickTime 2014-04-30 17:11 - 2012-03-16 02:27 - 00000000 ____D () C:\BROOD 2014-04-29 17:16 - 2014-04-29 16:43 - 00000000 ____D () C:\Users\End User\AppData\Local\Fallout3 2014-04-29 17:06 - 2014-04-29 17:06 - 01431999 _____ (Timeslip, Q ) C:\Users\End User\Downloads\Old FOMM-640.exe 2014-04-29 17:06 - 2014-04-29 17:06 - 01404186 _____ (Q, Timeslip ) C:\Users\End User\Downloads\New FOMM-640-0-13-21(1).exe 2014-04-29 16:59 - 2014-04-29 16:59 - 00000000 ____D () C:\Users\End User\AppData\Local\FOMM 2014-04-29 16:59 - 2014-04-29 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout Mod Manager 2014-04-29 16:59 - 2014-04-29 16:59 - 00000000 ____D () C:\Program Files\GeMM 2014-04-29 16:58 - 2014-04-29 16:58 - 01404186 _____ (Q, Timeslip ) C:\Users\End User\Downloads\New FOMM-640-0-13-21.exe 2014-04-29 16:43 - 2013-01-10 00:38 - 00000000 ____D () C:\Users\End User\Documents\My Games 2014-04-29 16:42 - 2014-04-29 16:42 - 00001298 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk 2014-04-29 16:42 - 2014-04-29 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace 2014-04-29 16:42 - 2014-04-29 16:42 - 00000000 ____D () C:\Program Files\Microsoft Games for Windows - LIVE 2014-04-29 16:42 - 2009-07-14 00:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-04-29 16:41 - 2014-04-29 16:41 - 00638104 _____ (Microsoft Corporation) C:\Users\End User\Downloads\gfwlivesetup.exe 2014-04-29 16:19 - 2014-04-29 16:19 - 00000000 ____D () C:\Program Files\Bethesda Softworks 2014-04-29 16:19 - 2010-09-12 17:59 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-04-29 16:17 - 2014-02-24 14:50 - 00037476 _____ () C:\Windows\DirectX.log 2014-04-29 16:16 - 2014-04-29 16:16 - 00000000 ____D () C:\Windows\system32\xlive 2014-04-29 16:15 - 2012-12-06 15:23 - 00000000 ____D () C:\Program Files\Common Files\InstallShield 2014-04-29 13:20 - 2014-04-29 13:20 - 00000042 _____ () C:\Users\End User\AppData\Roaming\WB.CFG 2014-04-29 13:03 - 2014-04-29 13:03 - 00000000 ____D () C:\Users\End User\AppData\Roaming\PowerISO 2014-04-29 13:02 - 2014-04-29 13:02 - 00000951 _____ () C:\Users\Public\Desktop\PowerISO.lnk 2014-04-29 13:02 - 2014-04-29 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO 2014-04-29 13:02 - 2014-04-29 13:02 - 00000000 ____D () C:\Program Files\PowerISO 2014-04-29 12:39 - 2014-04-29 12:14 - 00000000 ____D () C:\Users\End User\Downloads\Fallout 3 - Game of the Year Edition [Final]-RELOADED 2014-04-29 11:28 - 2013-08-29 15:01 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-29 11:28 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-29 08:48 - 2014-05-03 03:00 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-29 08:34 - 2014-05-03 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-29 03:55 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\rescache 2014-04-28 23:21 - 2009-07-14 00:53 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-04-28 23:15 - 2013-04-06 19:33 - 00000000 ____D () C:\Windows\erdnt 2014-04-28 22:36 - 2014-04-28 22:36 - 00000000 ____D () C:\TDSSKiller_Quarantine 2014-04-28 22:25 - 2013-12-18 20:20 - 00147339 ____N () C:\Windows\Minidump\042814-19110-01.dmp 2014-04-28 22:25 - 2011-11-27 00:12 - 00000000 ____D () C:\Windows\Minidump 2014-04-28 22:22 - 2013-12-18 20:20 - 00147339 ____N () C:\Windows\Minidump\042814-32510-01.dmp 2014-04-28 22:07 - 2013-11-30 20:03 - 00000000 ____D () C:\Program Files\Bench 2014-04-28 22:07 - 2013-11-19 21:23 - 00000000 ____D () C:\ProgramData\Updater 2014-04-28 22:07 - 2013-09-20 14:46 - 00000000 ____D () C:\Users\End User\AppData\Roaming\Search Protection 2014-04-28 22:07 - 2013-09-18 13:25 - 00000000 ____D () C:\ProgramData\Conduit 2014-04-28 22:03 - 2014-04-28 22:03 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\End User\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-28 22:03 - 2014-04-28 22:03 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-04-28 22:03 - 2014-04-28 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-04-28 22:03 - 2014-04-28 22:03 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-04-28 22:03 - 2013-05-28 13:18 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-28 22:01 - 2013-12-18 20:20 - 00147659 ____N () C:\Windows\Minidump\042814-21793-01.dmp 2014-04-28 21:58 - 2013-12-18 20:20 - 00147339 ____N () C:\Windows\Minidump\042814-30591-01.dmp 2014-04-28 21:56 - 2013-12-18 20:20 - 00148107 ____N () C:\Windows\Minidump\042814-20810-01.dmp 2014-04-28 15:38 - 2014-04-28 15:38 - 17931952 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe 2014-04-28 15:38 - 2014-04-25 18:07 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-04-28 15:38 - 2014-04-25 15:03 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-04-27 13:57 - 2013-11-30 20:36 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.1 2014-04-27 13:57 - 2013-09-26 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III 2014-04-27 13:57 - 2010-09-28 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Seminars 2014-04-27 13:57 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\wfp 2014-04-27 13:56 - 2014-04-27 13:50 - 00000000 ___RD () C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-04-27 13:56 - 2014-04-27 13:49 - 00000000 ____D () C:\Users\test 2014-04-27 13:56 - 2014-04-25 18:07 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-04-27 13:56 - 2014-04-24 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios 2014-04-27 13:56 - 2014-04-11 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2014-04-27 13:56 - 2014-02-22 15:39 - 00000000 ____D () C:\Users\End User\Downloads\Thor.The.Dark.World.2013.HDRip.XviD-AQOS 2014-04-27 13:56 - 2014-02-09 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-04-27 13:56 - 2014-01-30 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons 2014-04-27 13:56 - 2013-12-29 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 2014-04-27 13:56 - 2013-11-29 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2014-04-27 13:56 - 2013-11-19 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Break For Games 2014-04-27 13:56 - 2013-11-18 00:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayFirst 2014-04-27 13:56 - 2013-11-08 01:16 - 00000000 ____D () C:\Users\End User\Downloads\American.Horror.Story.S03E04.HDTV.x264-2HD[rarbg] 2014-04-27 13:56 - 2013-10-16 01:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-27 13:56 - 2013-10-02 12:23 - 00000000 ____D () C:\Users\Guest 2014-04-27 13:56 - 2013-03-29 00:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2014-04-27 13:56 - 2013-03-12 04:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow 2014-04-27 13:56 - 2013-01-13 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileViewer 2014-04-27 13:56 - 2012-12-17 01:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ventrilo 2014-04-27 13:56 - 2012-12-15 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mplayer 2014-04-27 13:56 - 2012-12-02 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall 2014-04-27 13:56 - 2012-03-16 02:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAZOR 1911 2014-04-27 13:56 - 2012-01-30 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center 2014-04-27 13:56 - 2012-01-28 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-04-27 13:56 - 2011-11-11 23:00 - 00000000 ____D () C:\Windows\system32\Adobe 2014-04-27 13:56 - 2011-10-14 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-04-27 13:56 - 2011-10-13 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\INTELLINET WLAN 2014-04-27 13:56 - 2010-09-26 01:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Student (English) 2014-04-27 13:56 - 2010-09-12 12:25 - 00000000 ____D () C:\Windows\system32\Macromed 2014-04-27 13:56 - 2010-09-11 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-04-27 13:56 - 2010-09-10 07:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus 2014-04-27 13:56 - 2009-07-13 22:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-04-27 13:56 - 2009-07-13 22:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-04-27 13:56 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\registration 2014-04-27 13:56 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\AppCompat 2014-04-27 13:55 - 2010-09-16 19:38 - 00000000 ____D () C:\Program Files\Java 2014-04-27 13:52 - 2014-04-27 13:52 - 00000000 ____D () C:\Users\test\AppData\Roaming\Adobe 2014-04-27 13:52 - 2014-04-27 13:52 - 00000000 ____D () C:\Users\test\AppData\Local\Adobe 2014-04-25 20:36 - 2013-10-16 01:21 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-25 18:06 - 2010-09-30 19:22 - 00000000 ____D () C:\Users\End User\AppData\Local\Adobe 2014-04-25 03:09 - 2011-10-14 07:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-04-25 01:42 - 2013-12-18 20:20 - 00147595 ____N () C:\Windows\Minidump\042514-40076-01.dmp 2014-04-24 19:58 - 2014-04-24 19:58 - 00000000 ____D () C:\Users\End User\AppData\Roaming\Awesomium 2014-04-24 19:50 - 2014-04-24 19:49 - 00000000 ____D () C:\Program Files\Hi-Rez Studios 2014-04-24 19:49 - 2014-04-24 19:49 - 00001943 _____ () C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk 2014-04-24 19:49 - 2014-04-24 19:49 - 00001934 _____ () C:\Users\Public\Desktop\Smite.lnk 2014-04-24 19:49 - 2014-04-24 19:49 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios 2014-04-24 19:15 - 2013-12-18 20:20 - 00148107 ____N () C:\Windows\Minidump\042414-65941-01.dmp 2014-04-24 19:15 - 2011-11-12 01:21 - 00000000 ____D () C:\ProgramData\Norton 2014-04-24 19:12 - 2014-04-24 19:12 - 39967251 _____ (Hi-Rez Studios) C:\Users\End User\Downloads\InstallHiRezGamesEnglish.exe 2014-04-18 19:04 - 2014-04-18 19:04 - 21786864 _____ () C:\Users\End User\Downloads\N300MA_V1.1.0.1.zip 2014-04-13 22:11 - 2014-05-06 02:35 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-04-13 22:07 - 2014-05-06 02:35 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll Files to move or delete: ==================== C:\Users\End User\jagex_cl_runescape_LIVE.dat C:\Users\End User\jagex_runescape_preferences.dat C:\Users\End User\jagex_runescape_preferences2.dat C:\Users\End User\jagex__preferences3.dat C:\Windows\Tasks\{BE272495-317E-4606-AB9C-34B6F83B8FEF}.job Some content of TEMP: ==================== C:\Users\End User\AppData\Local\temp\catchme.dll C:\Users\End User\AppData\Local\temp\jre-7u55-windows-i586-iftw.exe C:\Users\End User\AppData\Local\temp\Uresponse.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-09 00:29 ==================== End Of Log ============================

My friend asked me to take a look at his desktop yesterday and I removed a lot of viruses that plagued his computer. I want to try to not remove anything from his computer because I'll never hear the end of it. As the topic reads, I have a problem that keeps persisting. These annoying video ads keep showing up in the lower right hand corner of the screen when I use the browser (Only using it because I'm trying to go through as many possible infected areas to see if there's an issue). I removed a couple of nasty trojans for him already that kept shutting down his computer (Whihch he's happy about) but I can't get rid of these annoying ads. Since the ads are still there I'm kinda worried I haven't gotten rid of everything else that might be on it. Any help is appreciated! Thanks for your time!

Mobile Intel® 945 Express Chipset Family w/ 256MB memory.

MBAM Log: Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Database version: 6894 Windows 6.1.7600 Internet Explorer 9.0.8112.16421 6/19/2011 6:33:30 AM mbam-log-2011-06-19 (06-33-30).txt Scan type: Quick scan Objects scanned: 178798 Time elapsed: 10 minute(s), 57 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) DDS.txt . DDS (Ver_2011-06-12.02) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_25 Run by Scott at 6:27:46 on 2011-06-19 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.1526.334 [GMT -4:00] . AV: BitDefender Antivirus *Enabled/Updated* {50909708-FF80-02AF-F814-B28405891E92} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Spy Sweeper *Enabled/Updated* {E840FC75-2A0B-9A7C-D915-4D1380A5C223} SP: BitDefender Antispyware *Enabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F} FW: BitDefender Firewall *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe C:\Windows\system32\ibmpmsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\rundll32.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\AEADISRV.EXE C:\Windows\System32\svchost.exe -k Akamai C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\DRIVERS\xaudio.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe C:\Windows\system32\sppsvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\Dwm.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Lenovo\TrackPoint\tp4serv.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe C:\Program Files\MagicDisc\MagicDisc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\DllHost.exe C:\Program Files\Webroot\WebrootSecurity\SSU.EXE C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Internet Explorer\IELowutil.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Webroot\Washer\WasherSvc.exe C:\Program Files\Webroot\Washer\wwDisp.exe C:\Windows\explorer.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://google.com/ mStart Page = about:blank uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll uURLSearchHooks: FCToolbarURLSearchHook Class: {edc8d02a-7ae5-1094-ddc0-16d2381944d0} - c:\program files\socialribbons lp 1\Helper.dll uURLSearchHooks: H - No File uURLSearchHooks: H - No File mURLSearchHooks: H - No File BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: SocialRibbons LP 1: {2f3d5040-d8e1-f5b4-150e-f532a5f23615} - c:\program files\socialribbons lp 1\Toolbar.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: DCA BHO: {b49699fc-1665-4414-a1cb-c4a2a4a13eec} - c:\program files\common files\freecause\dca\dca-bho.dll BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2011\IEToolbar.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe uRun: [Window Washer] "c:\program files\webroot\washer\wwDisp.exe" mRun: [soundMAXPnP] "c:\program files\analog devices\core\smax4pnp.exe" mRun: [TrackPointSrv] "c:\program files\lenovo\trackpoint\tp4serv.exe" mRun: [igfxTray] "c:\windows\system32\igfxtray.exe" mRun: [HotKeysCmds] "c:\windows\system32\hkcmd.exe" mRun: [Persistence] "c:\windows\system32\igfxpers.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [AppleSyncNotifier] "c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [bitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2011\ieshow.exe" mRun: [bDAgent] "c:\program files\bitdefender\bitdefender 2011\bdagent.exe" mRun: [<NO NAME>] mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe" mRun: [Philips Device Listener] "c:\program files\philips\philips songbird resources\autolauncher\PhilipsDeviceListener.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [spySweeper] "c:\program files\webroot\webrootsecurity\SpySweeperUI.exe" /startintray StartupFolder: c:\users\scott\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{2000B891-AF8C-4482-A380-0B41B83C9990} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{2000B891-AF8C-4482-A380-0B41B83C9990}\2456C6B696E6F574F505C65737F5D494D4F4F5343314437373 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{2000B891-AF8C-4482-A380-0B41B83C9990}\2596368616274637D27657563747 : DhcpNameServer = 68.87.71.230 68.87.73.246 TCP: Interfaces\{2000B891-AF8C-4482-A380-0B41B83C9990}\E656477656162723 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{F76C1E9C-2A72-4EF1-AEB1-4242824414B3} : DhcpNameServer = 192.168.1.1 Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll Notify: igfxcui - igfxdev.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\users\scott\appdata\roaming\mozilla\firefox\profiles\gjx9373r.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2956045&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Search the Web FF - prefs.js: browser.startup.homepage - google.com FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\couponalert_2pei\installr\1.bin\NP2pEISb.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll FF - plugin: c:\users\scott\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll FF - plugin: c:\windows\system32\wat\npWatWeb.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(general.useragent.extra.brc, . ============= SERVICES / DRIVERS =============== . R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-5-14 16184] R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [2011-3-22 29832] R1 bdfwfpf;bdfwfpf;c:\program files\common files\bitdefender\bitdefender firewall\bdfwfpf.sys [2010-7-15 88656] R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952] R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-13 20992] R3 BDFM;BDFM;c:\windows\system32\drivers\bdfm.sys [2010-5-13 152528] R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-4-14 45736] R3 NETwLv32; Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETwLv32.sys [2010-8-29 6637056] R3 Tp4Track;PS/2 TrackPoint Driver;c:\windows\system32\drivers\tp4track.sys [2009-11-24 23152] R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-4-1 39984] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-3-23 7408] S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360] S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992] S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504] S4 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2010-6-28 633424] S4 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2010-6-28 970320] . =============== Created Last 30 ================ . 2011-06-19 10:15:15 -------- d-----w- c:\program files\common files\Webroot Shared 2011-06-19 10:15:07 194888 ----a-w- c:\windows\Unwash6.exe 2011-06-16 20:19:08 -------- d-----w- c:\program files\Stunlock Studios 2011-06-16 20:16:12 -------- d-----w- c:\program files\Microsoft XNA 2011-06-14 19:21:17 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-06-14 19:21:16 141104 ----a-w- c:\program files\internet explorer\sqmapi.dll 2011-06-14 19:21:14 1797632 ----a-w- c:\windows\system32\jscript9.dll 2011-06-14 18:35:46 311296 ----a-w- c:\windows\system32\drivers\srv.sys 2011-06-14 18:35:46 309760 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-06-14 18:35:45 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-06-14 18:35:38 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-06-14 18:35:36 338944 ----a-w- c:\windows\system32\drivers\afd.sys 2011-06-14 18:35:04 571904 ----a-w- c:\windows\system32\oleaut32.dll 2011-06-14 18:34:55 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys 2011-06-14 18:34:50 740864 ----a-w- c:\windows\system32\inetcomm.dll 2011-06-14 18:34:41 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-06-14 18:34:39 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-06-14 18:34:38 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-06-14 17:06:33 -------- d-----w- c:\program files\common files\FreeCause 2011-06-14 17:06:24 -------- d-----w- c:\program files\SocialRibbons LP 1 2011-06-14 03:25:19 -------- d-----w- c:\users\scott\appdata\roaming\Philips 2011-06-14 03:16:54 -------- d-----w- c:\users\scott\appdata\roaming\Philips-Songbird 2011-06-14 03:16:54 -------- d-----w- c:\users\scott\appdata\local\Philips-Songbird 2011-06-14 03:16:01 -------- d-----w- c:\programdata\{F0489EF2-D393-4114-85BA-A94D71D89543} 2011-06-14 03:15:34 -------- d-----w- c:\program files\Philips 2011-06-13 20:21:05 -------- d-----w- c:\users\scott\appdata\roaming\AVS4YOU 2011-06-13 20:16:10 -------- d-----w- c:\program files\common files\AVSMedia 2011-06-13 20:16:04 24576 ----a-w- c:\windows\system32\msxml3a.dll 2011-06-13 20:16:04 1700352 ----a-w- c:\windows\system32\GdiPlus.dll 2011-06-13 20:16:03 -------- d-----w- c:\programdata\AVS4YOU 2011-06-13 20:16:03 -------- d-----w- c:\program files\AVS4YOU 2011-06-13 19:38:12 -------- d-----w- c:\users\scott\appdata\roaming\Tomato 2011-06-13 19:37:48 -------- d-----w- c:\program files\common files\Tomato 2011-06-13 18:47:15 -------- d-----w- c:\program files\ConvertHelper 2011-06-13 18:46:15 -------- d-----w- c:\users\scott\dwhelper 2011-06-13 12:22:15 -------- d-----w- c:\program files\Picaroon 2011-06-09 14:00:57 -------- d-----w- c:\windows\CheckSur 2011-06-08 01:03:15 -------- d-----w- c:\program files\Starcraft 2011-06-06 16:55:30 183696 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2011-06-06 16:55:30 183696 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll 2011-06-04 07:09:54 -------- d-----w- c:\program files\Bing Bar Installer 2011-06-04 07:09:49 -------- d-----w- c:\programdata\HP Photo Creations 2011-06-04 07:09:49 -------- d-----w- c:\program files\HP Photo Creations 2011-06-04 07:09:42 -------- d-----w- c:\program files\Coupons 2011-06-04 07:09:14 -------- d-----w- c:\users\scott\appdata\roaming\HpUpdate 2011-06-04 07:07:16 -------- d-----w- c:\program files\HP 2011-06-04 07:06:37 -------- d-----w- c:\users\scott\appdata\local\HP 2011-06-03 03:51:52 -------- d-----w- c:\program files\Warcraft III Reign of Chaos & The Frozen Throne 2011-06-01 13:48:06 -------- d-----w- c:\program files\Free Fire Screensaver 2011-06-01 13:47:51 -------- d-----w- c:\users\scott\appdata\roaming\Laconic Software 2011-05-31 19:02:22 -------- d-----w- c:\users\scott\appdata\roaming\SUPERAntiSpyware.com 2011-05-31 18:55:50 -------- d-----w- c:\program files\SUPERAntiSpyware 2011-05-29 20:24:01 -------- d-----w- c:\program files\CouponAlert_2pEI 2011-05-28 12:21:32 374272 ----a-w- c:\windows\system32\mss32.dll 2011-05-28 12:20:25 488960 ----a-r- c:\program files\microsoft games\age of mythology\GRANNY.DLL 2011-05-28 12:17:48 82000 ----a-w- c:\windows\system32\rockalldll.dll 2011-05-28 11:58:53 -------- d-----w- c:\program files\Microsoft Games 2011-05-25 14:19:41 -------- d-----w- c:\programdata\Media Center Programs 2011-05-25 11:20:16 0 ----a-w- c:\windows\system32\_r_a_p_.tmp 2011-05-25 11:19:22 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll 2011-05-24 10:43:27 -------- d-----w- c:\programdata\bdch 2011-05-22 17:00:24 -------- d-----w- c:\program files\MSXML 4.0 2011-05-22 13:01:23 -------- d-----w- c:\users\scott\Warcraft III 1.21b ROC Installer enUS 2011-05-22 12:36:04 -------- d-----w- c:\users\scott\appdata\local\Diagnostics 2011-05-22 12:17:52 -------- d-----w- c:\users\scott\appdata\local\Gas Powered Games 2011-05-22 04:58:22 -------- d-----w- c:\users\scott\appdata\local\Fallout3 2011-05-21 16:07:03 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-21 15:20:57 -------- d-----w- c:\users\scott\appdata\roaming\Lionhead Studios 2011-05-21 11:54:14 -------- d-----w- c:\program files\SystemRequirementsLab 2011-05-21 11:38:20 -------- d-----w- c:\users\scott\appdata\local\splash damage 2011-05-21 11:38:18 -------- d-----w- c:\users\scott\appdata\local\SKIDROW 2011-05-21 05:32:01 -------- d-----w- c:\program files\MSSOAP 2011-05-21 05:32:01 -------- d-----w- c:\program files\common files\MSSoap 2011-05-21 05:31:38 1563024 ----a-w- c:\windows\WRSetup.dll 2011-05-21 05:31:38 -------- d-----w- c:\users\scott\appdata\roaming\Webroot 2011-05-21 05:31:38 -------- d-----w- c:\programdata\Webroot 2011-05-21 05:31:37 -------- d-----w- c:\program files\Webroot 2011-05-21 00:31:08 -------- d-----w- c:\programdata\Nexon 2011-05-21 00:10:58 -------- d-----w- c:\programdata\NexonUS . ==================== Find3M ==================== . 2011-05-29 13:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-29 13:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-21 16:06:56 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-05-14 17:47:26 111960 ----a-w- c:\windows\dxsdkuninst.exe 2011-05-14 14:52:11 94208 ----a-w- c:\windows\rtpmsi32.dll 2011-05-14 14:25:49 685816 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-05-14 11:21:52 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2011-05-14 11:21:50 739840 ----a-w- c:\windows\system32\d2d1.dll 2011-05-14 11:21:50 135168 ----a-w- c:\windows\system32\XpsRasterService.dll 2011-05-14 11:21:50 1074176 ----a-w- c:\windows\system32\DWrite.dll 2011-05-14 11:21:47 801792 ----a-w- c:\windows\system32\FntCache.dll 2011-05-14 11:21:45 218624 ----a-w- c:\windows\system32\d3d10_1core.dll 2011-05-14 11:21:45 161792 ----a-w- c:\windows\system32\d3d10_1.dll 2011-05-14 11:21:44 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll 2011-05-14 11:21:44 1170944 ----a-w- c:\windows\system32\d3d10warp.dll 2011-05-14 11:21:43 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2011-05-14 11:21:43 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys 2011-05-14 11:21:43 107520 ----a-w- c:\windows\system32\cdd.dll 2011-05-14 11:21:42 442880 ----a-w- c:\windows\system32\XpsPrint.dll 2011-05-14 09:33:07 58169 ----a-w- c:\programdata\bdinstall.bin 2011-04-09 22:55:44 15453336 ----a-w- c:\windows\system32\xlive.dll 2011-04-09 22:55:42 13642904 ----a-w- c:\windows\system32\xlivefnt.dll 2011-04-09 17:17:46 17280 ----a-w- c:\windows\system32\roboot.exe 2011-04-09 06:13:06 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-04-09 06:13:06 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-04-09 05:56:38 123904 ----a-w- c:\windows\system32\poqexec.exe 2011-04-06 20:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll 2011-04-06 20:20:16 75040 ----a-w- c:\windows\system32\jdns_sd.dll 2011-04-06 20:20:16 197920 ----a-w- c:\windows\system32\dnssdX.dll 2011-04-06 20:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe 2011-04-02 12:03:16 2 --shatr- c:\windows\winstart.bat 2011-03-22 14:14:22 29832 ----a-w- c:\windows\system32\drivers\ssfs0bbc.sys 2011-03-22 14:14:22 23176 ----a-w- c:\windows\system32\drivers\sshrmd.sys 2011-03-22 14:14:22 176776 ----a-w- c:\windows\system32\drivers\ssidrv.sys 2010-07-08 14:37:14 101544 ----a-w- c:\program files\common files\LinkInstaller.exe . ============= FINISH: 6:36:42.30 ===============

I'm running windows 7 professional x32 bit. On a side note, I'm confused as to trying to update my graphics card drivers. This laptop is custom built by my uncle who works as a computer specialist for Harvard. This would mean that despite the fact that it's a windows 7 OS that I wouldn't be able to run high spec games. Sometimes the only logical thing to do is to update my drivers. Could you also help me with that? I'm almost new to windows 7, so I don't know how to update the mandatory drivers.

I was playing a round of Starcraft: Brood-war when suddenly I got an error stating: I looked it up and some people say it might be due to BHO's/Viruses. Can someone help? Thank you.

Eset: C:\Users\win7-test\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\23dbfa3d-6f2cc32f multiple threats deleted - quarantined C:\_OTL\MovedFiles\04022011_121549\C_Windows\System32\scrnsave9.dll a variant of Win32/Kryptik.NDI trojan cleaned by deleting - quarantined SecurityCheck: Results of screen317's Security Check version 0.99.10 Windows 7 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! ESET Online Scanner v3 WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware Java 6 Update 24 Adobe Flash Player 10.2.159.1 Adobe Reader X (10.0.1) Mozilla Firefox (x86 en-US..) ```````````````````````````````` Process Check: objlist.exe by Laurent ``````````End of Log````````````

ComboFix 11-05-11.01 - Scott 05/11/2011 17:19:19.2.2 - x86 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.1526.995 [GMT -4:00] Running from: c:\users\Scott\Downloads\ComboFix.exe SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2011-04-11 to 2011-05-11 ))))))))))))))))))))))))))))))) . . 2011-05-06 09:48 . 2011-05-06 09:48 -------- d-----w- c:\users\Scott\AppData\Roaming\SUPERAntiSpyware.com 2011-05-06 09:48 . 2011-05-06 09:48 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2011-05-06 09:47 . 2011-05-06 09:47 -------- d-----w- c:\program files\SuperAntiSpyware - Professional - XxXFreakyXxX 2011-05-06 01:42 . 2011-05-06 01:42 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll 2011-05-06 01:42 . 2011-05-06 01:42 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll 2011-05-06 01:42 . 2011-05-06 01:42 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll 2011-05-06 01:42 . 2011-05-06 01:42 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll 2011-05-06 01:42 . 2011-05-06 01:42 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll 2011-05-06 01:42 . 2011-05-06 01:42 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll 2011-05-06 01:42 . 2011-05-06 01:42 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll 2011-05-06 01:42 . 2011-05-06 01:42 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2011-05-05 00:36 . 2011-05-05 00:36 -------- d-----w- c:\users\win7-test\AppData\Roaming\Unity 2011-05-05 00:31 . 2011-05-05 00:31 -------- d-----w- c:\users\win7-test\AppData\Local\Unity 2011-05-04 19:45 . 2011-05-04 19:45 -------- d-----w- c:\program files\iPod 2011-05-04 19:45 . 2011-05-04 19:46 -------- d-----w- c:\program files\iTunes 2011-05-04 19:44 . 2011-05-04 19:44 -------- d-----w- c:\program files\Bonjour 2011-04-27 22:19 . 2011-05-05 21:38 -------- d--h--w- c:\program files\InstallShield Installation Information 2011-04-27 22:10 . 2011-05-11 10:39 -------- d-----w- c:\program files\Common Files\Akamai 2011-04-25 22:45 . 2011-04-25 22:45 -------- d-----w- c:\users\win7-test\AppData\Roaming\Hi-Rez Studios 2011-04-25 22:44 . 2011-04-27 23:37 -------- d-----w- c:\programdata\Hi-Rez Studios 2011-04-25 22:44 . 2011-04-27 23:37 -------- d-----w- c:\program files\Hi-Rez Studios 2011-04-25 20:43 . 2011-04-26 01:14 -------- d-----w- c:\users\win7-test\Tracing 2011-04-21 20:38 . 2011-04-27 23:31 -------- d-----w- c:\program files\Common Files\InstallShield 2011-04-21 19:17 . 2011-04-21 19:17 -------- d-----w- c:\users\win7-test\AppData\Local\Diagnostics 2011-04-21 18:01 . 2011-04-21 19:17 -------- d-----w- C:\Games 2011-04-20 18:38 . 2011-04-20 18:39 -------- d-----w- c:\program files\Common Files\Steam 2011-04-20 18:31 . 2011-04-20 18:31 -------- d-----w- c:\users\win7-test\AppData\Roaming\Systweak 2011-04-20 18:31 . 2011-04-09 17:17 17280 ----a-w- c:\windows\system32\roboot.exe 2011-04-20 18:06 . 2011-04-20 18:06 -------- d-----w- c:\users\win7-test\AppData\Local\FalloutNV 2011-04-20 12:06 . 2011-04-20 12:06 -------- d-----w- c:\users\Public\Games 2011-04-16 19:32 . 2011-04-16 19:32 -------- d-----w- c:\users\win7-test\AppData\Roaming\Malwarebytes 2011-04-16 18:05 . 2011-05-03 10:53 -------- d-----w- c:\users\win7-test\AppData\Local\Adobe 2011-04-14 20:40 . 2011-02-23 05:06 311296 ----a-w- c:\windows\system32\drivers\srv.sys 2011-04-14 20:40 . 2011-02-23 05:05 309760 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-04-14 20:40 . 2011-02-23 05:05 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-04-14 20:39 . 2011-02-18 05:36 428032 ----a-w- c:\windows\system32\vbscript.dll 2011-04-14 20:37 . 2011-03-03 03:31 2331136 ----a-w- c:\windows\system32\win32k.sys 2011-04-14 20:37 . 2011-02-12 05:30 191488 ----a-w- c:\windows\system32\FXSCOVER.exe 2011-04-14 20:37 . 2011-03-11 05:40 1164288 ----a-w- c:\windows\system32\mfc42u.dll 2011-04-14 20:37 . 2011-03-11 05:40 1137664 ----a-w- c:\windows\system32\mfc42.dll 2011-04-14 20:37 . 2011-03-08 05:38 740864 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-14 20:37 . 2011-02-23 05:05 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-04-14 20:37 . 2011-02-23 05:05 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-04-14 20:37 . 2011-02-23 05:05 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-14 20:37 . 2011-02-23 05:05 69632 ----a-w- c:\windows\system32\drivers\bowser.sys 2011-04-13 20:14 . 2011-04-13 20:14 -------- d-----w- c:\programdata\EA Core 2011-04-13 20:14 . 2011-04-13 20:14 -------- d-----w- c:\programdata\Electronic Arts 2011-04-13 20:11 . 2011-04-13 20:11 -------- d-----w- c:\program files\Intel 2011-04-13 20:11 . 2011-02-28 12:09 53248 ----a-w- c:\windows\system32\CSVer.dll 2011-04-13 20:11 . 2011-04-13 20:11 -------- d-----w- C:\Intel 2011-04-13 19:42 . 2011-04-21 19:11 -------- d--h--w- c:\windows\msdownld.tmp . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-06 20:20 . 2011-04-06 20:20 91424 ----a-w- c:\windows\system32\dnssd.dll 2011-04-06 20:20 . 2011-04-06 20:20 75040 ----a-w- c:\windows\system32\jdns_sd.dll 2011-04-06 20:20 . 2011-04-06 20:20 197920 ----a-w- c:\windows\system32\dnssdX.dll 2011-04-06 20:20 . 2011-04-06 20:20 107808 ----a-w- c:\windows\system32\dns-sd.exe 2011-04-02 12:03 . 2011-04-02 12:03 2 --shatr- c:\windows\winstart.bat 2011-03-27 20:56 . 2011-03-27 20:56 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-03-23 14:11 . 2011-03-28 10:32 6792528 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{356AD35F-F933-4B5D-8187-8E7B452F846F}\mpengine.dll 2011-02-18 20:36 . 2011-02-18 20:36 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2011-02-18 20:36 . 2011-02-18 20:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll 2011-05-06 01:42 . 2011-05-06 01:42 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SUPERAntiSpyware"="c:\program files\SuperAntiSpyware - Professional - XxXFreakyXxX\SUPERAntiSpywarePro.exe" [2010-10-25 2408688] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816] "TrackPointSrv"="c:\program files\Lenovo\TrackPoint\tp4serv.exe" [2009-11-24 93032] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-06 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-06 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-06 150552] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-27 421160] . c:\users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ IMVU.lnk - c:\users\Scott\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe [N/A] MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2011-4-1 576000] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena\safedrv.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-16 1343400] R3 XDva385;XDva385;c:\windows\system32\XDva385.sys [x] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992] S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] S3 Tp4Track;PS/2 TrackPoint Driver;c:\windows\system32\DRIVERS\tp4track.sys [2009-11-24 23152] S4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-12-20 38224] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - MBAMSWISSARMY . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . . ------- Supplementary Scan ------- . uStart Page = google.com IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\gjx9373r.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2464976&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Playdom Customized Web Search FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2464976&q= . - - - - ORPHANS REMOVED - - - - . AddRemove-bc8a6440-918f-11dd-ad8b-0800200c9a66_is1 - c:\program files\Turbine\DDO Unlimited\unins000.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2011-05-11 17:26:41 ComboFix-quarantined-files.txt 2011-05-11 21:26 ComboFix2.txt 2011-05-06 10:19 . Pre-Run: 66,857,644,032 bytes free Post-Run: 68,035,493,888 bytes free . - - End Of File - - E3190C6F91208C7D00F305E0B974EC24

Also, I had recently changed my bg to a beautiful picture of the Himalayas, but then like 10 minutes later, it automatically changes back to a black screen. I looked on the web before, and got this: (taken from here.)

Here's the MBAM log: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6531 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 5/8/2011 6:58:36 AM mbam-log-2011-05-08 (06-58-36).txt Scan type: Quick scan Objects scanned: 171358 Time elapsed: 4 minute(s), 5 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Here's the DDS log: . DDS (Ver_11-03-05.01) - NTFSx86 Run by Scott at 6:55:44.93 on Sun 05/08/2011 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_24 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.1526.484 [GMT -4:00] . SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\ibmpmsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\rundll32.exe C:\Windows\system32\AEADISRV.EXE C:\Windows\System32\svchost.exe -k Akamai C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\DRIVERS\xaudio.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Lenovo\TrackPoint\tp4serv.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\SuperAntiSpyware - Professional - XxXFreakyXxX\SUPERAntiSpywarePro.exe C:\Program Files\MagicDisc\MagicDisc.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\explorer.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Scott\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = google.com BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll uRun: [sUPERAntiSpyware] c:\program files\superantispyware - professional - xxxfreakyxxx\SUPERAntiSpywarePro.exe mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [TrackPointSrv] c:\program files\lenovo\trackpoint\tp4serv.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" StartupFolder: c:\users\scott\appdata\roaming\micros~1\windows\startm~1\programs\startup\imvu.lnk - c:\users\scott\appdata\roaming\imvuclient\IMVUQualityAgent.exe StartupFolder: c:\users\scott\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Notify: igfxcui - igfxdev.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\scott\appdata\roaming\mozilla\firefox\profiles\gjx9373r.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2464976&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Playdom Customized Web Search FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2464976&q= FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll FF - plugin: c:\windows\system32\wat\npWatWeb.dll . ============= SERVICES / DRIVERS =============== . R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-13 20992] R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168] R3 Tp4Track;PS/2 TrackPoint Driver;c:\windows\system32\drivers\tp4track.sys [2009-11-24 23152] R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-4-1 38224] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360] S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992] S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504] S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-16 1343400] . =============== Created Last 30 ================ . 2011-05-06 15:32:45 -------- d-----w- c:\program files\Pando Networks 2011-05-06 10:19:14 -------- d-sh--w- C:\$RECYCLE.BIN 2011-05-06 10:14:58 -------- d-----w- c:\users\scott\appdata\local\temp 2011-05-06 10:08:10 98816 ----a-w- c:\windows\sed.exe 2011-05-06 10:08:10 89088 ----a-w- c:\windows\MBR.exe 2011-05-06 10:08:10 256512 ----a-w- c:\windows\PEV.exe 2011-05-06 10:08:10 161792 ----a-w- c:\windows\SWREG.exe 2011-05-06 09:48:06 -------- d-----w- c:\users\scott\appdata\roaming\SUPERAntiSpyware.com 2011-05-06 09:48:06 -------- d-----w- c:\progra~2\SUPERAntiSpyware.com 2011-05-06 09:47:50 -------- d-----w- c:\program files\SuperAntiSpyware - Professional - XxXFreakyXxX 2011-05-06 01:42:56 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll 2011-05-06 01:42:56 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll 2011-05-06 01:42:56 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll 2011-05-06 01:42:56 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll 2011-05-06 01:42:56 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll 2011-05-06 01:42:55 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll 2011-05-06 01:42:55 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll 2011-05-06 01:42:55 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2011-05-04 19:45:52 -------- d-----w- c:\program files\iPod 2011-05-04 19:45:51 -------- d-----w- c:\program files\iTunes 2011-05-04 19:44:40 -------- d-----w- c:\program files\Bonjour 2011-04-27 22:19:51 69632 ------w- c:\program files\common files\installshield\updateservice\issch.exe 2011-04-27 22:19:51 380928 ------w- c:\program files\common files\installshield\updateservice\agent.exe 2011-04-27 22:19:51 212992 ------w- c:\program files\common files\installshield\updateservice\ISDM.exe 2011-04-27 22:10:15 -------- d-----w- c:\program files\common files\Akamai 2011-04-25 22:44:45 -------- d-----w- c:\progra~2\Hi-Rez Studios 2011-04-25 22:44:43 -------- d-----w- c:\program files\Hi-Rez Studios 2011-04-21 18:01:14 -------- d-----w- C:\Games 2011-04-20 18:38:45 -------- d-----w- c:\program files\common files\Steam 2011-04-20 18:31:28 17280 ----a-w- c:\windows\system32\roboot.exe 2011-04-14 20:40:13 311296 ----a-w- c:\windows\system32\drivers\srv.sys 2011-04-14 20:40:13 309760 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-04-14 20:40:13 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-04-14 20:39:30 428032 ----a-w- c:\windows\system32\vbscript.dll 2011-04-14 20:37:49 2331136 ----a-w- c:\windows\system32\win32k.sys 2011-04-14 20:37:46 191488 ----a-w- c:\windows\system32\FXSCOVER.exe 2011-04-14 20:37:45 1164288 ----a-w- c:\windows\system32\mfc42u.dll 2011-04-14 20:37:45 1137664 ----a-w- c:\windows\system32\mfc42.dll 2011-04-14 20:37:44 740864 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-14 20:37:43 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-04-14 20:37:43 69632 ----a-w- c:\windows\system32\drivers\bowser.sys 2011-04-14 20:37:43 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-04-14 20:37:43 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-13 20:14:09 -------- d-----w- c:\progra~2\EA Core 2011-04-13 20:14:08 -------- d-----w- c:\progra~2\Electronic Arts 2011-04-13 20:11:18 53248 ----a-w- c:\windows\system32\CSVer.dll 2011-04-13 20:11:05 -------- d-----w- C:\Intel 2011-04-13 19:42:01 -------- d--h--w- c:\windows\msdownld.tmp 2011-04-13 19:41:55 -------- d-----w- c:\windows\system32\directx 2011-04-11 02:35:02 -------- d-----w- c:\users\scott\appdata\local\The Weather Channel . ==================== Find3M ==================== . 2011-04-06 20:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll 2011-04-06 20:20:16 75040 ----a-w- c:\windows\system32\jdns_sd.dll 2011-04-06 20:20:16 197920 ----a-w- c:\windows\system32\dnssdX.dll 2011-04-06 20:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe 2011-04-02 12:03:16 2 --shatr- c:\windows\winstart.bat 2011-03-27 20:56:29 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-03-03 05:29:23 132608 ----a-w- c:\windows\system32\dnsrslvr.dll 2011-03-03 05:27:30 28672 ----a-w- c:\windows\system32\dnscacheugc.exe 2011-02-24 05:32:44 981504 ----a-w- c:\windows\system32\wininet.dll 2011-02-24 05:30:16 44544 ----a-w- c:\windows\system32\licmgr10.dll 2011-02-24 04:23:48 386048 ----a-w- c:\windows\system32\html.iec 2011-02-24 03:50:26 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2011-02-19 05:32:08 34304 ----a-w- c:\windows\system32\atmlib.dll 2011-02-19 03:37:02 294912 ----a-w- c:\windows\system32\atmfd.dll 2011-02-18 20:36:58 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll . ============= FINISH: 6:56:42.18 ===============

The scans are almost done, however, now there's something weird going on. There's a white box on my desktop in the lower right hand corner of my screen, like it's part of the background. Changing the background does nothing, and I don't know what to do.

I thought I had gotten rid of them before, but they just came back. Can someone help me with this please? MBAM didn't remove them. Lots of help is appreciated!

Still not working.

I don't have an antivirus installed. I was going to do it this morning.