Jump to content

BSOD during scan with Malwarebytes


Recommended Posts

I am not sure if I am infected, but several websites have mentioned things that lead me to wonder, in addition to the fact that I have received the BSOD at least once when running a full scan with Malwarebytes.

 

It started around the same time that I purchased a Western Digital My Passport.  The backup software that came with it wouldn't install properly, so I contacted their tech support, who had my uninstall/reinstall several times, then referred me up the chain to a tech who remoted into my pc...couldn't get it to work either, so he installed a different software, Anywhere Backup. This worked. I honestly don't know if the first BSOD I had was after or before install of the My Passport. 

 

The first one said BAD_POOL_HEADER, stop: 0x19

Second one: Stop: 0x24 and mentioned fltmgr.sys

Third one: Stop: 0x7E, also fltmgr.sys

 

I also had a 'crash' during configuring Windows Updates, and I read something that led me to try manually updating each one, so I did that..

 

I am not a computer dummy but I'm by no means an expert with this type of stuff.  I didn't want to start any other programs, cleaners etc until I was sure my PC was clean of any infection.  I also ran the DDS program and will paste them at the bottom just in case.

 

Any help or pointing in a direction is much appreciated!  I'm camping right now, so have limited resources!

 

Also, instructions said to select "Immediate Email Notification" but I don't see that option anywhere, so will try and check back in the morning. This has exhausted me!

Thanks!

Weedy

 

 

Malwarebytes version 1.75.0.1300

Windows 7 Home Premium Service Pack 1 x64

Dell XPS L701X

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16635  BrowserJavaVersion: 10.25.2
Run by Wen D at 21:22:24 on 2013-07-13
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.12220.9187 [GMT -8:00]
.
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\WD\WD Anywhere Backup\MemeoBackgroundService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\SysWOW64\nlssrv32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Photodex\ProShow Gold\ScsiAccess.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\WINDOWS\System32\spool\drivers\x64\3\E_IATICEA.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\X-Rite\ColorMunki Display\ColorMunkiDisplayTray.exe
C:\Program Files (x86)\ACS_CDU680\EVDO-Modem\Bin\RDVCHG.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
C:\Program Files (x86)\Cisco Systems\Cisco Connect\CCPrt.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\SnugTV\SnugTV Station\QuickStart.exe
C:\Users\Wen D\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\WD\WD Anywhere Backup\MemeoBackup.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\My Dell\uaclauncher.exe
C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [EPSON Stylus CX8400 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATICEA.EXE /FU "C:\Users\WEND~1\AppData\Local\Temp\E_S449F.tmp" /EF "HKCU"
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [Facebook Update] "C:\Users\Wen D\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Google Update] "C:\Users\Wen D\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [AdobeBridge] <no file>
mRun: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [bDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ACS_CDU680] C:\Program Files (x86)\ACS_CDU680\EVDO-Modem\BIN\RDVCHG.EXE
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [CCPrt] "C:\Program Files (x86)\Cisco Systems\Cisco Connect\CCPrt.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
mRun: [WD Anywhere Backup] C:\Program Files (x86)\WD\WD Anywhere Backup\MemeoLauncher2.exe --silent
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
StartupFolder: C:\Users\WEND~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Wen D\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\WEND~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\Users\WEND~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUDIBL~1.LNK - C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AVERHI~1.LNK - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AVERQU~1.LNK - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\COLORM~1.LNK - C:\Program Files (x86)\X-Rite\ColorMunki Display\ColorMunkiDisplayTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\IMAGEB~1.LNK - C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNUGTV~1.LNK - C:\Windows\Installer\{198F93FD-9919-4010-8164-06BC2349959C}\NewShortcut1_46FEF19C05F1475DAA14D9007DC15270_2.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\XRGamma.lnk - C:\Program Files (x86)\X-Rite\ColorMunki Display\XRGamma.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm




TCP: NameServer = 192.168.1.1
TCP: Interfaces\{0E84DFD2-D38E-4AE1-BE1A-261D03503638} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{0E84DFD2-D38E-4AE1-BE1A-261D03503638}\34963736F65323739393 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{0E84DFD2-D38E-4AE1-BE1A-261D03503638}\441696379723 : DHCPNameServer = 192.168.227.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
x64-Run: [NVHotkey] rundll32.exe C:\Windows\System32\nvHotkey.dll,Start
x64-Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\917\G2AWinLogon_x64.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Wen D\AppData\Roaming\Mozilla\Firefox\Profiles\mf9xqlkf.default\
FF - prefs.js: browser.startup.homepage - about:newtab
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Wen D\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Wen D\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Users\Wen D\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Wen D\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Wen D\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Wen D\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-06-20 15:58; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
============= SERVICES / DRIVERS ===============
.
R0 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-7-12 22600]
R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\System32\drivers\aswNdis.sys [2012-7-12 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\System32\drivers\aswNdis2.sys [2012-7-12 270824]
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-14 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-14 189936]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-12-21 55856]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2010-12-21 21616]
R1 aswFW;avast! TDI Firewall driver;C:\Windows\System32\drivers\aswFW.sys [2012-7-12 131232]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-7-12 1030952]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-7-12 378944]
R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-14 169624]
R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-6 169312]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-10-30 98208]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-7-12 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-7-12 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-16 46808]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-5-16 137960]
R2 AVerRemote;AVerRemote;C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2011-3-2 348160]
R2 AVerScheduleService;AVerScheduleService;C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-3-2 397312]
R2 AVerUpdateServer;AVerUpdateServer;C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2011-1-6 168448]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-8-27 1253376]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-5 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-5 701512]
R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\WD\WD Anywhere Backup\MemeoBackgroundService.exe [2009-11-12 25824]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\WINDOWS\SysWOW64\nlssrv32.exe [2013-5-29 71280]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-12-21 1692480]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-5-14 3289208]
R2 SnugTV Service;SnugTV Service;C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe [2011-1-5 570880]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-8-12 235624]
R2 sxuptp;SXUPTP Driver;C:\Windows\System32\drivers\sxuptp.sys [2011-10-16 299184]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2533400]
R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2013-6-19 270192]
R2 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;C:\Windows\System32\drivers\DDCDrv.sys [2013-3-17 20832]
R2 xrdd.exe;X-Rite Device Services Manager;C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [2011-3-10 203088]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2010-10-30 27760]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2010-10-30 344616]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-10-30 39464]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2010-12-21 175168]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-12-21 56344]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-1-22 25928]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-10-30 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-10-30 184968]
R3 qicflt;upper Device Filter Driver;C:\Windows\System32\drivers\qicflt.sys [2010-10-30 29288]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2010/12/21 17:51:39;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-9-28 254448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SessionLauncher;SessionLauncher;c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]
S3 AVerFx2hbtv64;AVerMedia H826 USB Hybrid Tuner;C:\Windows\System32\drivers\AVerFx2hbtv64.sys [2011-3-2 512512]
S3 cmusbser;%CMUSBSER%;C:\Windows\System32\drivers\cmusbser.sys [2007-6-8 112768]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-8-7 3276800]
S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2010-10-30 160880]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-10-30 7689216]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-7-12 19456]
S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-7-12 57856]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-8 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2013-07-13 18:26:01    76232    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F55F4DBC-F33E-4AB8-9438-DC5BA93988E3}\offreg.dll
2013-07-12 20:16:02    3072    ----a-w-    C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2013-07-12 19:48:02    9552976    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F55F4DBC-F33E-4AB8-9438-DC5BA93988E3}\mpengine.dll
2013-07-09 01:44:04    --------    d-----w-    C:\ProgramData\MemeoCommon
2013-07-09 01:41:15    --------    d-----w-    C:\Users\Wen D\AppData\Roaming\WD
2013-07-09 01:41:02    --------    d-----w-    C:\Program Files (x86)\Common Files\Memeo
2013-07-09 01:41:01    --------    d-----w-    C:\Program Files (x86)\WD
2013-07-08 22:47:24    --------    d-----w-    C:\Users\Wen D\AppData\Local\Western Digital
2013-07-08 22:47:12    --------    d-----w-    C:\Users\Wen D\AppData\Local\Western_Digital_Technolog
2013-06-27 14:22:20    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M  ====================
.
2013-07-08 21:55:05    104280    ----a-w-    C:\Users\Wen D\GoToAssistDownloadHelper.exe
2013-06-27 22:18:36    189936    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2013-06-27 22:18:36    1030952    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2013-06-27 14:22:14    867240    ----a-w-    C:\Windows\SysWow64\npDeployJava1.dll
2013-06-27 14:22:13    789416    ----a-w-    C:\Windows\SysWow64\deployJava1.dll
2013-06-11 23:43:37    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00    2877440    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58    61440    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58    109056    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20    2241024    ----a-w-    C:\Windows\System32\wininet.dll
2013-06-11 23:25:16    3958784    ----a-w-    C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13    67072    ----a-w-    C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58    89600    ----a-w-    C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-11 19:09:28    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-11 19:09:28    692104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-07 03:22:18    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-06-05 03:34:27    3153920    ----a-w-    C:\Windows\System32\win32k.sys
2013-06-04 06:00:13    624128    ----a-w-    C:\Windows\System32\qedit.dll
2013-06-04 04:53:07    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2013-05-27 21:12:23    108448    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-27 21:12:22    971680    ----a-w-    C:\Windows\System32\deployJava1.dll
2013-05-27 21:12:22    1092512    ----a-w-    C:\Windows\System32\npDeployJava1.dll
2013-05-13 05:51:01    184320    ----a-w-    C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00    1464320    ----a-w-    C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00    139776    ----a-w-    C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40    52224    ----a-w-    C:\Windows\System32\certenc.dll
2013-05-13 04:45:55    140288    ----a-w-    C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55    1160192    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55    103936    ----a-w-    C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55    1192448    ----a-w-    C:\Windows\System32\certutil.exe
2013-05-13 03:08:10    903168    ----a-w-    C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06    43008    ----a-w-    C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27    30720    ----a-w-    C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54    24576    ----a-w-    C:\Windows\SysWow64\cryptdlg.dll
2013-05-09 08:59:07    72016    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
2013-05-09 08:59:07    65336    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2013-05-09 08:59:06    80816    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2013-05-09 08:59:06    270824    ----a-w-    C:\Windows\System32\drivers\aswNdis2.sys
2013-05-09 08:59:06    22600    ----a-w-    C:\Windows\System32\drivers\aswKbd.sys
2013-05-09 08:59:06    131232    ----a-w-    C:\Windows\System32\drivers\aswFW.sys
2013-05-09 08:58:37    41664    ----a-w-    C:\Windows\avastSS.scr
2013-05-08 06:39:01    1910632    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-05-06 06:03:49    1887744    ----a-w-    C:\Windows\System32\WMVDECOD.DLL
2013-05-06 04:56:35    1620480    ----a-w-    C:\Windows\SysWow64\WMVDECOD.DLL
2013-05-02 10:06:08    278800    ------w-    C:\Windows\System32\MpSigStub.exe
2013-05-01 11:59:12    94208    ----a-w-    C:\Windows\SysWow64\QuickTimeVR.qtx
2013-05-01 11:59:12    69632    ----a-w-    C:\Windows\SysWow64\QuickTime.qts
2013-04-26 05:51:36    751104    ----a-w-    C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21    492544    ----a-w-    C:\Windows\SysWow64\win32spl.dll
2013-04-25 23:30:32    1505280    ----a-w-    C:\Windows\SysWow64\d3d11.dll
2013-04-17 07:02:06    1230336    ----a-w-    C:\Windows\SysWow64\WindowsCodecs.dll
2013-04-17 06:24:46    1424384    ----a-w-    C:\Windows\System32\WindowsCodecs.dll
.
============= FINISH: 21:23:10.49 ===============
 

 

 

ATTACH.txt:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 1/7/2011 12:04:12 PM
System Uptime: 7/13/2013 9:05:20 PM (0 hours ago)
.
Motherboard: Dell Inc. |  | 0T105W
Processor: Intel® Core i7 CPU       Q 740  @ 1.73GHz | U2E1 | 919/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 79.47 GiB free.
D: is FIXED (NTFS) - 466 GiB total, 73.48 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP386: 7/8/2013 11:10:04 AM - WD SmartWare Installer
RP387: 7/8/2013 1:17:40 PM - Removed WD SmartWare
RP388: 7/8/2013 1:20:32 PM - WD SmartWare Installer
RP389: 7/8/2013 1:20:49 PM - WD SmartWare Installer
RP390: 7/8/2013 1:30:21 PM - WD SmartWare Installer
RP391: 7/8/2013 1:59:27 PM - WD SmartWare Installer
RP392: 7/8/2013 2:00:44 PM - WD SmartWare Installer
RP393: 7/8/2013 2:15:49 PM - WD SmartWare Installer
RP394: 7/8/2013 2:25:46 PM - WD SmartWare Installer
RP395: 7/8/2013 2:27:15 PM - WD SmartWare Installer
RP396: 7/8/2013 2:44:22 PM - WD SmartWare Installer
RP397: 7/8/2013 5:32:50 PM - WD SmartWare Installer
RP398: 7/8/2013 5:34:11 PM - WD SmartWare Installer
RP399: 7/9/2013 10:59:32 PM - Windows Update
RP400: 7/11/2013 1:20:09 PM - Windows Update
RP401: 7/12/2013 9:05:30 AM - Windows Update
RP402: 7/12/2013 9:20:03 AM - Windows Update
RP403: 7/12/2013 9:30:36 AM - Windows Update
RP405: 7/12/2013 11:42:38 AM - Windows Update
RP406: 7/12/2013 11:43:43 AM - Windows Update
RP407: 7/12/2013 11:45:44 AM - Windows Update
RP408: 7/12/2013 12:11:39 PM - Windows Update
RP409: 7/12/2013 12:15:36 PM - Windows Update
.
==== Installed Programs ======================
.
AccelerometerP11
Accidental Damage Services Agreement
Adobe Acrobat  9 Standard - English, Français, Deutsch
Adobe Acrobat 9.5.5 - CPSID_83708
Adobe AIR
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS6
Adobe Photoshop Elements 10
Adobe Photoshop Elements 8.0
Adobe Photoshop Lightroom 4.4 64-bit
Adobe Photoshop.com Inspiration Browser
Adobe Premiere Elements 8.0
Adobe Premiere Elements 8.0 Templates
Adobe Reader XI (11.0.03)
Advanced Audio FX Engine
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audible Download Manager
avast! Internet Security
AVer Media Center
AVerMedia Applications
AVerMedia H826 series driver 2.0.64.126
AVerMedia Media Center Plug-ins 2.0.8.0
Backuptrans iPhone SMS + MMS Extractor 2.1.07
Backuptrans iPhone SMS Transfer 2.12.03
Bonjour
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon Utilities Digital Photo Professional 3.11
Canon Utilities EOS Sample Music
Canon Utilities EOS Utility
Canon Utilities ImageBrowser EX
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities WFT Utility
Canon Utilities ZoomBrowser EX
CDU680DORA USB Modem
Cisco Connect
ColorMunki Display 1.0.1
Consumer In-Home Service Agreement
Cozi
CyberLink PowerDVD 9.6
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Dock
Dell Edoc Viewer
Dell Getting Started Guide
Dell Webcam Central
DirectXInstallService
Documents To Go Desktop for iPhone
Dropbox
Elements 10 Organizer
Elements+ for PSE 10, v.5.0
EMC 10 Content
EMCGadgets64
EPSON Printer Software
EPSON Scan
Evernote v. 4.6.6
Facebook Video Calling 1.2.0.287
Firebird SQL Server - MAGIX Edition
Google Chrome
Google Earth Plug-in
Google Talk Plugin
Google Update Helper
GoToAssist Corporate
iCloud
Intel PROSet Wireless
Intel® Management Engine Components
Intel® PROSet/Wireless WiFi Software
Intel® Turbo Boost Technology Monitor
Internet Explorer
iSEEK AnswerWorks English Runtime
iTunes
Java 7 Update 21 (64-bit)
Java 7 Update 25
Java Auto Updater
JMicron Flash Media Controller Driver
Junk Mail filter update
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
MobileMe Control Panel
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Dell
NexusFont 2.5 (ver 2.5.8.1582)
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA HD Audio Driver 1.3.18.0
NVIDIA Install Application
NVIDIA Stereoscopic 3D Driver
PDF Settings CS6
Perfect Effects 4
Photodex Presenter
ProShow Gold
PSE10 STI Installer
Quicken 2011
Quicken 2012
Quicken 2013
Quicken WillMaker Plus 2012
Quickset64
QuickTime
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy CD and DVD Burning
Roxio Express Labeler 3
Roxio File Backup
Roxio Update Manager
Safari
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
SizeExplorer Pro 4.9.1
Skitch
Skype Click to Call
Skype™ 6.5
SmartSound Quicktracks for Premiere Elements 8.0
SnugTV Station
Sonic CinePlayer Decoder Pack
Spelling Dictionaries Support For Adobe Reader 9
StuffIt Expander 2011
Synaptics Pointing Device Driver
The Photographer's Ephemeris
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VD64Inst
WD Anywhere Backup
WD Drive Utilities
WD Security
WIDCOMM Bluetooth Software
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
X-Rite Device Services Manager
XRD i1d3
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
7/9/2013 6:04:41 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
7/9/2013 2:36:09 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000019 (0x0000000000000020, 0xfffffa800da2e000, 0xfffffa800da2e150, 0x0000000004150000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 070913-26707-01.
7/8/2013 10:18:42 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x000000c2 (0x0000000000000007, 0x000000000000109b, 0x00000000040c0008, 0xfffffa800d90c4d0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 070813-22198-01.
7/8/2013 1:05:15 PM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk2\DR2.
7/8/2013 1:02:21 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10003]  - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
7/13/2013 9:13:12 PM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
7/13/2013 9:08:45 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
7/13/2013 9:08:16 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000007e (0xffffffffc0000005, 0xfffff880014881d1, 0xfffff880035d2638, 0xfffff880035d1e90). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071313-118389-01.
7/13/2013 9:07:54 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  RxFilter
7/13/2013 9:07:35 PM, Error: Service Control Manager [7000]  - The SessionLauncher service failed to start due to the following error:  The system cannot find the file specified.
7/13/2013 8:53:14 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
7/12/2013 9:45:48 AM, Error: Service Control Manager [7022]  - The Windows Search service hung on starting.
7/12/2013 8:41:46 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2834886).
7/12/2013 8:41:46 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2832414).
7/12/2013 8:38:27 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2850851).
7/12/2013 8:38:27 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2847927).
7/12/2013 8:38:27 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2845187).
7/12/2013 8:38:27 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2835364).
7/12/2013 8:38:27 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2803821).
7/12/2013 8:38:27 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2844286).
7/12/2013 8:38:27 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2840631).
7/12/2013 8:38:27 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2833946).
7/12/2013 8:38:27 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2846071).
7/12/2013 8:29:06 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000024 (0x00000000001904fb, 0xfffff88009fe2088, 0xfffff88009fe18e0, 0xfffff880012e5626). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071213-75317-01.
7/12/2013 8:28:57 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
7/12/2013 8:28:39 AM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
7/12/2013 8:28:37 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  aswRvrt aswSnx aswSP aswTdi aswVmm discache RxFilter spldr Wanarpv6
7/12/2013 12:24:05 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the MemeoBackgroundService service to connect.
7/12/2013 12:24:05 PM, Error: Service Control Manager [7000]  - The MemeoBackgroundService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
7/12/2013 11:59:20 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the btwdins service.
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

  • Replies 54
  • Created
  • Last Reply

Top Posters In This Topic

  • Root Admin

Hello and :welcome:

 

Sorry for the delay.

Please run the following steps and post back all the logs as ATTACHMENTS by clicking on the More Reply Options button.
Please don't put logs in code or quote tags or copy/paste them into your reply unless you're unable to attach them.
Please enable your system to show hidden files: How to see hidden files in Windows

P2P/Piracy Warning:

  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.


STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02
Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.


STEP 03
Please download Malwarebytes Anti-Rootkit from here

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

STEP 04
Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus


STEP 05
Please download AdwCleaner by Xplode to your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • If prompted by the User Account Control click Yes to allow it to run.
  • Under Actions click on the Delete button.
  • Click OK on all prompts.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the entire contents of that logfile to your next reply.
  • You can find the logfile at C:\AdwCleaner[s1].txt where the number in brackets indicates how often it was run.


STEP 06
button_eos.gif

Please go here to run the online antivirus scannner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.



STEP 07
Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system.  You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.


 

Link to post
Share on other sites

Thank you for the response and sorry for MY delay.  I am still out of town and didn't see your message til now.  I apologize for pasting the logs into the message...the post I landed on when I was searching the web for help said that it wasn't necessary to attach them.  My bad for not submitting my post b4 doing something and for using instructions meant for someone else!

I am starting through the steps, but after I installed the ERUNT program I looked at the read me file and it doesn't list Win 7 as compatible.  It just says "most likely future windows versions".  I followed the first link you gave me...is this the right one?

I will be traveling today so I may lag in response time.  

Link to post
Share on other sites

:unsure: If there's any way you or someone could help in one more little thing before Tuesday I would REALLY appreciate it!

I started a new thread in one of the other forums just asking about the current problem I am having with Step 3, mbam.exe, but I it was in the wrong place...:(

I went ahead and ran the ERUNT program but received an error (unable to create file: c:\windows\ERDNT\7-22-2013\ERDNT.INF).  I backed out, and uninstalled it. Then I went to Bleeping Computer and downloaded on that said it was compatible with Win 7, and ran, no problem.

Then I completed step 2.

I tried to complete Step 3 (run Malwarebytes Anti-Rootkit), but it appears to have hung.  It is in the same spot as it was, over 2 hours ago. I don't know whether to cancel it or not. (cancel is the only option available).   NOTE: I did run a full scan with Malwarebytes prior to my original post but it didn't find anything. I don't know if that is the same thing as the Anti-Rootkit or not).

I started a new thread but was told this was my best option.

Can I skip this step and do the others?

 

Sorry for any confusion...I'm not used to posting in forums and have never posted to this one.  :blush:

Thank you!

Link to post
Share on other sites

I hope I am interpreting correctly that I should post results of each step in a seperate post. That is what I will do.  Also, I'm not sure when you say 'post it' if that means copy and paste or attach, so I will attach it based on what you said earlier...except for the ones you say to copy and paste.

This is the RogueKiller report.

RKreport0_S_07222013_122018.txt

Link to post
Share on other sites

Well, with going back and forth on two computers, I may have messed up the last step, and maybe should have copy and pasted.  I'm pretty sure that's what you wanted with this step, so here is the adwCleaner log:

 

# AdwCleaner v2.306 - Logfile created 07/22/2013 at 19:58:01
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Wen D - WEEEEE-XPS
# Boot Mode : Normal
# Running from : C:\Users\Wen D\Desktop\AdwCleaner.exe
# Option [Delete]


***** [services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\WEND~1\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\WEND~1\AppData\Local\Temp\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\Wen D\AppData\Roaming\Mozilla\Firefox\Profiles\mf9xqlkf.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v28.0.1500.72

File : C:\Users\Wen D\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[s1].txt - [1800 octets] - [22/07/2013 19:58:01]

########## EOF - C:\AdwCleaner[s1].txt - [1860 octets] ##########

Link to post
Share on other sites

  • Root Admin

Hello Weedy.

 

Those log files look good.  Please post back the ESET scan log or let me know what it said.

 

Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller

Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller.



If any infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection.

Once the tool has completed scanning make sure to re-enable your other security applications.
 

Thanks

Link to post
Share on other sites

Thank you Ron

 

The ESET scan finished just as I was going to bed, and this morning I ran the Farbar scan so here is the contents of the FRST log and the Addition log is attached.

I will try and work on the TDSSKiller today but will be gone most of the afternoon so it might be tonight if I think I have time, after looking at the instructions.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-07-2013 01
Ran by Wen D (administrator) on 23-07-2013 06:27:27
Running from C:\Users\Wen D\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Memeo) C:\Program Files (x86)\WD\WD Anywhere Backup\MemeoBackgroundService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Photodex\ProShow Gold\ScsiAccess.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(AVerMedia Technologies, Inc.) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SEIKO EPSON CORPORATION) C:\WINDOWS\System32\spool\drivers\x64\3\E_IATICEA.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(C-motech Co.,Ltd) C:\Program Files (x86)\ACS_CDU680\EVDO-Modem\Bin\RDVCHG.exe
() C:\Program Files (x86)\X-Rite\ColorMunki Display\ColorMunkiDisplayTray.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Cisco Consumer Products LLC) C:\Program Files (x86)\Cisco Systems\Cisco Connect\CCPrt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVerMedia Technologies, Inc. ) C:\Program Files (x86)\SnugTV\SnugTV Station\QuickStart.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Dropbox, Inc.) C:\Users\Wen D\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Memeo Inc.) C:\Program Files (x86)\WD\WD Anywhere Backup\MemeoBackup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2247976 2010-07-15] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6486120 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [NVHotkey] - rundll32.exe C:\Windows\system32\nvHotkey.dll,Start [x]
HKLM\...\Run: [intelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel® Corporation)
HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [3206816 2010-08-04] (Dell Inc.)
HKLM\...\Run: [FreeFallProtection] - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [727664 2010-09-24] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] - "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-10-10] (Dell)
HKLM-x32\...\runonceex: [ContentMerger] - c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-06-26] (Sonic Solutions)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\917\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKCU\...\Run: [sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [EPSON Stylus CX8400 Series] - C:\Users\WEND~1\AppData\Local\Temp\E_S449F.tmp [126 2011-04-30] ()
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [x]
HKCU\...\Run: [Facebook Update] - C:\Users\Wen D\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Wen D\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-10-07] (Google Inc.)
HKCU\...\Run: [AdobeBridge] -  [x]
MountPoints2: {162110b0-0c22-11e2-949e-8f8383a4ad0a} - F:\win\setup.exe -phs
MountPoints2: {38c082ef-1e88-11e0-843c-000df0926462} - F:\LaunchU3.exe -a
MountPoints2: {38c57d55-6786-11e0-a1bb-ac0240455401} - G:\unlock.exe autoplay=true
MountPoints2: {9be99ee0-1b82-11e0-9813-000df0926462} - F:\HPLauncher.exe
MountPoints2: {9d0fcd30-e802-11e2-b4eb-aa5188b23c07} - "F:\WD Drive Unlock.exe" autoplay=true
HKLM-x32\...\Run: [NUSB3MON] - "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] - "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [487562 2010-08-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [RemoteControl9] - "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] - "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [bDRegion] - c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2010-09-28] (cyberlink)
HKLM-x32\...\Run: [DellSupportCenter] - "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter [x]
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ACS_CDU680] - C:\Program Files (x86)\ACS_CDU680\EVDO-Modem\BIN\RDVCHG.EXE [316664 2008-06-03] (C-motech Co.,Ltd)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Desktop Disc Tool] - "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [498160 2009-12-15] ()
HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [CCPrt] - "C:\Program Files (x86)\Cisco Systems\Cisco Connect\CCPrt.exe" [1267320 2012-02-03] (Cisco Consumer Products LLC)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)
HKLM-x32\...\Run: [WD Anywhere Backup] - C:\Program Files (x86)\WD\WD Anywhere Backup\MemeoLauncher2.exe --silent [222432 2009-11-12] (Memeo Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorMunki Display Tray.lnk
ShortcutTarget: ColorMunki Display Tray.lnk -> C:\Program Files (x86)\X-Rite\ColorMunki Display\ColorMunkiDisplayTray.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SnugTV Quick Start.lnk
ShortcutTarget: SnugTV Quick Start.lnk -> C:\Windows\Installer\{198F93FD-9919-4010-8164-06BC2349959C}\NewShortcut1_46FEF19C05F1475DAA14D9007DC15270_2.exe (Macrovision Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\XRGamma.lnk
ShortcutTarget: XRGamma.lnk -> C:\Program Files (x86)\X-Rite\ColorMunki Display\XRGamma.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Wen D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Wen D\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Wen D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Wen D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {D4078EC4-3248-4957-8247-2D24D2848F7D} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {94AB31F5-3253-40FD-A759-4AE172603604} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKCU - {94AB31F5-3253-40FD-A759-4AE172603604} URL =
SearchScopes: HKCU - {D4078EC4-3248-4957-8247-2D24D2848F7D} URL =
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} -  No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.227.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Wen D\AppData\Roaming\Mozilla\Firefox\Profiles\mf9xqlkf.default
FF Homepage: about:newtab
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter - C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Wen D\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Wen D\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Wen D\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Wen D\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Wen D\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Wen D\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Wen D\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Ghostery - C:\Users\Wen D\AppData\Roaming\Mozilla\Firefox\Profiles\mf9xqlkf.default\Extensions\firefox@ghostery.com
FF Extension: Evernote Web Clipper - C:\Users\Wen D\AppData\Roaming\Mozilla\Firefox\Profiles\mf9xqlkf.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======


CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Wen D\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Wen D\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Wen D\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Photodex Presenter Plugin) - C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll ( )
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\Wen D\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Wen D\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Docs) - C:\Users\WEND~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\WEND~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\WEND~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\WEND~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Skype Click to Call) - C:\Users\WEND~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0
CHR Extension: (Gmail) - C:\Users\WEND~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [137960 2013-05-09] (AVAST Software)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [348160 2009-10-30] (AVerMedia)
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [397312 2009-12-06] ()
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [168448 2011-01-06] (AVerMedia TECHNOLOGIES, Inc.)
S2 CLKMSVC10_9EC60124; c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [254448 2010-09-28] (CyberLink)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MemeoBackgroundService; C:\Program Files (x86)\WD\WD Anywhere Backup\MemeoBackgroundService.exe [25824 2009-11-12] (Memeo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Gold\ScsiAccess.exe [186760 2012-02-08] ()
R2 SnugTV Service; C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe [570880 2011-01-05] (AVerMedia Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270192 2013-06-19] (Western Digital Technologies, Inc.)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [203088 2011-03-10] (X-Rite Inc.)
S2 SessionLauncher; c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [131232 2013-05-09] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2012-06-27] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [270824 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
S3 AVerFx2hbtv64; C:\Windows\System32\drivers\AVerFx2hbtv64.sys [512512 2009-12-08] (AVerMedia TECHNOLOGIES, Inc.)
S3 cmusbser; C:\Windows\System32\DRIVERS\cmusbser.sys [112768 2007-06-08] (C-motech Co.,Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw00.sys [11518976 2012-12-06] (Intel Corporation)
S3 PcdrNdisuio; C:\Windows\SysWow64\drivers\pcdrndisuio.sys [26192 2011-06-15] (Windows ® Codename Longhorn DDK provider)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [299184 2011-10-16] (silex technology, Inc.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R2 WinI2C-DDC; C:\Windows\system32\drivers\DDCDrv.sys [20832 2011-06-23] (Nicomsoft Ltd.)
R2 WinI2C-DDC; C:\Windows\system32\drivers\DDCDrv.sys [20832 2011-06-23] (Nicomsoft Ltd.)
S1 RxFilter; system32\DRIVERS\RxFilter.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-23 06:27 - 2013-07-23 06:27 - 00000000 ____D C:\FRST
2013-07-23 06:22 - 2013-07-23 06:21 - 01779447 _____ (Farbar) C:\Users\Wen D\Desktop\FRST64.exe
2013-07-23 06:21 - 2013-07-23 06:21 - 01779447 _____ (Farbar) C:\Users\Wen D\Downloads\FRST64.exe
2013-07-22 22:50 - 2013-07-22 22:50 - 00000555 _____ C:\Users\Wen D\Desktop\ESETthreatlist.txt
2013-07-22 20:23 - 2013-07-22 20:24 - 02347384 _____ (ESET) C:\Users\Wen D\Downloads\esetsmartinstaller_enu.exe
2013-07-22 20:16 - 2013-07-22 20:16 - 00001923 _____ C:\Users\Wen D\Desktop\AdwCleaner[s1].txt
2013-07-22 19:58 - 2013-07-22 19:58 - 00001923 _____ C:\AdwCleaner[s1].txt
2013-07-22 19:57 - 2013-07-22 19:51 - 00666633 _____ C:\Users\Wen D\Desktop\AdwCleaner.exe
2013-07-22 19:57 - 2013-07-22 19:13 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Wen D\Desktop\JRT.exe
2013-07-22 19:50 - 2013-07-22 19:51 - 00666633 _____ C:\Users\Wen D\Downloads\AdwCleaner.exe
2013-07-22 19:38 - 2013-07-22 19:38 - 00032286 _____ C:\Users\Wen D\Desktop\JRT.txt
2013-07-22 19:27 - 2013-07-22 19:27 - 00000000 ____D C:\Windows\ERUNT
2013-07-22 19:13 - 2013-07-22 19:13 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Wen D\Downloads\JRT.exe
2013-07-22 12:56 - 2013-07-22 18:58 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-22 12:52 - 2013-07-22 12:52 - 00000000 ____D C:\Users\Wen D\Downloads\mbar-1.06.0.1004
2013-07-22 12:30 - 2013-07-22 12:35 - 13399154 _____ C:\Users\Wen D\Downloads\mbar-1.06.0.1004.zip
2013-07-22 12:20 - 2013-07-22 12:20 - 00001997 _____ C:\Users\Wen D\Desktop\RKreport[0]_S_07222013_122018.txt
2013-07-22 12:17 - 2013-07-22 12:25 - 00000000 ____D C:\Users\Wen D\Desktop\RK_Quarantine
2013-07-22 12:16 - 2013-07-22 10:54 - 03778560 _____ C:\Users\Wen D\Desktop\RogueKillerX64.exe
2013-07-22 10:54 - 2013-07-22 10:54 - 03778560 _____ C:\Users\Wen D\Downloads\RogueKillerX64.exe
2013-07-22 10:49 - 2013-07-22 10:49 - 00000000 ____D C:\Windows\ERDNT
2013-07-22 10:48 - 2013-07-22 10:48 - 00000926 _____ C:\Users\Wen D\Desktop\NTREGOPT.lnk
2013-07-22 10:48 - 2013-07-22 10:48 - 00000907 _____ C:\Users\Wen D\Desktop\ERUNT.lnk
2013-07-22 10:48 - 2013-07-22 10:48 - 00000000 ____D C:\Program Files (x86)\ERUNT
2013-07-22 10:47 - 2013-07-22 10:47 - 00791393 _____ (Lars Hederer                                                ) C:\Users\Wen D\Downloads\erunt-setup(1).exe
2013-07-22 10:36 - 2013-07-22 10:37 - 00286824 _____ C:\Windows\Minidump\072213-23602-01.dmp
2013-07-21 08:16 - 2013-07-21 08:16 - 00791393 _____ (Lars Hederer                                                ) C:\Users\Wen D\Downloads\erunt-setup.exe
2013-07-21 07:46 - 2013-07-21 07:46 - 00291936 _____ C:\Windows\Minidump\072113-23259-01.dmp
2013-07-17 07:30 - 2013-07-17 07:30 - 17737608 _____ (Adobe Systems Incorporated) C:\Users\Wen D\Downloads\install_flash_player(1).exe
2013-07-14 09:49 - 2013-07-14 09:49 - 00288800 _____ C:\Windows\Minidump\071413-27019-01.dmp
2013-07-13 21:23 - 2013-07-13 21:23 - 00035047 _____ C:\Users\Wen D\Desktop\dds.txt
2013-07-13 21:23 - 2013-07-13 21:23 - 00019887 _____ C:\Users\Wen D\Desktop\attach.txt
2013-07-13 21:15 - 2013-07-13 21:15 - 00688992 ____R (Swearware) C:\Users\Wen D\Downloads\dds.scr
2013-07-13 21:07 - 2013-07-13 21:08 - 00291952 _____ C:\Windows\Minidump\071313-118389-01.dmp
2013-07-13 11:33 - 2013-07-13 11:33 - 00347424 _____ (Microsoft Corporation) C:\Users\Wen D\Downloads\MicrosoftFixit.WinSecurity.LB.147297174599745364.2.1.Run.exe
2013-07-12 12:15 - 2012-08-23 06:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-07-12 12:15 - 2012-08-23 06:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-07-12 12:15 - 2012-08-23 06:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-07-12 12:15 - 2012-08-23 05:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-07-12 12:15 - 2012-08-23 05:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-07-12 12:15 - 2012-08-23 05:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-07-12 12:15 - 2012-08-23 05:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-07-12 12:15 - 2012-08-23 05:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-07-12 12:15 - 2012-08-23 05:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-07-12 12:15 - 2012-08-23 05:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-07-12 12:15 - 2012-08-23 05:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-07-12 12:15 - 2012-08-23 05:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-07-12 12:15 - 2012-08-23 04:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-07-12 12:15 - 2012-08-23 03:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-07-12 12:15 - 2012-08-23 03:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-07-12 12:15 - 2012-08-23 03:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-07-12 12:15 - 2012-08-23 03:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-07-12 12:15 - 2012-08-23 02:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-07-12 12:15 - 2012-08-23 02:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-07-12 12:15 - 2012-08-23 02:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-07-12 12:15 - 2012-08-23 02:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-07-12 12:15 - 2012-08-23 01:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-07-12 12:15 - 2012-08-23 00:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-07-12 12:15 - 2012-08-23 00:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-07-12 11:47 - 2013-06-11 15:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 11:47 - 2013-06-11 15:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 11:47 - 2013-06-11 15:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 11:47 - 2013-06-11 15:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 11:47 - 2013-06-11 15:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 11:47 - 2013-06-11 15:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-12 11:47 - 2013-06-11 15:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 11:47 - 2013-06-11 15:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 11:47 - 2013-06-11 15:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-12 11:47 - 2013-06-11 15:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-12 11:47 - 2013-06-11 15:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-12 11:47 - 2013-06-11 15:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-12 11:47 - 2013-06-11 15:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 11:47 - 2013-06-11 15:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 11:47 - 2013-06-11 15:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-12 11:47 - 2013-06-11 15:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 11:47 - 2013-06-11 15:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 11:47 - 2013-06-11 15:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 11:47 - 2013-06-11 15:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 11:47 - 2013-06-11 15:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 11:47 - 2013-06-11 15:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 11:47 - 2013-06-11 15:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-12 11:47 - 2013-06-11 15:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-12 11:47 - 2013-06-11 15:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-12 11:47 - 2013-06-11 15:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 11:47 - 2013-06-11 15:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-12 11:47 - 2013-06-11 14:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-12 11:47 - 2013-06-11 14:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-12 11:47 - 2013-06-06 19:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 11:47 - 2013-06-06 18:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-12 11:46 - 2013-06-11 15:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 10:24 - 2009-07-13 20:49 - 00001266 _____ C:\Users\Wen D\Desktop\Windows Update.lnk
2013-07-12 08:28 - 2013-07-12 08:29 - 00282808 _____ C:\Windows\Minidump\071213-75317-01.dmp
2013-07-11 10:57 - 2013-06-04 19:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 10:57 - 2013-06-03 22:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 10:57 - 2013-06-03 20:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 10:57 - 2013-05-05 22:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 10:57 - 2013-05-05 20:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 10:57 - 2013-04-09 15:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 10:57 - 2013-04-02 14:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-09 14:35 - 2013-07-09 14:36 - 00292064 _____ C:\Windows\Minidump\070913-26707-01.dmp
2013-07-08 17:44 - 2013-07-08 17:44 - 00000000 ____D C:\ProgramData\MemeoCommon
2013-07-08 17:41 - 2013-07-08 17:41 - 00001186 _____ C:\Users\Public\Desktop\WD Anywhere Backup.lnk
2013-07-08 17:41 - 2013-07-08 17:41 - 00000000 ____D C:\Users\Wen D\AppData\Roaming\WD
2013-07-08 17:41 - 2013-07-08 17:41 - 00000000 ____D C:\Program Files (x86)\WD
2013-07-08 14:47 - 2013-07-08 14:47 - 00000000 ____D C:\Users\WEND~1\AppData\Local\Western_Digital_Technolog
2013-07-08 14:47 - 2013-07-08 14:47 - 00000000 ____D C:\Users\WEND~1\AppData\Local\Western Digital
2013-07-08 14:04 - 2013-07-08 14:04 - 00889416 _____ (Microsoft Corporation) C:\Users\Wen D\Downloads\dotNetFx40_Full_setup.exe
2013-07-08 13:33 - 2013-07-08 13:33 - 00000000 ____D C:\Windows\System32\Tasks\Western Digital
2013-07-08 11:12 - 2013-07-08 14:46 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2013-07-08 10:18 - 2013-07-08 10:18 - 00292032 _____ C:\Windows\Minidump\070813-22198-01.dmp
2013-06-30 07:42 - 2013-06-30 07:42 - 00001927 _____ C:\Users\Public\Desktop\Perfect Effects 4.lnk
2013-06-27 14:18 - 2013-06-27 14:18 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-06-27 06:22 - 2013-06-27 06:22 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-27 06:22 - 2013-06-27 06:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-27 06:22 - 2013-06-27 06:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-27 06:22 - 2013-06-27 06:22 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-26 09:45 - 2013-06-27 14:18 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-06-26 09:45 - 2013-06-27 14:18 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-06-25 07:03 - 2013-06-25 07:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-07-23 06:27 - 2013-07-23 06:27 - 00000000 ____D C:\FRST
2013-07-23 06:26 - 2009-07-13 20:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-23 06:26 - 2009-07-13 20:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-23 06:25 - 2011-01-08 15:18 - 00000000 ____D C:\Users\WEND~1\AppData\Local\Adobe
2013-07-23 06:23 - 2009-07-13 21:13 - 00783458 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-23 06:21 - 2013-07-23 06:22 - 01779447 _____ (Farbar) C:\Users\Wen D\Desktop\FRST64.exe
2013-07-23 06:21 - 2013-07-23 06:21 - 01779447 _____ (Farbar) C:\Users\Wen D\Downloads\FRST64.exe
2013-07-23 06:17 - 2012-09-30 13:41 - 00000000 ___RD C:\Users\Wen D\Dropbox
2013-07-23 06:17 - 2012-09-30 13:32 - 00000000 ____D C:\Users\Wen D\AppData\Roaming\Dropbox
2013-07-23 06:17 - 2012-07-12 18:34 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-23 06:16 - 2013-03-09 06:24 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-23 06:16 - 2010-12-21 16:55 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-23 06:16 - 2010-12-21 16:03 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-07-23 06:16 - 2010-12-21 16:03 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-07-23 06:16 - 2010-12-21 15:19 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-07-23 06:15 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-23 06:15 - 2009-07-13 20:51 - 00105532 _____ C:\Windows\setupact.log
2013-07-22 22:51 - 2009-07-13 21:10 - 01265098 _____ C:\Windows\WindowsUpdate.log
2013-07-22 22:50 - 2013-07-22 22:50 - 00000555 _____ C:\Users\Wen D\Desktop\ESETthreatlist.txt
2013-07-22 22:46 - 2013-03-09 06:24 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-22 22:08 - 2012-10-07 14:35 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960927932-507688188-3776875016-1001UA.job
2013-07-22 22:08 - 2012-04-15 07:08 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-22 21:42 - 2012-05-02 06:32 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1960927932-507688188-3776875016-1001UA.job
2013-07-22 21:42 - 2012-05-02 06:32 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1960927932-507688188-3776875016-1001Core.job
2013-07-22 20:24 - 2013-07-22 20:23 - 02347384 _____ (ESET) C:\Users\Wen D\Downloads\esetsmartinstaller_enu.exe
2013-07-22 20:16 - 2013-07-22 20:16 - 00001923 _____ C:\Users\Wen D\Desktop\AdwCleaner[s1].txt
2013-07-22 19:59 - 2010-12-21 16:53 - 00127606 _____ C:\Windows\PFRO.log
2013-07-22 19:58 - 2013-07-22 19:58 - 00001923 _____ C:\AdwCleaner[s1].txt
2013-07-22 19:51 - 2013-07-22 19:57 - 00666633 _____ C:\Users\Wen D\Desktop\AdwCleaner.exe
2013-07-22 19:51 - 2013-07-22 19:50 - 00666633 _____ C:\Users\Wen D\Downloads\AdwCleaner.exe
2013-07-22 19:38 - 2013-07-22 19:38 - 00032286 _____ C:\Users\Wen D\Desktop\JRT.txt
2013-07-22 19:27 - 2013-07-22 19:27 - 00000000 ____D C:\Windows\ERUNT
2013-07-22 19:13 - 2013-07-22 19:57 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Wen D\Desktop\JRT.exe
2013-07-22 19:13 - 2013-07-22 19:13 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Wen D\Downloads\JRT.exe
2013-07-22 18:58 - 2013-07-22 12:56 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-22 13:01 - 2013-05-22 15:14 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2013-07-22 12:52 - 2013-07-22 12:52 - 00000000 ____D C:\Users\Wen D\Downloads\mbar-1.06.0.1004
2013-07-22 12:35 - 2013-07-22 12:30 - 13399154 _____ C:\Users\Wen D\Downloads\mbar-1.06.0.1004.zip
2013-07-22 12:25 - 2013-07-22 12:17 - 00000000 ____D C:\Users\Wen D\Desktop\RK_Quarantine
2013-07-22 12:20 - 2013-07-22 12:20 - 00001997 _____ C:\Users\Wen D\Desktop\RKreport[0]_S_07222013_122018.txt
2013-07-22 11:30 - 2013-05-22 15:13 - 00000000 ____D C:\Program Files\My Dell
2013-07-22 11:30 - 2010-12-21 15:21 - 00000000 ____D C:\ProgramData\PCDr
2013-07-22 10:54 - 2013-07-22 12:16 - 03778560 _____ C:\Users\Wen D\Desktop\RogueKillerX64.exe
2013-07-22 10:54 - 2013-07-22 10:54 - 03778560 _____ C:\Users\Wen D\Downloads\RogueKillerX64.exe
2013-07-22 10:49 - 2013-07-22 10:49 - 00000000 ____D C:\Windows\ERDNT
2013-07-22 10:48 - 2013-07-22 10:48 - 00000926 _____ C:\Users\Wen D\Desktop\NTREGOPT.lnk
2013-07-22 10:48 - 2013-07-22 10:48 - 00000907 _____ C:\Users\Wen D\Desktop\ERUNT.lnk
2013-07-22 10:48 - 2013-07-22 10:48 - 00000000 ____D C:\Program Files (x86)\ERUNT
2013-07-22 10:47 - 2013-07-22 10:47 - 00791393 _____ (Lars Hederer                                                ) C:\Users\Wen D\Downloads\erunt-setup(1).exe
2013-07-22 10:44 - 2011-03-25 18:33 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C4C3D17E-3155-41F5-8DE8-C45A96ED8C2A}
2013-07-22 10:37 - 2013-07-22 10:36 - 00286824 _____ C:\Windows\Minidump\072213-23602-01.dmp
2013-07-22 10:36 - 2011-07-21 18:58 - 00000000 ____D C:\Windows\Minidump
2013-07-22 10:36 - 2011-07-21 18:57 - 1013054976 _____ C:\Windows\MEMORY.DMP
2013-07-21 09:08 - 2012-10-07 14:35 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960927932-507688188-3776875016-1001Core.job
2013-07-21 08:16 - 2013-07-21 08:16 - 00791393 _____ (Lars Hederer                                                ) C:\Users\Wen D\Downloads\erunt-setup.exe
2013-07-21 07:46 - 2013-07-21 07:46 - 00291936 _____ C:\Windows\Minidump\072113-23259-01.dmp
2013-07-20 17:20 - 2011-01-11 14:17 - 00000000 ____D C:\Users\Wen D\Documents\Camping Travel
2013-07-19 11:32 - 2011-01-11 14:16 - 00000000 ____D C:\Users\Wen D\Documents\Bills
2013-07-18 10:58 - 2011-01-17 11:35 - 00000000 ____D C:\Users\Wen D\Documents\Outlook Files
2013-07-18 10:56 - 2011-10-24 18:16 - 00000000 ____D C:\Users\WEND~1\AppData\Local\1D5AB6BD-26FA-4FB0-9CC0-8B3FD33FFBBE.aplzod
2013-07-17 07:31 - 2012-04-15 07:08 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-17 07:31 - 2012-04-15 07:08 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-17 07:31 - 2012-02-24 11:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-17 07:30 - 2013-07-17 07:30 - 17737608 _____ (Adobe Systems Incorporated) C:\Users\Wen D\Downloads\install_flash_player(1).exe
2013-07-17 07:25 - 2010-12-21 15:28 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-15 08:23 - 2012-07-12 18:35 - 00002077 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-07-14 09:49 - 2013-07-14 09:49 - 00288800 _____ C:\Windows\Minidump\071413-27019-01.dmp
2013-07-13 21:23 - 2013-07-13 21:23 - 00035047 _____ C:\Users\Wen D\Desktop\dds.txt
2013-07-13 21:23 - 2013-07-13 21:23 - 00019887 _____ C:\Users\Wen D\Desktop\attach.txt
2013-07-13 21:15 - 2013-07-13 21:15 - 00688992 ____R (Swearware) C:\Users\Wen D\Downloads\dds.scr
2013-07-13 21:08 - 2013-07-13 21:07 - 00291952 _____ C:\Windows\Minidump\071313-118389-01.dmp
2013-07-13 11:33 - 2013-07-13 11:33 - 00347424 _____ (Microsoft Corporation) C:\Users\Wen D\Downloads\MicrosoftFixit.WinSecurity.LB.147297174599745364.2.1.Run.exe
2013-07-13 10:23 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-07-13 09:49 - 2013-03-14 07:24 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-12 12:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-12 12:21 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-12 12:12 - 2010-12-21 16:55 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-12 11:44 - 2009-07-13 23:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 11:41 - 2013-03-09 06:24 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-12 11:41 - 2013-03-09 06:24 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-12 11:33 - 2011-01-07 13:04 - 00000000 ____D C:\Users\Wen D
2013-07-12 09:38 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 09:38 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-12 09:23 - 2009-07-13 20:45 - 05163232 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 09:10 - 2012-04-01 09:12 - 00777674 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-12 09:03 - 2012-10-07 14:35 - 00003882 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1960927932-507688188-3776875016-1001UA
2013-07-12 09:03 - 2012-10-07 14:35 - 00003486 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1960927932-507688188-3776875016-1001Core
2013-07-12 08:29 - 2013-07-12 08:28 - 00282808 _____ C:\Windows\Minidump\071213-75317-01.dmp
2013-07-11 13:33 - 2011-01-07 15:51 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-11 13:27 - 2011-01-16 13:19 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-11 13:21 - 2012-05-11 22:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-11 13:21 - 2012-05-11 22:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-11 13:19 - 2011-01-07 19:40 - 00000000 ____D C:\Users\Wen D\Documents\Quicken
2013-07-10 12:04 - 2011-07-10 10:47 - 00000000 ____D C:\Users\Wen D\AppData\Roaming\Mozilla
2013-07-10 07:31 - 2011-01-11 14:17 - 00000000 ____D C:\Users\Wen D\Documents\computer info
2013-07-09 14:36 - 2013-07-09 14:35 - 00292064 _____ C:\Windows\Minidump\070913-26707-01.dmp
2013-07-08 17:44 - 2013-07-08 17:44 - 00000000 ____D C:\ProgramData\MemeoCommon
2013-07-08 17:41 - 2013-07-08 17:41 - 00001186 _____ C:\Users\Public\Desktop\WD Anywhere Backup.lnk
2013-07-08 17:41 - 2013-07-08 17:41 - 00000000 ____D C:\Users\Wen D\AppData\Roaming\WD
2013-07-08 17:41 - 2013-07-08 17:41 - 00000000 ____D C:\Program Files (x86)\WD
2013-07-08 17:34 - 2011-04-15 10:19 - 00000000 ____D C:\ProgramData\Western Digital
2013-07-08 17:34 - 2011-04-15 10:19 - 00000000 ____D C:\Program Files (x86)\Western Digital
2013-07-08 14:47 - 2013-07-08 14:47 - 00000000 ____D C:\Users\WEND~1\AppData\Local\Western_Digital_Technolog
2013-07-08 14:47 - 2013-07-08 14:47 - 00000000 ____D C:\Users\WEND~1\AppData\Local\Western Digital
2013-07-08 14:46 - 2013-07-08 11:12 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2013-07-08 14:46 - 2010-12-21 15:06 - 00078278 _____ C:\Windows\DPINST.LOG
2013-07-08 14:04 - 2013-07-08 14:04 - 00889416 _____ (Microsoft Corporation) C:\Users\Wen D\Downloads\dotNetFx40_Full_setup.exe
2013-07-08 13:55 - 2011-01-22 15:01 - 00104280 _____ C:\Users\Wen D\GoToAssistDownloadHelper.exe
2013-07-08 13:33 - 2013-07-08 13:33 - 00000000 ____D C:\Windows\System32\Tasks\Western Digital
2013-07-08 10:18 - 2013-07-08 10:18 - 00292032 _____ C:\Windows\Minidump\070813-22198-01.dmp
2013-06-30 07:42 - 2013-06-30 07:42 - 00001927 _____ C:\Users\Public\Desktop\Perfect Effects 4.lnk
2013-06-30 07:23 - 2013-02-01 12:54 - 00000000 ____D C:\ProgramData\onOne Software
2013-06-30 07:22 - 2013-02-01 12:54 - 00000000 ____D C:\Program Files\onOne Software
2013-06-30 07:22 - 2013-02-01 12:54 - 00000000 ____D C:\Program Files (x86)\onOne Software
2013-06-30 07:19 - 2013-02-01 12:59 - 00000000 ____D C:\Users\Wen D\AppData\Roaming\onOne Software
2013-06-30 07:19 - 2013-02-01 12:55 - 00000000 ____D C:\Users\user\AppData\Roaming\onOne Software
2013-06-30 07:19 - 2010-12-21 15:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-27 14:18 - 2013-06-27 14:18 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-06-27 14:18 - 2013-06-26 09:45 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-06-27 14:18 - 2013-06-26 09:45 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-06-27 14:18 - 2013-03-14 07:08 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-06-27 14:18 - 2012-07-12 18:35 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-06-27 14:18 - 2012-07-12 18:34 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-06-27 06:22 - 2013-06-27 06:22 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-27 06:22 - 2013-06-27 06:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-27 06:22 - 2013-06-27 06:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-27 06:22 - 2013-06-27 06:22 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-27 06:22 - 2012-10-13 16:11 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-27 06:22 - 2010-12-21 15:05 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-27 06:13 - 2012-04-25 06:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-25 07:03 - 2013-06-25 07:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-25 06:13 - 2011-01-07 13:04 - 00000000 ___RD C:\Users\Wen D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-06-25 06:12 - 2012-09-30 13:41 - 00001023 _____ C:\Users\Wen D\Desktop\Dropbox.lnk
2013-06-25 06:12 - 2012-09-30 13:33 - 00000000 ____D C:\Users\Wen D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-06-25 06:06 - 2009-07-13 21:08 - 00032642 _____ C:\Windows\Tasks\SCHEDLGU.TXT

Files to move or delete:
====================
C:\Users\Wen D\GoToAssistDownloadHelper.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-13 10:14

==================== End Of Log ============================

Addition.txt

Link to post
Share on other sites

One more question...I just was doing a quick preview of the video as I eat breakfast...

Under the Change Parameters menu, then Additional Options, do I select both ? It says to only select those requested by the person helping you...

:)  thanks!

Link to post
Share on other sites

Realized I forgot the important one, because this one had found threats...the ESET scan:

 

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe    a variant of Win32/HiddenStart.A application
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe    a variant of Win32/HiddenStart.A application
C:\Users\Wen D\Downloads\cbsidlm-tr1_10a-NexusFont-ORG-10861616.exe    Win32/DownloadAdmin.G application
C:\Users\Wen D\Downloads\photostory_on_cd_dvd_10_deluxe_799mb_us.exe    a variant of Win32/Bundled.Toolbar.Ask application
C:\Users\Wen D\Downloads\Saved Downloads\FreeVideoFlipAndRotate.exe    Win32/OpenCandy application
 

I ran the tdsskiller, and it came up clean. 

 

Thanks

Link to post
Share on other sites

  • Root Admin

The files found by ESET are okay except I'd go ahead and delete this one.

C:\Users\Wen D\Downloads\Saved Downloads\FreeVideoFlipAndRotate.exe

 

How is the computer running now?

 

Next, download Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


 

Link to post
Share on other sites

I'm getting ready to leave for appointments so I'll try and work on this tonight...since yesterday the computer is doing ok.  I had a BSOD when I shut down the day before yesterday, and one when I shut down the day before that, but nothing yet, which is probably too soon to say...   :) 

Thanks!

Link to post
Share on other sites

Couldn't run it last night, my fault, not computers, so I ran it this morning..BSOD in the middle.

System_service_exception 0x3b

Should I try to run again?

Link to post
Share on other sites

I found some instructions for Dell Diagnostics... It's running a Pre-boot memory scan right now, but I'm not sure what else it will test yet. It found no problems on the first part and asked if I wanted to continue, which would take about 30 min to complete so I said yes, and its running now. Let me know if I should pursue I different method and meanwhile I'll see what this comes up with.

Thanks!

Link to post
Share on other sites

It had a choice and I chose the extended, not being sure which specific thing to test for. I'm still in the middle of it..

I've had a couple fails so far, although the first one was for the video and I'm not sure if I failed it incorrectly. The colors didn't show up correctly on a few screens and some other patterns that showed up I said were correct only because I didn't know what was correct and what wasn't.

I also had a keyboard failure for my right ALT key, error code 2c00:001c.

It looks like it just finished running a test on the drive now...it says device it's testing is SATA Disk

It just said: No problems have been found with this drive so far. Now the remainder of the media surface will be scanned for errors and will take about 87 min. Do you want to continue?

I'm saying yes to that.

Does this sound like the scan/test you are looking for?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.