Jump to content

msseces.exe the application was unable to start correctly


Recommended Posts

When I start my computer up I've been getting this message

 

msseces.exe - Application Error

 

The application was unable to start correctly (0xc000007b). Click OK to close the application.

 

This is in regards to Microsoft Security Essentials as it will not start, and thus I have no anti-virus protection. Assistance with this would be greatly appreciated.

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16635  BrowserJavaVersion: 1.6.0_33
Run by Jeremy at 3:02:04 on 2013-07-30
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6057.1085 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Thread Manager\ThreadManager.exe
C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.44.exe
C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher\xulrunner\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
D:\- Jeremy\- Programs\- Website Tools\- Bots\HitLeap Viewer\HitLeap Viewer\core\control\hitleap-viewer.exe
C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
C:\Program Files (x86)\Share YouTube Videos\Share YouTube Videos.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
C:\Windows\system32\calc.exe
C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
D:\- Jeremy\- Programs\- Website Tools\- Bots\HitLeap Viewer\HitLeap Viewer\core\control\..\cef\hitleap-viewer-browser.exe
D:\- Jeremy\- Programs\- Website Tools\- Bots\HitLeap Viewer\HitLeap Viewer\core\cef\hitleap-viewer-browser.exe
D:\- Jeremy\- Programs\- Website Tools\- Bots\HitLeap Viewer\HitLeap Viewer\core\cef\hitleap-viewer-browser.exe
D:\- Jeremy\- Programs\- Website Tools\- Bots\HitLeap Viewer\HitLeap Viewer\core\cef\hitleap-viewer-browser.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = <local>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [ThreadManager.exe] C:\Program Files (x86)\Thread Manager\ThreadManager.exe
mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.



TCP: NameServer = 208.59.247.45 208.59.247.46
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{FF1B28AD-68A0-41A8-9CB9-D47A0A08BBC4} : DHCPNameServer = 208.59.247.45 208.59.247.46
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey



x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-06-20 19:58; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF - ExtSQL: 2013-06-28 05:43; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF - ExtSQL: 2013-07-04 21:29; {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}; C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
FF - ExtSQL: !HIDDEN! 2012-10-08 22:35; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 10354613;10354613;C:\Windows\System32\drivers\10354613.sys [2013-7-2 460888]
R0 24441005;24441005;C:\Windows\System32\drivers\24441005.sys [2013-7-1 460888]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-1-20 55856]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-2-3 283200]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-4-29 169752]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-12-13 342528]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-20 539240]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-12-16 202632]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;C:\Windows\System32\drivers\CM10664.sys [2009-9-30 1307648]
R3 VSTWinDriver6;VSTWinDriver6;C:\Windows\System32\drivers\VSTwindrvr6.sys [2008-7-3 252928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [2012-8-21 29288]
S3 CompFilter64;UVCCompositeFilter;C:\Windows\System32\drivers\lvbflt64.sys [2012-1-18 25632]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
S3 LVUVC64;Logitech HD Webcam C510(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-25 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-25 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-25 30208]
S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
S4 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624]
.
=============== File Associations ===============
.
FileExt: .js: Applications\notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]
.
=============== Created Last 30 ================
.
2013-07-27 09:56:49    76232    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{629ACCC5-39EC-46D1-90EB-88B3E4375B1F}\offreg.dll
2013-07-26 12:53:47    9460976    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{629ACCC5-39EC-46D1-90EB-88B3E4375B1F}\mpengine.dll
2013-07-23 06:41:59    392704    ----a-w-    C:\Windows\System32\MpClient.dll
2013-07-23 03:41:08    --------    d-----w-    C:\Windows\System32\MRT
2013-07-22 10:21:10    9460976    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A2BD1B85-780A-4105-B6B2-52D9DE70FB97}\mpengine.dll
2013-07-21 03:00:06    --------    d-----w-    C:\Program Files (x86)\Share YouTube Videos
2013-07-19 10:33:09    --------    d-----w-    C:\ProgramData\Temporary
2013-07-17 02:11:29    941720    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0881CEB4-359E-4A9A-8B66-523C5BD30F91}\gapaengine.dll
2013-07-10 09:39:23    9216    ----a-w-    C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-09 08:13:26    --------    d-----w-    C:\Program Files (x86)\Universal Audio
2013-07-09 08:13:18    557056    ----a-w-    C:\Windows\SysWow64\HypGui.dll
2013-07-09 08:13:17    153088    ----a-w-    C:\UNWISE.EXE
2013-07-05 04:28:56    --------    d-----w-    C:\Users\Jeremy\AppData\Roaming\iZotope
2013-07-05 01:57:47    --------    d-----w-    C:\Program Files (x86)\iZotope
2013-07-04 23:14:43    --------    d-----w-    C:\ProgramData\InstallMate
2013-07-03 02:08:01    460888    ----a-w-    C:\Windows\System32\drivers\10354613.sys
2013-07-02 18:25:19    --------    d-----w-    C:\Users\Jeremy\AppData\Roaming\DG
2013-07-02 18:25:07    --------    d-----w-    C:\Program Files (x86)\Thread Manager
2013-07-01 08:15:14    460888    ----a-w-    C:\Windows\System32\drivers\24441005.sys
.
==================== Find3M  ====================
.
2013-07-14 02:12:15    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-14 02:12:15    692104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-11 23:43:37    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00    2877440    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58    61440    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58    109056    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20    2241024    ----a-w-    C:\Windows\System32\wininet.dll
2013-06-11 23:25:16    3958784    ----a-w-    C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13    67072    ----a-w-    C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58    89600    ----a-w-    C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-06-05 03:34:27    3153920    ----a-w-    C:\Windows\System32\win32k.sys
2013-06-04 06:00:13    624128    ----a-w-    C:\Windows\System32\qedit.dll
2013-06-04 04:53:07    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2013-05-13 05:51:01    184320    ----a-w-    C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00    1464320    ----a-w-    C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00    139776    ----a-w-    C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40    52224    ----a-w-    C:\Windows\System32\certenc.dll
2013-05-13 04:45:55    140288    ----a-w-    C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55    1160192    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55    103936    ----a-w-    C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55    1192448    ----a-w-    C:\Windows\System32\certutil.exe
2013-05-13 03:08:10    903168    ----a-w-    C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06    43008    ----a-w-    C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27    30720    ----a-w-    C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54    24576    ----a-w-    C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01    1910632    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-05-06 06:03:49    1887744    ----a-w-    C:\Windows\System32\WMVDECOD.DLL
2013-05-06 04:56:35    1620480    ----a-w-    C:\Windows\SysWow64\WMVDECOD.DLL
2013-05-02 06:06:08    278800    ------w-    C:\Windows\System32\MpSigStub.exe
2013-05-01 07:59:12    94208    ----a-w-    C:\Windows\SysWow64\QuickTimeVR.qtx
2013-05-01 07:59:12    69632    ----a-w-    C:\Windows\SysWow64\QuickTime.qts
.
============= FINISH:  3:03:51.32 ===============
 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2/2/2012 9:17:09 PM
System Uptime: 7/29/2013 2:27:35 AM (25 hours ago)
.
Motherboard: Dell Inc. |  | 0GDG8Y       
Processor: Intel® Core i5-2320 CPU @ 3.00GHz | CPU 1 | 3001/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 334.584 GiB free.
D: is FIXED (NTFS) - 932 GiB total, 177.685 GiB free.
E: is FIXED (NTFS) - 932 GiB total, 57.882 GiB free.
F: is FIXED (NTFS) - 2795 GiB total, 1137.41 GiB free.
G: is Removable
O: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP366: 7/25/2013 8:39:02 AM - Restore Operation
RP367: 7/26/2013 8:53:10 AM - Windows Update
RP368: 7/29/2013 2:38:06 AM - Revo Uninstaller's restore point - Celemony Melodyne Plugin VST RTAS v1.0
RP369: 7/29/2013 2:41:40 AM - Windows Update
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer
7-Zip 9.20 (x64 edition)
AAMS Auto Audio Mastering System V2.5
Adobe AIR
Adobe Audition 1.5
Adobe Audition 3.0
Adobe Audition 3.0 Vista Compatibility
Adobe Community Help
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS5.1
Adobe Premiere Elements 10
Adobe Premiere Elements 10 Content
Adobe Premiere Elements 10 Content 1
Adobe Premiere Elements 10 Content 2
Adobe Premiere Elements 10 Content 3
Adobe Premiere Elements 10 HD Content 1
Adobe Premiere Elements 10 HD Content 2
Adobe Premiere Elements 10 HD Content 3
Adobe Reader X (10.1.7)
AIM for Windows
AIPL WarmTone DX v2.2
Antares Autotune VST v5.09
Antares Microphone Modeler - ZONE
Apple Application Support
Apple Software Update
ASIO4ALL
Audacity 2.0.3
Blaine's Alias Title
Blaine's Bloom/Negative Effects
Blaine's Cartoonify Effects
Blaine's Color Fade Effects
Blaine's Contrast Effects
Blaine's Custom Dreamy Look Title
Blaine's Custom Speed Effects
Blaine's Film Looks Effects
Blaine's Letterbox Effects
Blaine's Pixelate Effects
Blaine's TV Signal Effects
CameraHelperMsi
Canon PowerShot ELPH 110 HS_IXUS 125 HS Camera User Guide
Canon Utilities CameraWindow DC 8
Canon Utilities ImageBrowser EX
Canon Utilities PhotoStitch
CCleaner
CDBurnerXP
ClickFix Lite for Adobe Audition version 3.04 (remove only)
Conexant HD Audio
ContaCam
D3DX10
DAEMON Tools Lite
Dell Edoc Viewer
Dropbox
Elements 10 Organizer
erLT
EULAlyzer 2.2
Facebook Video Calling 1.2.0.159
FastStone Capture 6.8
FileZilla Client 3.7.1
foobar2000 v1.1.10
Free MIDI to MP3 Converter 1.0
FreeUndelete 2.1.36867.1
GEAR driver installer for AMD64 and Intel EM64T
GetDataBack for NTFS
Google Chrome
Google Update Helper
HandBrake 0.9.5
HP Imaging Device Functions 13.0
HP Photosmart Essential 3.5
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
HP Smart Web Printing 4.51
HP Solution Center 13.0
Intel® Processor Graphics
Intel® SDK for OpenCL - CPU Only Runtime Package
IrfanView (remove only)
Java Auto Updater
Java 6 Update 27 (64-bit)
Java 6 Update 33
JDownloader 0.9
Junk Mail filter update
K-Lite Codec Pack 8.2.0 (Standard)
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.70.0.1100
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
MixMeister Studio 7.2.2
Movie Maker 6.0 for Windows 7 (64-bit)
Moyea FLV to Video Converter Pro version 1.29.2.11
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Network64
OCR Software by I.R.I.S. 13.0
OLYMPUS Master 2
PDF Settings CS5
Picasa 3
PlayReady PC Runtime x86
PRE10STI64Installer
QuickTime
Rapture 1.2.2
Sandboxie 3.76 (64-bit)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Share YouTube Videos version 1
Simple Search-Replace
Skype™ 6.1
SmartSound Common Data
SmartSound Premiere Elements 10 x64 Plugin
SmartSound Sonicfire Pro 5
SONAR X2 Producer x64
SpywareBlaster 5.0
SUPERAntiSpyware
Thread Manager 2.4.0.0
Tube Increaser version 5.0.0
Universal Audio v4.4.0 Native
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.6
Waves Complete V9r1
Waves Mercury Bundle
Waves SSL Collection v1.2
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series x64 Edition
WinRAR 4.20 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
7/29/2013 2:28:18 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.
7/29/2013 2:28:18 AM, Error: Service Control Manager [7000]  - The Microsoft Antimalware Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
7/29/2013 2:27:45 AM, Error: Application Popup [1060]  - \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
7/23/2013 10:18:25 PM, Error: Service Control Manager [7043]  - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
7/23/2013 1:53:25 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Security Essentials - 4.3.215.0 (KB2855265).
7/23/2013 1:49:44 AM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.      Feature: Network Inspection System      Error Code: 0x80004004      Error description: Operation aborted       Reason: The system is missing updates that are required for running Network Inspection System.  Install the required updates and restart the computer.
.
==== End Of File ===========================
 

 

 

Link to post
Share on other sites

  • Replies 135
  • Created
  • Last Reply

Top Posters In This Topic

  • Root Admin

Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.


 

 

 

Next, Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.


 

Thanks

Link to post
Share on other sites

RogueKiller V8.6.4 _x64_ [Jul 29 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Jeremy [Admin rights]
Mode : Scan -- Date : 07/30/2013 04:02:28
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 20 ¤¤¤
[sERVICE][ROGUE ST] HKLM\[...]\CCSet\[...]\Services : 10354613 (C:\Windows\system32\DRIVERS\10354613.sys [7]) -> FOUND
[sERVICE][ROGUE ST] HKLM\[...]\CCSet\[...]\Services : 24441005 (C:\Windows\system32\DRIVERS\24441005.sys [7]) -> FOUND
[sERVICE][ROGUE ST] HKLM\[...]\CS001\[...]\Services : 10354613 (C:\Windows\system32\DRIVERS\10354613.sys [7]) -> FOUND
[sERVICE][ROGUE ST] HKLM\[...]\CS001\[...]\Services : 24441005 (C:\Windows\system32\DRIVERS\24441005.sys [7]) -> FOUND
[sERVICE][ROGUE ST] HKLM\[...]\CS002\[...]\Services : 10354613 (C:\Windows\system32\DRIVERS\10354613.sys [7]) -> FOUND
[sERVICE][ROGUE ST] HKLM\[...]\CS002\[...]\Services : 24441005 (C:\Windows\system32\DRIVERS\24441005.sys [7]) -> FOUND
[DNS] HKLM\[...]\CCSet\[...]\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer (107.6.133.8,23.23.180.210) -> FOUND
[DNS] HKLM\[...]\CS001\[...]\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer (107.6.133.8,23.23.180.210) -> FOUND
[DNS] HKLM\[...]\CS002\[...]\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer (107.6.133.8,23.23.180.210) -> FOUND
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD103UJ ATA Device +++++
--- User ---
[MBR] bcc1727eb4d27fb881a41e96255b5396
[bSP] beac72b8fa020a816c05c3802bf54d68 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SAMSUNG HD103UJ ATA Device +++++
--- User ---
[MBR] 960ee0263e7e86714a4c1b9dca087975
[bSP] 1a5f2db44097e7f4dc4ae1dda7b13ac3 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15166 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31141888 | Size: 461733 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: SAMSUNG HD103UJ ATA Device +++++
--- User ---
[MBR] fb6d4d6cac98078e792dd36a5bef8afe
[bSP] db4753ad11c4e1c11c05d6019087945e : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive3: SAMSUNG HD103UJ ATA Device +++++
--- User ---
[MBR] 2dd27a2bd9b0b305e974b4defc45b985
[bSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8192 | Size: 15189 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[0]_S_07302013_040228.txt >>


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-07-2013 03
Ran by Jeremy (administrator) on 30-07-2013 04:05:30
Running from C:\Users\Jeremy\Desktop\msseces.exe
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] (Microsoft Corporation)
HKLM\...\InprocServer32: [Default-cscui]  <==== ATTENTION!
HKCU\...\Run: [ThreadManager.exe] - C:\Program Files (x86)\Thread Manager\ThreadManager.exe [12322584 2013-07-10] (Digital Generation Inc.)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]107.6.133.8,23.23.180.210

FireFox:
========
FF ProfilePath: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default
FF NewTab: about:blank
FF SelectedSearchEngine: Google

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Jeremy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Jeremy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Jeremy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Extension: No Name - C:\Users\Jeremy\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: iMacros for Firefox - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
FF Extension: DownloadHelper - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: goParentFolder - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\goParentFolder@alice.xpi
FF Extension: showParentFolder - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\showParentFolder@alice.xpi
FF Extension: No Name - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
FF Extension: No Name - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: No Name - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======

CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 6 U33) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.330.3) - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u00C3\u201A\u00E2\u201E\u00A2 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (Easy Auto Refresh) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc\2.9_0
CHR Extension: (YouTube) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Nanny for Google Chrome ) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cljcgchbnolheggdgaeclffeagnnmhno\0.993_0
CHR Extension: (Google Search) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (iMacros for Chrome) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\6.0.6_0
CHR Extension: (Website Blocker (Beta)) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.0_0
CHR Extension: (Better Pop Up Blocker) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0
CHR Extension: (Gmail) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [egnimkioipookhfihpljiedpgjffibpa] - C:\Program Files (x86)\MyBrowserCash\MBC_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Jeremy\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-04-20] (Adobe Systems)
S4 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-12-16] (SANDBOXIE L.T.D)
S2 SkypeUpdate; "C:\Program Files (x86)\Skype\Updater\Updater.exe" [x]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [x]

==================== Drivers (Whitelisted) ====================

R0 10354613; C:\Windows\System32\DRIVERS\10354613.sys [460888 2013-07-02] (Kaspersky Lab ZAO)
R0 24441005; C:\Windows\System32\DRIVERS\24441005.sys [460888 2013-07-01] (Kaspersky Lab ZAO)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [29288 2010-12-24] (Wondershare)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-03] (DT Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S3 pfc; C:\Windows\SysWow64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-12-16] (SANDBOXIE L.T.D)
R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-09-30] (C-Media Electronics Inc)
R3 VSTWinDriver6; C:\Windows\System32\drivers\VSTwindrvr6.sys [252928 2008-07-03] (Jungo)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U3 DfSdkS;
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [x]
S3 pfc; system32\drivers\pfc.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-30 04:05 - 2013-07-30 04:05 - 00000000 ____D C:\FRST
2013-07-30 04:01 - 2013-07-30 04:05 - 00000000 ____D C:\Users\Jeremy\Desktop\RK_Quarantine
2013-07-30 03:01 - 2013-07-30 04:04 - 00000000 ____D C:\Users\Jeremy\Desktop\msseces.exe
2013-07-27 05:40 - 2013-07-27 05:40 - 00000307 _____ C:\Users\Jeremy\vst_perfect_declipper.ini
2013-07-23 22:35 - 2013-07-23 22:35 - 00003456 ____N C:\bootsqm.dat
2013-07-23 04:47 - 2013-07-30 03:02 - 00000000 ____D C:\Users\Jeremy\Desktop\RAW
2013-07-23 02:41 - 2013-07-23 02:42 - 00392704 _____ (Microsoft Corporation) C:\Windows\system32\MpClient.dll
2013-07-22 23:41 - 2013-07-22 23:43 - 00000000 ____D C:\Windows\system32\MRT
2013-07-20 09:04 - 2013-07-20 09:04 - 03732364 _____ C:\Users\Jeremy\Documents\vlc-record-2013-07-20-09h04m34s-Tape 2.mpeg-.ts
2013-07-20 07:29 - 2013-07-26 02:34 - 00000000 ____D C:\Users\Jeremy\Desktop\TNA
2013-07-19 06:40 - 2013-07-19 09:37 - 00000000 ____D C:\Users\Jeremy\Documents\MelodynePlugin
2013-07-19 06:33 - 2013-07-19 06:33 - 00000000 ____D C:\ProgramData\Temporary
2013-07-19 05:49 - 2013-07-19 05:49 - 00003410 _____ C:\Windows\System32\Tasks\{D772732B-A5AA-4D31-9DA1-B634EED39C1E}
2013-07-16 00:48 - 2013-07-16 01:01 - 1183654580 _____ C:\Users\Jeremy\Desktop\Hiccup Fun.m2t
2013-07-15 08:21 - 2013-07-15 08:21 - 00000083 _____ C:\Users\Jeremy\Desktop\Hiccups.txt
2013-07-15 01:55 - 2013-07-16 01:01 - 00125288 _____ C:\Users\Jeremy\Desktop\Hiccup Fun.m2t.xmpses
2013-07-15 01:28 - 2013-07-15 08:21 - 00000000 ____D C:\Users\Jeremy\Desktop\Hiccups
2013-07-12 06:25 - 2013-07-12 06:25 - 00000027 _____ C:\Users\Jeremy\Desktop\Lost Arm.txt
2013-07-10 07:06 - 2013-06-11 19:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 07:06 - 2013-06-11 19:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 07:06 - 2013-06-11 19:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 07:06 - 2013-06-11 19:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 07:06 - 2013-06-11 19:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 07:06 - 2013-06-11 19:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 07:06 - 2013-06-11 19:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 07:06 - 2013-06-11 19:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 07:06 - 2013-06-11 19:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 07:06 - 2013-06-11 19:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-10 07:06 - 2013-06-11 19:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-10 07:06 - 2013-06-11 19:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-10 07:06 - 2013-06-11 19:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-10 07:06 - 2013-06-11 19:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 07:06 - 2013-06-11 19:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 07:06 - 2013-06-11 19:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 07:06 - 2013-06-11 19:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 07:06 - 2013-06-11 19:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-10 07:06 - 2013-06-11 18:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 07:06 - 2013-06-11 18:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 07:06 - 2013-06-06 23:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 07:06 - 2013-06-06 22:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 05:39 - 2013-06-04 23:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 05:39 - 2013-06-04 02:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 05:39 - 2013-06-04 00:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 05:39 - 2013-05-06 02:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 05:39 - 2013-05-06 00:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 05:39 - 2013-04-09 19:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 05:39 - 2013-04-02 18:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-09 04:13 - 2013-07-09 04:13 - 00011311 _____ C:\INSTALL.LOG
2013-07-09 04:13 - 2013-07-09 04:13 - 00000000 ____D C:\Program Files (x86)\Universal Audio
2013-07-09 04:13 - 2006-09-12 16:20 - 00557056 _____ (Hyperactive Audio Systems, Inc.) C:\Windows\SysWOW64\HypGui.dll
2013-07-09 04:13 - 2002-07-26 17:02 - 00153088 _____ C:\UNWISE.EXE
2013-07-09 04:12 - 2006-09-22 21:07 - 02600164 _____ C:\Users\Jeremy\AppData\Local\TempMediaPlay.wav
2013-07-09 01:50 - 2013-07-09 01:50 - 05146725 _____ (MuRKuT Bilişim Teknolojileri) C:\Users\Jeremy\Downloads\MuRKuT (4).exe
2013-07-09 00:42 - 2013-07-09 00:42 - 05146725 _____ (MuRKuT Bilişim Teknolojileri) C:\Users\Jeremy\Downloads\MuRKuT (3).exe
2013-07-09 00:08 - 2013-07-09 00:08 - 05146725 _____ (MuRKuT Bilişim Teknolojileri) C:\Users\Jeremy\Downloads\MuRKuT (2).exe
2013-07-08 12:05 - 2013-07-08 12:05 - 05146725 _____ (MuRKuT Bilişim Teknolojileri) C:\Users\Jeremy\Downloads\MuRKuT (1).exe
2013-07-07 20:17 - 2013-07-27 02:30 - 00000000 ____D C:\Users\Jeremy\Desktop\Smackdown
2013-07-05 00:28 - 2013-07-05 00:28 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\iZotope
2013-07-04 21:57 - 2013-07-05 00:26 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iZotope
2013-07-04 21:57 - 2013-07-04 21:57 - 00000000 ____D C:\Program Files (x86)\iZotope
2013-07-04 19:14 - 2013-07-04 19:14 - 00000000 ____D C:\ProgramData\InstallMate
2013-07-04 03:23 - 2013-07-04 03:24 - 00000115 _____ C:\Users\Jeremy\Desktop\Songs that need editing.txt
2013-07-02 22:08 - 2013-07-02 20:12 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\10354613.sys
2013-07-02 14:25 - 2013-07-25 10:47 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\DG
2013-07-02 14:25 - 2013-07-10 07:33 - 00000000 ____D C:\Program Files (x86)\Thread Manager
2013-07-02 14:25 - 2013-07-02 14:25 - 00000856 _____ C:\Users\Public\Desktop\Thread Manager.lnk
2013-07-01 04:15 - 2013-07-01 08:13 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\24441005.sys

==================== One Month Modified Files and Folders =======

2013-07-30 04:05 - 2013-07-30 04:05 - 00000000 ____D C:\FRST
2013-07-30 04:05 - 2013-07-30 04:01 - 00000000 ____D C:\Users\Jeremy\Desktop\RK_Quarantine
2013-07-30 04:04 - 2013-07-30 03:01 - 00000000 ____D C:\Users\Jeremy\Desktop\msseces.exe
2013-07-30 03:51 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-30 03:51 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-30 03:49 - 2013-05-10 04:20 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-30 03:44 - 2012-11-05 20:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-30 03:44 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-30 03:44 - 2009-07-14 00:51 - 00071808 _____ C:\Windows\setupact.log
2013-07-30 03:42 - 2012-01-20 18:32 - 01890178 _____ C:\Windows\WindowsUpdate.log
2013-07-30 03:18 - 2012-11-05 20:50 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-30 03:02 - 2013-07-23 04:47 - 00000000 ____D C:\Users\Jeremy\Desktop\RAW
2013-07-30 02:42 - 2012-02-03 05:22 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\foobar2000
2013-07-29 02:35 - 2012-02-03 05:04 - 00000548 _____ C:\Users\Jeremy\Desktop\Cue Up.txt
2013-07-29 02:27 - 2010-11-20 23:47 - 00113106 _____ C:\Windows\PFRO.log
2013-07-28 08:23 - 2012-02-03 01:20 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-07-27 05:40 - 2013-07-27 05:40 - 00000307 _____ C:\Users\Jeremy\vst_perfect_declipper.ini
2013-07-27 05:40 - 2012-02-02 22:17 - 00000000 ____D C:\Users\Jeremy
2013-07-27 02:30 - 2013-07-07 20:17 - 00000000 ____D C:\Users\Jeremy\Desktop\Smackdown
2013-07-26 04:18 - 2012-02-03 04:04 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\vlc
2013-07-26 02:34 - 2013-07-20 07:29 - 00000000 ____D C:\Users\Jeremy\Desktop\TNA
2013-07-25 22:30 - 2012-12-06 05:09 - 00000132 _____ C:\Users\Jeremy\AppData\Roaming\Adobe AIFF Format CS5 Prefs
2013-07-25 10:48 - 2012-10-18 06:18 - 00000000 ____D C:\Windows\pss
2013-07-25 10:48 - 2010-11-21 03:06 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-07-25 10:48 - 2010-11-21 03:06 - 00000000 ____D C:\Windows\system32\winrm
2013-07-25 10:47 - 2013-07-02 14:25 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\DG
2013-07-25 10:47 - 2013-05-14 09:46 - 00000000 ____D C:\Users\Jeremy\Desktop\Market
2013-07-25 10:47 - 2013-04-15 03:33 - 00000000 ____D C:\Users\Jeremy\AppData\Local\A
2013-07-25 10:47 - 2012-05-01 05:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-07-25 10:47 - 2012-02-03 00:20 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-07-25 10:47 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2013-07-23 22:35 - 2013-07-23 22:35 - 00003456 ____N C:\bootsqm.dat
2013-07-23 14:27 - 2012-05-10 08:02 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\FileZilla
2013-07-23 02:55 - 2012-02-02 22:22 - 00111952 _____ C:\Users\Jeremy\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-23 02:45 - 2009-07-14 00:45 - 04979048 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-23 02:42 - 2013-07-23 02:41 - 00392704 _____ (Microsoft Corporation) C:\Windows\system32\MpClient.dll
2013-07-23 01:53 - 2012-02-03 00:23 - 00002106 _____ C:\Windows\epplauncher.mif
2013-07-22 23:43 - 2013-07-22 23:41 - 00000000 ____D C:\Windows\system32\MRT
2013-07-22 23:40 - 2011-02-10 12:10 - 00823286 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-22 23:40 - 2009-07-14 01:13 - 00823286 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-21 09:50 - 2012-02-25 05:54 - 00000132 _____ C:\Users\Jeremy\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-07-20 09:04 - 2013-07-20 09:04 - 03732364 _____ C:\Users\Jeremy\Documents\vlc-record-2013-07-20-09h04m34s-Tape 2.mpeg-.ts
2013-07-20 04:44 - 2012-02-02 22:22 - 00000000 _RSHD C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-19 09:37 - 2013-07-19 06:40 - 00000000 ____D C:\Users\Jeremy\Documents\MelodynePlugin
2013-07-19 06:33 - 2013-07-19 06:33 - 00000000 ____D C:\ProgramData\Temporary
2013-07-19 05:52 - 2013-06-09 19:21 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2013-07-19 05:49 - 2013-07-19 05:49 - 00003410 _____ C:\Windows\System32\Tasks\{D772732B-A5AA-4D31-9DA1-B634EED39C1E}
2013-07-16 01:01 - 2013-07-16 00:48 - 1183654580 _____ C:\Users\Jeremy\Desktop\Hiccup Fun.m2t
2013-07-16 01:01 - 2013-07-15 01:55 - 00125288 _____ C:\Users\Jeremy\Desktop\Hiccup Fun.m2t.xmpses
2013-07-15 08:21 - 2013-07-15 08:21 - 00000083 _____ C:\Users\Jeremy\Desktop\Hiccups.txt
2013-07-15 08:21 - 2013-07-15 01:28 - 00000000 ____D C:\Users\Jeremy\Desktop\Hiccups
2013-07-13 22:12 - 2013-05-10 04:20 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-13 22:12 - 2013-05-10 04:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-13 22:12 - 2013-05-10 04:20 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-13 22:12 - 2012-02-03 03:56 - 00000000 ____D C:\Users\Jeremy\AppData\Local\Adobe
2013-07-12 07:50 - 2012-02-26 02:36 - 00000023 _____ C:\Users\Jeremy\Documents\tempFolderPath.dat
2013-07-12 06:25 - 2013-07-12 06:25 - 00000027 _____ C:\Users\Jeremy\Desktop\Lost Arm.txt
2013-07-11 23:13 - 2012-11-05 20:50 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-11 23:13 - 2012-11-05 20:50 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-11 02:16 - 2013-06-09 20:13 - 00000000 ____D C:\Program Files (x86)\Waves
2013-07-11 02:16 - 2012-02-03 05:12 - 00000000 ____D C:\Program Files (x86)\Steinberg
2013-07-10 07:34 - 2013-03-13 07:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-10 07:34 - 2013-03-13 07:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-10 07:33 - 2013-07-02 14:25 - 00000000 ____D C:\Program Files (x86)\Thread Manager
2013-07-10 07:33 - 2010-11-21 03:17 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 07:33 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 07:33 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 07:07 - 2012-02-03 08:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-09 04:13 - 2013-07-09 04:13 - 00011311 _____ C:\INSTALL.LOG
2013-07-09 04:13 - 2013-07-09 04:13 - 00000000 ____D C:\Program Files (x86)\Universal Audio
2013-07-09 01:50 - 2013-07-09 01:50 - 05146725 _____ (MuRKuT Bilişim Teknolojileri) C:\Users\Jeremy\Downloads\MuRKuT (4).exe
2013-07-09 00:42 - 2013-07-09 00:42 - 05146725 _____ (MuRKuT Bilişim Teknolojileri) C:\Users\Jeremy\Downloads\MuRKuT (3).exe
2013-07-09 00:08 - 2013-07-09 00:08 - 05146725 _____ (MuRKuT Bilişim Teknolojileri) C:\Users\Jeremy\Downloads\MuRKuT (2).exe
2013-07-08 12:05 - 2013-07-08 12:05 - 05146725 _____ (MuRKuT Bilişim Teknolojileri) C:\Users\Jeremy\Downloads\MuRKuT (1).exe
2013-07-05 00:28 - 2013-07-05 00:28 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\iZotope
2013-07-05 00:26 - 2013-07-04 21:57 - 00000000 ____D C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iZotope
2013-07-04 21:57 - 2013-07-04 21:57 - 00000000 ____D C:\Program Files (x86)\iZotope
2013-07-04 21:57 - 2013-06-09 19:21 - 00000000 ____D C:\Program Files\Common Files\VST3
2013-07-04 19:14 - 2013-07-04 19:14 - 00000000 ____D C:\ProgramData\InstallMate
2013-07-04 03:24 - 2013-07-04 03:23 - 00000115 _____ C:\Users\Jeremy\Desktop\Songs that need editing.txt
2013-07-03 18:33 - 2012-05-02 21:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-03 07:04 - 2013-04-11 20:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 20:12 - 2013-07-02 22:08 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\10354613.sys
2013-07-02 15:04 - 2013-05-01 05:21 - 00002272 _____ C:\Windows\Sandboxie.ini
2013-07-02 14:25 - 2013-07-02 14:25 - 00000856 _____ C:\Users\Public\Desktop\Thread Manager.lnk
2013-07-02 13:23 - 2013-06-28 10:41 - 00003980 _____ C:\Windows\System32\Tasks\Open URL by RoboForm
2013-07-01 08:13 - 2013-07-01 04:15 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\24441005.sys
2013-07-01 01:46 - 2013-05-18 03:05 - 00000000 ____D C:\ProgramData\Kaspersky Lab

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-22 20:44

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-07-2013 03
Ran by Jeremy at 2013-07-30 04:07:11
Running from C:\Users\Jeremy\Desktop\msseces.exe
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
 Update for Microsoft Office 2007 (KB2508958) (x32)
64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
AAMS Auto Audio Mastering System V2.5 (x32)
Adobe AIR (x32 Version: 2.6.0.19140)
Adobe AIR (x32 Version: 3.6.0.6090)
Adobe Audition 1.5 (x32 Version: 1.5)
Adobe Audition 3.0 (x32 Version: 3.0)
Adobe Audition 3.0 Vista Compatibility
Adobe Community Help (x32 Version: 3.5.23)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Photoshop CS5.1 (x32 Version: 12.1)
Adobe Premiere Elements 10 (Version: 10.0)
Adobe Premiere Elements 10 Content (x32 Version: 10.0)
Adobe Premiere Elements 10 Content 1 (x32 Version: 10.0)
Adobe Premiere Elements 10 Content 2 (x32 Version: 10.0)
Adobe Premiere Elements 10 Content 3 (x32 Version: 10.0)
Adobe Premiere Elements 10 HD Content 1 (x32 Version: 10.0)
Adobe Premiere Elements 10 HD Content 2 (x32 Version: 10.0)
Adobe Premiere Elements 10 HD Content 3 (x32 Version: 10.0)
Adobe Reader X (10.1.7) (x32 Version: 10.1.7)
AIM for Windows (HKCU)
AIPL WarmTone DX v2.2 (x32)
Antares Autotune VST v5.09 (x32)
Antares Microphone Modeler - ZONE (x32)
Apple Application Support (x32 Version: 2.3.4)
Apple Software Update (x32 Version: 2.1.3.127)
ASIO4ALL (x32 Version: 2.10)
Audacity 2.0.3 (x32 Version: 2.0.3)
Blaine's Alias Title (Version: 1.0.1)
Blaine's Bloom/Negative Effects (Version: 1.1.0)
Blaine's Cartoonify Effects (Version: 1.0.1)
Blaine's Color Fade Effects (Version: 1.0.1)
Blaine's Contrast Effects (Version: 1.0.1)
Blaine's Custom Dreamy Look Title (Version: 2.0.1)
Blaine's Custom Speed Effects (Version: 2.0.1)
Blaine's Film Looks Effects (Version: 1.0.1)
Blaine's Letterbox Effects (Version: 1.0.3)
Blaine's Pixelate Effects (Version: 1.0.2)
Blaine's TV Signal Effects (Version: 1.0.0)
CameraHelperMsi (x32 Version: 13.31.1038.0)
Canon PowerShot ELPH 110 HS_IXUS 125 HS Camera User Guide (x32 Version: 1.0.0.7)
Canon Utilities CameraWindow DC 8 (x32 Version: 8.7.0.11)
Canon Utilities ImageBrowser EX (x32 Version: 1.1.1.19)
Canon Utilities PhotoStitch (x32 Version: 3.1.23.47)
CDBurnerXP (x32 Version: 4.4.1.3099)
ClickFix Lite for Adobe Audition version 3.04 (remove only) (x32)
Conexant HD Audio (Version: 8.50.4.0)
ContaCam (x32 Version: 4.0.5)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.45.2.0287)
Dell Edoc Viewer (Version: 1.0.0)
Dropbox (HKCU Version: 1.4.7)
eaner (Version: 4.03)
Elements 10 Organizer (x32 Version: 10.0)
erLT (x32 Version: 1.20.138.34)
EULAlyzer 2.2 (x32 Version: 2.2.0)
Facebook Video Calling 1.2.0.159 (x32 Version: 1.2.159)
FastStone Capture 6.8 (x32 Version: 6.8)
FileZilla Client 3.7.1 (x32 Version: 3.7.1)
foobar2000 v1.1.10 (x32 Version: 1.1.10)
Free MIDI to MP3 Converter 1.0 (x32)
FreeUndelete 2.1.36867.1 (x32 Version: 2.1.36867.1)
GEAR driver installer for AMD64 and Intel EM64T (Version: 2.003.1)
GetDataBack for NTFS (x32 Version: 4.24.000)
Google Chrome (x32 Version: 28.0.1500.72)
Google Update Helper (x32 Version: 1.3.21.153)
HandBrake 0.9.5 (x32 Version: 0.9.5)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
Intel® Processor Graphics (x32 Version: 9.17.10.2932)
Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
IrfanView (remove only) (x32 Version: 4.32)
Java Auto Updater (x32 Version: 2.0.7.1)
Java 6 Update 27 (64-bit) (Version: 6.0.270)
Java 6 Update 33 (x32 Version: 6.0.330)
JDownloader 0.9 (x32 Version: 0.9)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
K-Lite Codec Pack 8.2.0 (Standard) (x32 Version: 8.2.0)
Logitech Webcam Software (x32 Version: 2.30)
LWS Facebook (x32 Version: 13.31.1038.0)
LWS Gallery (x32 Version: 13.31.1038.0)
LWS Help_main (x32 Version: 13.31.1044.0)
LWS Launcher (x32 Version: 13.31.1038.0)
LWS Motion Detection (x32 Version: 13.30.1395.0)
LWS Pictures And Video (x32 Version: 13.31.1038.0)
LWS Twitter (x32 Version: 13.30.1346.0)
LWS Video Mask Maker (x32 Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (x32 Version: 13.31.1038.0)
LWS WLM Plugin (x32 Version: 1.30.1201.0)
LWS YouTube Plugin (x32 Version: 13.31.1038.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (x32 Version: 1.70.0.1100)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Silverlight (x32 Version: 4.1.10329.0)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
MixMeister Studio 7.2.2 (x32)
Movie Maker 6.0 for Windows 7 (64-bit) (Version: 6.0.0)
Moyea FLV to Video Converter Pro version 1.29.2.11 (x32)
Mozilla Firefox 22.0 (x86 en-US) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
OLYMPUS Master 2 (x32 Version: 1.0.13)
PDF Settings CS5 (x32 Version: 10.0)
Picasa 3 (x32 Version: 3.9)
PlayReady PC Runtime x86 (x32 Version: 1.3.0)
PRE10STI64Installer (x32 Version: 1.0)
QuickTime (x32 Version: 7.72.80.56)
QuickTime (x32 Version: 7.74.80.86)
Rapture 1.2.2 (x32 Version: 18.0)
Sandboxie 3.76 (64-bit) (Version: 3.76)
Share YouTube Videos version 1 (x32 Version: 1)
Simple Search-Replace (x32 Version: 1.08.0000)
Skype™ 6.1 (x32 Version: 6.1.129)
SmartSound Common Data (x32 Version: 1.1.0)
SmartSound Premiere Elements 10 x64 Plugin (Version: 5.70.0001)
SmartSound Sonicfire Pro 5 (x32 Version: 5.7.1)
SONAR X2 Producer x64 (x32 Version: 19.0)
SpywareBlaster 5.0 (x32 Version: 5.0.0)
SUPERAntiSpyware (Version: 5.6.1014)
Thread Manager 2.4.0.0 (x32 Version: 2.4.0.0)
Tube Increaser version 5.0.0 (x32 Version: 5.0.0)
Universal Audio v4.4.0 Native (x32)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
Update for Microsoft Office Access 2007 Help (KB963663) (x32)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
Update for Microsoft Office Infopath 2007 Help (KB963662) (x32)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition (x32)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update for Microsoft Office Publisher 2007 Help (KB963667) (x32)
Update for Microsoft Office Script Editor Help (KB963671) (x32)
Update for Microsoft Office Word 2007 Help (KB963665) (x32)
VLC media player 2.0.6 (x32 Version: 2.0.6)
Waves Complete V9r1 (x32 Version: 9.0.1)
Waves Mercury Bundle (x32 Version: 5.0)
Waves SSL Collection v1.2 (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Media Encoder 9 Series x64 Edition
Windows Media Encoder 9 Series x64 Edition (Version: 10.0.0.3809)
WinRAR 4.20 (32-bit) (x32 Version: 4.20.0)

==================== Restore Points  =========================

25-07-2013 12:39:02 Restore Operation
26-07-2013 12:53:10 Windows Update
29-07-2013 06:38:06 Revo Uninstaller's restore point - Celemony Melodyne Plugin VST RTAS v1.0
29-07-2013 06:41:40 Windows Update

==================== Hosts content: ==========================

2012-02-03 07:35 - 2013-06-27 11:19 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {09E75D01-CC9E-47A6-89B2-E6753E58619C} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-13] (Microsoft Corporation)
Task: {177EF570-739F-4316-8415-AE1C70CFA817} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05] (Google Inc.)
Task: {2360DA8A-09B0-4CB1-8985-08142FBC4C3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05] (Google Inc.)
Task: {42465A7E-4F7E-4B09-9468-2C715E22E77F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {61662508-FD9B-4527-B1E0-022DC2836D7C} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe No File
Task: {68FD1AED-AB87-4272-804A-71E26C6C771A} - System32\Tasks\Open URL by RoboForm => C:\Windows\system32\rundll32.exe [2009-07-13] (Microsoft Corporation)
Task: {72AC25D4-AFF2-4C7F-83D2-00CCA50383AB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-13] (Microsoft Corporation)
Task: {735C4EF9-8FD8-40C6-A8FB-AEA0F5D6B6D1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {98900B6D-17CB-4F5B-B07F-1F3D6425F562} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-13] (Microsoft Corporation)
Task: {BCE20BB9-1C2C-4D32-9164-CE7730387B31} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {C0D1F864-CDC5-4232-974C-01C2003C9936} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe No File
Task: {EDA65AB4-11B7-444C-B343-C066822192CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-13] (Adobe Systems Incorporated)
Task: {F0C206AF-FA61-4EC6-A7BE-55B4B143622E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/30/2013 03:45:19 AM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/30/2013 00:28:40 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 22.0.0.4917 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 4914

Start Time: 01ce8c4dfe663e68

Termination Time: 99

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 8106568b-f8d0-11e2-aa0d-d067e52c8165

Error: (07/29/2013 07:19:02 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 22.0.0.4917 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: dfc

Start Time: 01ce8c24ddf619a9

Termination Time: 34

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: a9ee1fc2-f840-11e2-aa0d-d067e52c8165

Error: (07/29/2013 03:23:27 AM) (Source: Application Error) (User: )
Description: Faulting application name: Audition.exe, version: 1.5.4124.1, time stamp: 0x40980e38
Faulting module name: MSVCR71.dll, version: 7.10.3052.4, time stamp: 0x3e561eac
Exception code: 0xc0000005
Fault offset: 0x00019e73
Faulting process id: 0x1070
Faulting application start time: 0xAudition.exe0
Faulting application path: Audition.exe1
Faulting module path: Audition.exe2
Report Id: Audition.exe3

Error: (07/29/2013 03:23:24 AM) (Source: Application Error) (User: )
Description: Faulting application name: Audition.exe, version: 1.5.4124.1, time stamp: 0x40980e38
Faulting module name: WaveShell-VST 9.0.dll, version: 9.0.0.21, time stamp: 0x4f5cb232
Exception code: 0xc0000005
Fault offset: 0x000340b4
Faulting process id: 0x1070
Faulting application start time: 0xAudition.exe0
Faulting application path: Audition.exe1
Faulting module path: Audition.exe2
Report Id: Audition.exe3

Error: (07/29/2013 02:29:38 AM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/29/2013 02:28:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/29/2013 02:28:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/29/2013 02:28:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/29/2013 02:28:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (07/30/2013 03:44:01 AM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Error: (07/30/2013 03:44:01 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.

Error: (07/30/2013 03:43:30 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/29/2013 02:28:18 AM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Error: (07/29/2013 02:28:18 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.

Error: (07/29/2013 02:27:45 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/25/2013 10:49:40 AM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Error: (07/25/2013 10:49:40 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.

Error: (07/25/2013 10:49:07 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/25/2013 10:28:06 AM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-06-27 11:19:20.910
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-06-27 11:19:20.872
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 29%
Total physical RAM: 6056.63 MB
Available physical RAM: 4292.73 MB
Total Pagefile: 12111.44 MB
Available Pagefile: 10291.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:450.91 GB) (Free:334.51 GB) NTFS (Disk=1 Partition=3)
Drive d: (Files) (Fixed) (Total:931.51 GB) (Free:177.68 GB) NTFS (Disk=0 Partition=1)
Drive e: (Media) (Fixed) (Total:931.51 GB) (Free:57.88 GB) NTFS (Disk=2 Partition=1)
Drive f: (Backup) (Fixed) (Total:2794.52 GB) (Free:1137.41 GB) NTFS (Disk=4 Partition=1)
Drive g: (CANON_DC) (Removable) (Total:14.83 GB) (Free:9.46 GB) FAT32 (Disk=3 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 3468B252)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 9D4CFAAC)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 34ECB17F)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.

==================== End Of Log ============================

 

Link to post
Share on other sites

  • Root Admin

Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.
 

 

fixlist.txt

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-07-2013 03
Ran by Jeremy at 2013-07-31 01:35:57 Run:3
Running from C:\Users\Jeremy\Desktop
Boot Mode: Normal
==============================================

"C:\Program Files\Microsoft Security Client" => Deleting reparse point and unlocking started.
"C:\Program Files\Microsoft Security Client" => Deleting reparse point and unlocking completed.
"C:\ProgramData\Microsoft\Windows Defender" => Deleting reparse point and unlocking started.
"C:\ProgramData\Microsoft\Windows Defender" => Deleting reparse point and unlocking completed.
"C:\Program Files (x86)\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files (x86)\Windows Defender" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed.
"C:\Users\Jeremy\Desktop\msseces.exe" => File/Directory not found.
HKLM\Software\Classes\CLSID\{750fdf10-2a26-11d1-a3ea-080036587f03}\InprocServer32\\Default => Value was restored successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.


The system needs a manual reboot.

==== End of Fixlog ====

Link to post
Share on other sites

Oh you meant the malware bytes program lol My bad

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.01.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Jeremy :: JEREMY-PC [administrator]

8/1/2013 8:28:35 AM
mbam-log-2013-08-01 (08-28-35).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 258768
Time elapsed: 13 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Link to post
Share on other sites

  • Root Admin

Well that looks good.  So what if any issues are you still having on the computer?

 

 

Next, download Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


 

Link to post
Share on other sites

The problem is still the same as I stated in my first post. When I restart my computer I get the same error each time

 

msseces.exe - Application Error

 

The application was unable to start correctly (0xc000007b). Click OK to close the application. This all started when windows update tried to do an update for Microsoft Security Essentials, and that's when the msseces errors started happening. 

 

 

 Results of screen317's Security Check version 0.99.71  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Microsoft Security Essentials   
  (On Access scanning disabled!)
 Error obtaining update status for antivirus!  
`````````Anti-malware/Other Utilities Check:`````````
 SpywareBlaster 5.0    
 Malwarebytes Anti-Malware version 1.70.0.1100  
 Out of date Malwarebytes Anti-Malware installed!
 Java 6 Update 33  
 Java version out of Date!
 Adobe Flash Player 11.8.800.94  
 Adobe Reader 10.1.7 Adobe Reader out of Date!  
 Mozilla Firefox (22.0)
 Google Chrome 28.0.1500.72  
 Google Chrome 28.0.1500.95  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 7%
````````````````````End of Log``````````````````````

    

Link to post
Share on other sites

  • Root Admin

Please uninstall ALL versions of Java

 

Next,,

 

Please go to the following link and run the Fixit tool.

Fix problems with programs that can't be installed or uninstalled

Click Run It and then click Run and follow the prompt. Press Accept. From the next options select the first one "Detect problems and apply the fixes for me (Recommended)
From the next Window select Uninstalling
From the list that comes up if Microsoft Security Client is listed select it
Click next and wait. At the end it will tell you that the problem is fixed.

Reboot the computer then download the MSE installer again and run it.

Let me know how that goes

 

 

Link to post
Share on other sites

  • Root Admin

Let's try another older discontinued tool from Microsoft.

Please download this tool from Majorgeeks site here:  Windows Install Clean Up
This should invoke an automatic download and the file name will be:  msicuu2.exe

Save that file to your computer and then quit your browser and other applications.

Then double click to install the program and once it's installed it should be in your Start Menu listed as Windows Install Clean Up
Double click to open and run it.  This tool has the potential to remove good values as well so please do not use this tool for other removals, simply use it in this case specifically for the issue with Microsoft Security Essentials.


Here is an example screen shot of what it will look like.  Scroll through the list and look for both of these values and then highlight it and click on Remove and then quit the program.
Reboot the computer and now try to install Microsoft Security Essentials again.

Microsoft Security Essentials
Microsoft Security Client


Windows-Install-Clean-Up_zpsf9316b54.jpg
 

Link to post
Share on other sites

  • Root Admin

Okay let's try the following then.   Click on START and type in CMD.EXE and when it shows on the menu right click over it and choose "Run as administrator"
 
The type the following and press the Enter key.  It will say it cannot lock the drive and ask if you want to run the disk check on the next reboot.  Press the Y key and then the Enter key

CHKDSK C: /R
Then restart the computer.  It should run a full disk check in a DOS type screen for at least 10 minutes but could potentially run for many hours.  Please just let it run.
 
After the computer restarts please temporarily disable your antivirus and run the following.

 

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file.  Please be patient as it can take some time to load.
  • Please attach that log file to your next reply.
  • If needed the file can be located here:  C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.


 

Link to post
Share on other sites

ComboFix 13-08-09.02 - Jeremy 08/09/2013  15:16:37.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6057.4649 [GMT -4:00]
Running from: c:\users\Jeremy\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\UNWISE.EXE
.
.
(((((((((((((((((((((((((   Files Created from 2013-07-09 to 2013-08-09  )))))))))))))))))))))))))))))))
.
.
2013-08-09 19:23 . 2013-08-09 19:23    --------    d-----w-    c:\users\Public\AppData\Local\temp
2013-08-09 19:23 . 2013-08-09 19:23    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-08-09 12:20 . 2013-07-15 07:34    9460976    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{38ECB14E-679F-4131-BF8A-CB01951E2CD9}\mpengine.dll
2013-08-08 18:20 . 2013-08-08 18:20    --------    d-----w-    c:\users\Jeremy\AppData\Roaming\com.adobe.DC3Module.AdobeADC
2013-08-06 08:03 . 2013-08-06 08:03    --------    d-----w-    c:\program files (x86)\Common Files\Java
2013-08-06 08:02 . 2013-08-06 08:02    96168    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-06 03:15 . 2013-08-06 03:15    3584    ----a-r-    c:\users\Jeremy\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2013-08-06 03:15 . 2013-08-06 03:15    --------    d-----w-    c:\program files (x86)\Windows Installer Clean Up
2013-08-06 03:13 . 2013-08-06 03:13    --------    d-----w-    c:\program files (x86)\MSECACHE
2013-08-03 13:41 . 2013-08-03 13:41    --------    d-----w-    c:\users\Jeremy\AppData\Local\Enhanceviews_Autowatcher
2013-07-30 08:05 . 2013-07-31 05:36    --------    d-----w-    C:\FRST
2013-07-23 06:41 . 2013-07-23 06:42    392704    ----a-w-    c:\windows\system32\MpClient.dll
2013-07-23 03:41 . 2013-07-23 03:43    --------    d-----w-    c:\windows\system32\MRT
2013-07-22 10:21 . 2013-07-02 08:34    9460976    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A2BD1B85-780A-4105-B6B2-52D9DE70FB97}\mpengine.dll
2013-07-21 03:00 . 2013-07-25 14:47    --------    d-----w-    c:\program files (x86)\Share YouTube Videos
2013-07-19 10:33 . 2013-07-19 10:33    --------    d-----w-    c:\programdata\Temporary
2013-07-17 02:11 . 2013-07-17 02:10    941720    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0881CEB4-359E-4A9A-8B66-523C5BD30F91}\gapaengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-06 08:02 . 2012-07-09 07:32    867240    ----a-w-    c:\windows\SysWow64\npdeployJava1.dll
2013-08-06 08:02 . 2012-01-20 20:49    789416    ----a-w-    c:\windows\SysWow64\deployJava1.dll
2013-07-14 02:12 . 2013-05-10 08:20    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-14 02:12 . 2013-05-10 08:20    692104    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-03 00:12 . 2013-07-03 02:08    460888    ----a-w-    c:\windows\system32\drivers\10354613.sys
2013-07-01 12:13 . 2013-07-01 08:15    460888    ----a-w-    c:\windows\system32\drivers\24441005.sys
2013-06-24 04:57 . 2012-02-03 08:13    78277128    ----a-w-    c:\windows\system32\MRT.exe
2013-06-19 01:50 . 2013-06-19 01:50    247216    ----a-w-    c:\windows\system32\drivers\MpFilter.sys
2013-06-11 23:43 . 2013-07-10 11:06    1767936    ----a-w-    c:\windows\SysWow64\wininet.dll
2013-06-11 23:43 . 2013-07-10 11:06    2877440    ----a-w-    c:\windows\SysWow64\jscript9.dll
2013-06-11 23:42 . 2013-07-10 11:06    61440    ----a-w-    c:\windows\SysWow64\iesetup.dll
2013-06-11 23:42 . 2013-07-10 11:06    109056    ----a-w-    c:\windows\SysWow64\iesysprep.dll
2013-06-11 23:26 . 2013-07-10 11:06    51712    ----a-w-    c:\windows\system32\ie4uinit.exe
2013-06-11 23:26 . 2013-07-10 11:06    2241024    ----a-w-    c:\windows\system32\wininet.dll
2013-06-11 23:26 . 2013-07-10 11:06    1365504    ----a-w-    c:\windows\system32\urlmon.dll
2013-06-11 23:25 . 2013-07-10 11:06    19238912    ----a-w-    c:\windows\system32\mshtml.dll
2013-06-11 23:25 . 2013-07-10 11:06    603136    ----a-w-    c:\windows\system32\msfeeds.dll
2013-06-11 23:25 . 2013-07-10 11:06    855552    ----a-w-    c:\windows\system32\jscript.dll
2013-06-11 23:25 . 2013-07-10 11:06    3958784    ----a-w-    c:\windows\system32\jscript9.dll
2013-06-11 23:25 . 2013-07-10 11:06    53248    ----a-w-    c:\windows\system32\jsproxy.dll
2013-06-11 23:25 . 2013-07-10 11:06    526336    ----a-w-    c:\windows\system32\ieui.dll
2013-06-11 23:25 . 2013-07-10 11:06    67072    ----a-w-    c:\windows\system32\iesetup.dll
2013-06-11 23:25 . 2013-07-10 11:06    39936    ----a-w-    c:\windows\system32\iernonce.dll
2013-06-11 23:25 . 2013-07-10 11:06    2648576    ----a-w-    c:\windows\system32\iertutil.dll
2013-06-11 23:25 . 2013-07-10 11:06    136704    ----a-w-    c:\windows\system32\iesysprep.dll
2013-06-11 23:25 . 2013-07-10 11:06    15404032    ----a-w-    c:\windows\system32\ieframe.dll
2013-06-11 22:51 . 2013-07-10 11:06    71680    ----a-w-    c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50 . 2013-07-10 11:06    89600    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2013-06-07 03:22 . 2013-07-10 11:06    2706432    ----a-w-    c:\windows\system32\mshtml.tlb
2013-06-07 02:37 . 2013-07-10 11:06    2706432    ----a-w-    c:\windows\SysWow64\mshtml.tlb
2013-06-05 03:34 . 2013-07-10 09:39    3153920    ----a-w-    c:\windows\system32\win32k.sys
2013-06-04 06:00 . 2013-07-10 09:39    624128    ----a-w-    c:\windows\system32\qedit.dll
2013-06-04 04:53 . 2013-07-10 09:39    509440    ----a-w-    c:\windows\SysWow64\qedit.dll
2013-05-14 00:31 . 2012-07-17 19:37    22240    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-13 05:51 . 2013-06-12 04:46    184320    ----a-w-    c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 04:46    1464320    ----a-w-    c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 04:46    139776    ----a-w-    c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 04:46    52224    ----a-w-    c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 04:46    140288    ----a-w-    c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 04:46    1160192    ----a-w-    c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 04:46    103936    ----a-w-    c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 04:46    1192448    ----a-w-    c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 04:46    903168    ----a-w-    c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 04:46    43008    ----a-w-    c:\windows\SysWow64\certenc.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-07 03:55    220632    ----a-w-    c:\users\Jeremy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-07 03:55    220632    ----a-w-    c:\users\Jeremy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-07 03:55    220632    ----a-w-    c:\users\Jeremy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EV_Autowatcher_Download-Carbon0x"="c:\users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.44(1).exe" [2013-08-09 1414656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe;c:\program files\BitComet\tools\BitCometService.exe [x]
R3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys;c:\windows\SYSNATIVE\DRIVERS\lvbflt64.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C510(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms;c:\program files\dell support center\pcdsrvc_x64.pkms [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
R4 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [x]
R4 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R4 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 10354613;10354613;c:\windows\system32\DRIVERS\10354613.sys;c:\windows\SYSNATIVE\DRIVERS\10354613.sys [x]
S0 24441005;24441005;c:\windows\system32\DRIVERS\24441005.sys;c:\windows\SYSNATIVE\DRIVERS\24441005.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys;c:\windows\SYSNATIVE\drivers\CM10664.sys [x]
S3 VSTWinDriver6;VSTWinDriver6;c:\windows\system32\drivers\VSTwindrvr6.sys;c:\windows\SYSNATIVE\drivers\VSTwindrvr6.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt    REG_MULTI_SZ       hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-31 17:18    1173456    ----a-w-    c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-10 02:12]
.
2013-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-06 00:50]
.
2013-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-06 00:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-07 03:55    244696    ----a-w-    c:\users\Jeremy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-07 03:55    244696    ----a-w-    c:\users\Jeremy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-07 03:55    244696    ----a-w-    c:\users\Jeremy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    162552    ----a-w-    c:\users\Jeremy\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 208.59.247.45 208.59.247.46
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 107.6.133.8,23.23.180.210
FF - ProfilePath - c:\users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google

FF - ExtSQL: 2013-06-20 19:58; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF - ExtSQL: 2013-06-28 05:43; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; c:\users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF - ExtSQL: 2013-07-04 21:29; {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}; c:\users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
FF - ExtSQL: !HIDDEN! 2012-10-08 22:35; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM-Run-MSC - c:\program files\Microsoft Security Client\msseces.exe
AddRemove-{D4D7D75D-00A0-CCD9-8303-9D1E2E193749} - c:\progra~3\INSTAL~2\{61B99~1\Setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\00758EC72B59EFF5D819EC24DB5E0AD2\62B640D98797DC74196ECAC3D1BF3C0D]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="SetupResDllMui_EN_US"
"ComponentVersion"="4.0.1526.0"
"ProductVersion"="4.0.1526"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\03C60A9B239AB9A4DA7D95727C2B5BED\62B640D98797DC74196ECAC3D1BF3C0D]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="MSESysprep.dll"
"ComponentVersion"="4.0.1526.0"
"ProductVersion"="4.0.1526"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\0D59859034059F44AAF172B4652D81DF\62B640D98797DC74196ECAC3D1BF3C0D]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="SqmApi.dll"
"ComponentVersion"="6.1.7600.16385"
"ProductVersion"="4.0.1526"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\2DC6F6326F00B564CADAEA2DE5CF6D4D\62B640D98797DC74196ECAC3D1BF3C0D]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="msseooberes.dll.mui_ENUS"
"ComponentVersion"="4.0.1526.0"
"ProductVersion"="4.0.1526"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\2EABF86D805AB0B4BBC9E0D503DA8C4E\62B640D98797DC74196ECAC3D1BF3C0D]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="msseooberes.dll"
"ComponentVersion"="4.0.1526.0"
"ProductVersion"="4.0.1526"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\3A56E6CFA998ED15E98F3C5501B43C0B\62B640D98797DC74196ECAC3D1BF3C0D]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="SetupRes.dll"
"ComponentVersion"="4.0.1526.0"
"ProductVersion"="4.0.1526"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\5F55B9FDC1F01894887AD64EFE382787\62B640D98797DC74196ECAC3D1BF3C0D]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="EppManifestForMse"
"ComponentVersion"="4.0.1526.0"
"ProductVersion"="4.0.1526"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\6A122FDB37ECDE6599C1FA78DC746459\62B640D98797DC74196ECAC3D1BF3C0D]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="Setup.exe"
"ComponentVersion"="4.0.1526.0"
"ProductVersion"="4.0.1526"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\B0D6949167E131043B11F52470CF8F8E\62B640D98797DC74196ECAC3D1BF3C0D]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="msseoobe.exe"
"ComponentVersion"="4.0.1526.0"
"ProductVersion"="4.0.1526"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-08-09  15:25:09
ComboFix-quarantined-files.txt  2013-08-09 19:25
.
Pre-Run: 363,244,957,696 bytes free
Post-Run: 366,969,659,392 bytes free
.
- - End Of File - - FFC91F857DC12661F3D10919A2A97E34
F1BC9A487FAD21118DA4D5B596310BA4
 

Link to post
Share on other sites

  • Root Admin

Sorry for the delay on this.

Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller

Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller.

PC Winvids - How to run Kaspersky TDSSKiller

If any infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection.

Once the tool has completed scanning make sure to re-enable your other security applications.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.