Jump to content

Pup.optional datamngr infection


T8r
 Share

Recommended Posts

attach.txt

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 11/1/2010 5:30:28 PM
System Uptime: 8/8/2013 11:29:13 AM (29 hours ago)
.
Motherboard: Hewlett-Packard |  | 144B
Processor: Intel® Core i5 CPU       M 450  @ 2.40GHz | CPU | 1176/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 443 GiB total, 347.838 GiB free.
D: is FIXED (NTFS) - 23 GiB total, 3.315 GiB free.
E: is FIXED (FAT) - 0 GiB total, 0.086 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&35B5B9A0&0&02
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter #2
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&35B5B9A0&0&02
Service: vwifimp
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
PNP Device ID: ROOT\NET\0000
Service: vpnva
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&35B5B9A0&0&01
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&35B5B9A0&0&01
Service: vwifimp
.
==== System Restore Points ===================
.
RP349: 7/16/2013 4:55:09 AM - Windows Update
RP350: 7/19/2013 6:51:16 AM - Windows Update
RP351: 7/22/2013 12:54:02 PM - Windows Update
RP352: 7/22/2013 12:59:49 PM - Windows Update
RP353: 7/26/2013 12:02:53 PM - Windows Update
RP354: 7/30/2013 4:50:28 AM - Windows Update
RP355: 8/6/2013 7:42:53 AM - Windows Update
.
==== Installed Programs ======================
.
Acrobat.com
Adobe Acrobat 6.0 Professional
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Illustrator 10.0.3
Adobe Photoshop CS
Adobe Reader X (10.1.7)
Adobe Shockwave Player
Adobe Shockwave Player 11.5
Adobe SVG Viewer 3.0
Akamai NetSession Interface
Apple Application Support
Apple Software Update
ATI Catalyst Install Manager
Bejeweled 2 Deluxe
Blackhawk Striker 2
Blasterball 3
Build-a-lot 2
Cake Mania
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Chuzzle Deluxe
CinemaNow Media Manager
Cisco AnyConnect VPN Client
Cisco Connect
Cisco WebEx Meetings
Compatibility Pack for the 2007 Office system
CyberLink DVD Suite
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue
DIRECTV Player
Dora's Carnival Adventure
Dropbox
DVD Menu Pack for HP MediaSmart Video
Escape Rosecliff Island
ESU for Microsoft Windows 7
Faerie Solitaire
Fairy Tale Mysteries - The Puppet Thief
FATE
ffdshow [rev 2527] [2008-12-19]
Foxit Reader
Garmin Communicator Plugin
Garmin Communicator Plugin x64
Google Chrome
Google Drive
Google Earth Plug-in
Google Talk (remove only)
Google Talk Plugin
Google Update Helper
Hewlett-Packard ACLM.NET v1.2.1.1
HP 3D DriveGuard
HP Advisor
HP Customer Experience Enhancements
HP Deskjet 1000 J110 series Basic Device Software
HP Deskjet 1000 J110 series Help
HP Games
HP MediaSmart CinemaNow 2.0
HP MediaSmart DVD
HP MediaSmart Internet TV
HP MediaSmart Movies and TV
HP MediaSmart Music
HP MediaSmart Photo
HP MediaSmart SmartMenu
HP MediaSmart Video
HP MediaSmart Webcam
HP MediaSmart/TouchSmart Netflix
HP Quick Launch
HP QuickWeb Installer
HP Setup
HP SimplePass Identity Protection
HP Software Framework
HP Support Assistant
HP Update
HP User Guides 0177
HP Wireless Assistant
HPDiagnosticAlert
IDT Audio
Intel PROSet Wireless
Intel® Management Engine Components
Intel® PROSet/Wireless for Bluetooth® + High Speed
Intel® Rapid Storage Technology
Intel® Turbo Boost Technology Driver
Intel® PROSet/Wireless WiFi Software
Java 7 Update 25
Java Auto Updater
Jewel Quest 3
Jewel Quest Solitaire 2
Junk Mail filter update
LabelPrint
LightScribe System Software
magicJack
Malwarebytes Anti-Malware version 1.75.0.1300
Map CONHI Drives V14
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft WSE 3.0 Runtime
Motorola Device Manager
Motorola Device Software Update
Motorola Mobile Drivers Installation 5.6.0
Movie Theme Pack for HP MediaSmart Video
Mozilla Firefox 8.0 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Mystery P.I. - The New York Fortune
Penguins!
PhotoNow!
Plants vs. Zombies
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
PowerDirector
PX Profile Update
Realtek Ethernet Controller Driver For Windows 7
Realtek USB 2.0 Card Reader
Recovery Manager
Roxio CinemaNow 2.0
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Skype™ 6.6
Startup Delayer v3.0 (build 333)
Synaptics Pointing Device Driver
TextTwist 2
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Validity Sensors DDK
Virtual Families
Virtual Villagers - The Secret City
Vision Machine Tools Suite 4
Vision Pro LT7 (C:\Vision Pro LT7)
Webroot SecureAnywhere
Wheel of Fortune 2
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
Windows Media Player Firefox Plugin
Yahoo! Detect
Zuma's Revenge
ZumoCast
.
==== Event Viewer Messages From Past Week ========
.
8/6/2013 10:25:16 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "109" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
8/6/2013 10:25:15 PM, Error: Service Control Manager [7000]  - The Google Update Service (gupdate) service failed to start due to the following error:  The pipe has been ended.
8/4/2013 8:23:12 PM, Error: bowser [8003]  - The master browser has received a server announcement from the computer CINDYJO-LAPTOP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B84199AD-FAA2-44B7-8D6D-875D85D025A3}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================
 
DDS.txt
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16635  BrowserJavaVersion: 10.25.2
Run by T8r Salad at 16:19:30 on 2013-08-09
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3894.887 [GMT -7:00]
.
AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Prey\platform\windows\cronsvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\hasplms.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxpers.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Users\T8r Salad\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
C:\Users\T8r Salad\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\T8r Salad\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Users\T8r Salad\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Users\T8r Salad\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\DigitalPersona\Bin\DPAgent.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Prey\platform\windows\bin\bash.exe
C:\Prey\platform\windows\bin\bash.exe
C:\Prey\platform\windows\bin\bash.exe
C:\Users\T8r Salad\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\T8r Salad\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AcroIEToolbarHelper Class: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
uRun: [Google Update] "C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [googletalk] "C:\Users\T8r Salad\AppData\Roaming\Google\Google Talk\googletalk.exe" /autostart
uRun: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
uRun: [cdloader] "C:\Users\T8r Salad\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [PCShowServer] "C:\Users\T8r Salad\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe"
uRun: [Akamai NetSession Interface] "C:\Users\T8r Salad\AppData\Local\Akamai\netsession_win.exe"
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{16C38B3B-5E35-4CFE-88D9-98178488C144} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{B84199AD-FAA2-44B7-8D6D-875D85D025A3} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{B84199AD-FAA2-44B7-8D6D-875D85D025A3}\1333036307575626C6F6 : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{B84199AD-FAA2-44B7-8D6D-875D85D025A3}\14355535 : DHCPNameServer = 192.168.1.1 208.180.42.100
TCP: Interfaces\{B84199AD-FAA2-44B7-8D6D-875D85D025A3}\255637F62747F5745756374737 : DHCPNameServer = 204.130.255.3 209.63.0.6
TCP: Interfaces\{B84199AD-FAA2-44B7-8D6D-875D85D025A3}\265736B637B696E6 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{B84199AD-FAA2-44B7-8D6D-875D85D025A3}\4416973794E6E6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{B84199AD-FAA2-44B7-8D6D-875D85D025A3}\755637167795F6572775966656E416B65646C4163747E496768647 : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{B84199AD-FAA2-44B7-8D6D-875D85D025A3}\771627467756C6C6 : DHCPNameServer = 209.18.47.61 209.18.47.62
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Notification Packages =  DPPassFilter scecli
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [smartMenu] "C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background
x64-Run: [HPWirelessAssistant] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [sysTrayApp] "C:\Program Files\IDT\WDM\sttray64.exe"
x64-Run: [igfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [startupDelayer] "C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe" /LaunchType=Auto /LaunchApps=Common
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\
# Mozilla User Preferences
 
/* Do not edit this file.
 *
 * If you make changes to this file while the application is running,
 * the changes will be overwritten when the application exits.
 *
 * To make a manual change to preferences, you can visit the URL about:config
 */
 
user_pref(app.update.lastUpdateTime.addon-background-update-timer, 1352155386);
user_pref(app.update.lastUpdateTime.background-update-timer, 1338397151);
user_pref(app.update.lastUpdateTime.blocklist-background-update-timer, 1352155506);
user_pref(app.update.lastUpdateTime.microsummary-generator-update-timer, 1313362142);
user_pref(app.update.lastUpdateTime.places-maintenance-timer, 1300572385);
user_pref(app.update.lastUpdateTime.search-engine-update-timer, 1341939655);
user_pref(browser.cache.disk.capacity, 1048576);
user_pref(browser.cache.disk.smart_size.first_run, false);
user_pref(browser.cache.disk.smart_size_cached_value, 1048576);
user_pref(browser.download.lastDir, C:\\Users\\T8r Salad\\Desktop);
user_pref(browser.download.save_converter_index, 2);
user_pref(browser.feeds.handler.default, bookmarks);
user_pref(browser.feeds.handlers.webservice, http://fusion.google.com/add?feedurl=%s);
user_pref(browser.feeds.showFirstRunUI, false);
user_pref(browser.migration.version, 5);
user_pref(browser.places.importBookmarksHTML, false);
user_pref(browser.places.smartBookmarksVersion, 2);
user_pref(browser.rights.3.shown, true);
user_pref(browser.shell.checkDefaultBrowser, false);
FF - prefs.js: browser.startup.homepage - http://start.msn.iplay.com/?o=shp);
user_pref(browser.startup.homepage_override.buildID, 20111104165243);
user_pref(browser.startup.homepage_override.mstone, rv:8.0);
user_pref(browser.startup.page, 3);
user_pref(browser.syncPromoViewsLeft, 0);
user_pref(browser.taskbar.lastgroupid, Mozilla.Firefox.8.0);
user_pref(extension.WeatherBug.CityCode, );
user_pref(extension.WeatherBug.CityName, Mesa);
user_pref(extension.WeatherBug.Country, USA);
user_pref(extension.WeatherBug.DefaultTab, 0);
user_pref(extension.WeatherBug.NumForecasts, 3);
user_pref(extension.WeatherBug.OverlayEnabled, true);
user_pref(extension.WeatherBug.Placement, status-bar);
user_pref(extension.WeatherBug.Position, -1);
user_pref(extension.WeatherBug.State, AZ);
user_pref(extension.WeatherBug.StationId, MESAZ);
user_pref(extension.WeatherBug.Uid, 404295c7-9519-4673-ace2-067c01342ddb);
user_pref(extension.WeatherBug.Units, 0);
user_pref(extension.WeatherBug.WindUnits, 0);
user_pref(extension.WeatherBug.ZipCode, 85201);
user_pref(extensions.blocklist.pingCountTotal, 118);
user_pref(extensions.blocklist.pingCountVersion, 12);
user_pref(extensions.bootstrappedAddons, {});
user_pref(extensions.databaseSchema, 6);
user_pref(extensions.enabledAddons, {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:3.0.1,{1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:8.0);
user_pref(extensions.enabledItems, otis@digitalpersona.com:5.0.0.4248,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{340c2bbc-ce74-4362-90b5-7c26312808ef}:1.7,{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906,{3EC9C995-8072-4fc0-953E-4F30620D17F3}:2.0.0.4,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15);
user_pref(extensions.installCache, [{\name\:\winreg-app-global\,\addons\:{\otis@digitalpersona.com\:{\descriptor\:\C:\\\\Program Files (x86)\\\\DigitalPersona\\\\Bin\\\\FirefoxExt\,\mtime\:1311027694313}}},{\name\:\app-global\,\addons\:{\{1FD91A9C-410C-4090-BBCC-55D3450EF433}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\Search Results Toolbar\\\\Datamngr\\\\FirefoxExtension\,\mtime\:1358488367217},\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\,\mtime\:1358481263852},\{972ce4c6-7e08-4474-a285-3208198ce6fd}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\,\mtime\:1320868742462},\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\,\mtime\:1320961120423},\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\,\mtime\:1335991214481},\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\,\mtime\:1341497096697}}},{\name\:\app-profile\,\addons\:{\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\:{\descriptor\:\C:\\\\Users\\\\T8r Salad\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\e03hvm6l.default\\\\extensions\\\\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\,\mtime\:1316469172453},\{1FD91A9C-410C-4090-BBCC-55D3450EF433}\:{\descriptor\:\C:\\\\Program Files (x86)\\\\Search Results Toolbar\\\\Datamngr\\\\FirefoxExtension\,\mtime\:1358488367217},\{3EC9C995-8072-4fc0-953E-4F30620D17F3}\:{\descriptor\:\C:\\\\Users\\\\T8r Salad\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\e03hvm6l.default\\\\extensions\\\\{3EC9C995-8072-4fc0-953E-4F30620D17F3}\,\mtime\:1289076549249},\{f34c9277-6577-4dff-b2d7-7d58092f272f}\:{\descriptor\:\C:\\\\Users\\\\T8r Salad\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\e03hvm6l.default\\\\extensions\\\\{f34c9277-6577-4dff-b2d7-7d58092f272f}\,\mtime\:1358488366749}}}]);
user_pref(extensions.lastAppVersion, 8.0);
user_pref(extensions.lastPlatformVersion, 8.0);
user_pref(extensions.pendingOperations, false);
user_pref(extensions.shownSelectionUI, true);
user_pref(extensions.skype_toolbar.version, 5.0.0.6906);
user_pref(extensions.ui.locale.hidden, true);
user_pref(extensions.update.notifyUser, false);
user_pref(idle.lastDailyNotification, 1338398468);
user_pref(intl.charsetmenu.browser.cache, x-mac-roman, us-ascii, windows-1252, ISO-8859-1, UTF-8);
user_pref(lightweightThemes.isThemeSelected, false);
user_pref(lightweightThemes.persisted.footerURL, true);
user_pref(lightweightThemes.persisted.headerURL, true);
user_pref(lightweightThemes.usedThemes, []);
user_pref(network.cookie.prefsMigrated, true);
user_pref(places.database.lastMaintenance, 1338398469);
user_pref(places.history.expiration.transient_current_max_pages, 122490);
user_pref(places.last_vacuum, 1300137202);
user_pref(pref.advanced.images.disable_button.view_image, false);
user_pref(pref.browser.homepage.disable_button.current_page, false);
user_pref(pref.downloads.disable_button.edit_actions, false);
user_pref(print.print_printer, Brother MFC-240C);
user_pref(print.printer_Brother_MFC-240C.print_bgcolor, false);
user_pref(print.printer_Brother_MFC-240C.print_bgimages, false);
user_pref(print.printer_Brother_MFC-240C.print_command, );
user_pref(print.printer_Brother_MFC-240C.print_downloadfonts, false);
user_pref(print.printer_Brother_MFC-240C.print_edge_bottom, 0);
user_pref(print.printer_Brother_MFC-240C.print_edge_left, 0);
user_pref(print.printer_Brother_MFC-240C.print_edge_right, 0);
user_pref(print.printer_Brother_MFC-240C.print_edge_top, 0);
user_pref(print.printer_Brother_MFC-240C.print_evenpages, true);
user_pref(print.printer_Brother_MFC-240C.print_footercenter, );
user_pref(print.printer_Brother_MFC-240C.print_footerleft, &PT);
user_pref(print.printer_Brother_MFC-240C.print_footerright, &D);
user_pref(print.printer_Brother_MFC-240C.print_headercenter, );
user_pref(print.printer_Brother_MFC-240C.print_headerleft, &T);
user_pref(print.printer_Brother_MFC-240C.print_headerright, &U);
user_pref(print.printer_Brother_MFC-240C.print_in_color, true);
user_pref(print.printer_Brother_MFC-240C.print_margin_bottom, 0.5);
user_pref(print.printer_Brother_MFC-240C.print_margin_left, 0.5);
user_pref(print.printer_Brother_MFC-240C.print_margin_right, 0.5);
user_pref(print.printer_Brother_MFC-240C.print_margin_top, 0.5);
user_pref(print.printer_Brother_MFC-240C.print_oddpages, true);
user_pref(print.printer_Brother_MFC-240C.print_orientation, 0);
user_pref(print.printer_Brother_MFC-240C.print_page_delay, 50);
user_pref(print.printer_Brother_MFC-240C.print_paper_data, 1);
user_pref(print.printer_Brother_MFC-240C.print_paper_height,  11.00);
user_pref(print.printer_Brother_MFC-240C.print_paper_size_type, 0);
user_pref(print.printer_Brother_MFC-240C.print_paper_size_unit, 0);
user_pref(print.printer_Brother_MFC-240C.print_paper_width,   8.50);
user_pref(print.printer_Brother_MFC-240C.print_reversed, false);
user_pref(print.printer_Brother_MFC-240C.print_scaling,   1.25);
user_pref(print.printer_Brother_MFC-240C.print_shrink_to_fit, false);
user_pref(print.printer_Brother_MFC-240C.print_to_file, false);
user_pref(print.printer_Brother_MFC-240C.print_to_filename, );
user_pref(print.printer_Brother_MFC-240C.print_unwriteable_margin_bottom, 0);
user_pref(print.printer_Brother_MFC-240C.print_unwriteable_margin_left, 0);
user_pref(print.printer_Brother_MFC-240C.print_unwriteable_margin_right, 0);
user_pref(print.printer_Brother_MFC-240C.print_unwriteable_margin_top, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_bgcolor, false);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_bgimages, false);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_command, );
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_downloadfonts, false);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_edge_bottom, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_edge_left, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_edge_right, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_edge_top, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_evenpages, true);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_footercenter, );
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_footerleft, &PT);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_footerright, &D);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_headercenter, );
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_headerleft, &T);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_headerright, &U);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_in_color, true);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_margin_bottom, 0.5);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_margin_left, 0.5);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_margin_right, 0.5);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_margin_top, 0.5);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_oddpages, true);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_orientation, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_page_delay, 50);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_paper_data, 1);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_paper_height,  11.00);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_paper_size_type, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_paper_size_unit, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_paper_width,   8.50);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_reversed, false);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_scaling,   1.25);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_shrink_to_fit, false);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_to_file, false);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_to_filename, );
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_unwriteable_margin_bottom, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_unwriteable_margin_left, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_unwriteable_margin_right, 0);
user_pref(print.printer_Brother_MFC-240C_(Copy_1).print_unwriteable_margin_top, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_bgcolor, false);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_bgimages, false);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_command, );
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_downloadfonts, false);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_edge_bottom, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_edge_left, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_edge_right, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_edge_top, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_evenpages, true);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_footercenter, );
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_footerleft, &PT);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_footerright, &D);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_headercenter, );
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_headerleft, &T);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_headerright, &U);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_in_color, true);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_margin_bottom, 0.5);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_margin_left, 0.5);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_margin_right, 0.5);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_margin_top, 0.5);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_oddpages, true);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_orientation, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_page_delay, 50);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_paper_data, 1);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_paper_height,  11.00);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_paper_size_type, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_paper_size_unit, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_paper_width,   8.50);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_reversed, false);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_scaling,   1.25);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_shrink_to_fit, false);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_to_file, false);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_to_filename, );
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_bottom, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_left, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_right, 0);
user_pref(print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_top, 0);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_bgcolor, false);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_bgimages, false);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_evenpages, true);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_footercenter, );
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_footerleft, &PT);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_footerright, &D);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_headercenter, );
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_headerleft, &T);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_headerright, &U);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_in_color, true);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_margin_bottom, 0.5);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_margin_left, 0.5);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_margin_right, 0.5);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_margin_top, 0.5);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_oddpages, true);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_orientation, 0);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_reversed, false);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_scaling,   1.00);
user_pref(print.printer_\\\\CINDYJO-LAPTOP\\HP_Deskjet_460_Series.print_shrink_to_fit, true);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_bgcolor, false);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_bgimages, false);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_command, );
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_downloadfonts, false);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_edge_bottom, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_edge_left, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_edge_right, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_edge_top, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_evenpages, true);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_footercenter, );
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_footerleft, &PT);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_footerright, &D);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_headercenter, );
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_headerleft, &T);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_headerright, &U);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_in_color, true);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_margin_bottom, 0.5);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_margin_left, 0.5);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_margin_right, 0.5);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_margin_top, 0.5);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_oddpages, true);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_orientation, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_page_delay, 50);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_paper_data, 1);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_paper_height,  11.00);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_paper_size_type, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_paper_size_unit, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_paper_width,   8.50);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_reversed, false);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_scaling,   1.25);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_shrink_to_fit, false);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_to_file, false);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_to_filename, );
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_unwriteable_margin_bottom, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_unwriteable_margin_left, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_unwriteable_margin_right, 0);
user_pref(print.printer_\\\\DESKTOP-PC\\HP_LaserJet_4P.print_unwriteable_margin_top, 0);
user_pref(print_printer, HP Deskjet 1000 J110 series);
user_pref(printer_HP_Deskjet_1000_J110_series.print_bgcolor, false);
user_pref(printer_HP_Deskjet_1000_J110_series.print_bgimages, false);
user_pref(printer_HP_Deskjet_1000_J110_series.print_colorspace, );
user_pref(printer_HP_Deskjet_1000_J110_series.print_command, );
user_pref(printer_HP_Deskjet_1000_J110_series.print_downloadfonts, false);
user_pref(printer_HP_Deskjet_1000_J110_series.print_edge_bottom, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_edge_left, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_edge_right, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_edge_top, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_evenpages, true);
user_pref(printer_HP_Deskjet_1000_J110_series.print_footercenter, );
user_pref(printer_HP_Deskjet_1000_J110_series.print_footerleft, &PT);
user_pref(printer_HP_Deskjet_1000_J110_series.print_footerright, &D);
user_pref(printer_HP_Deskjet_1000_J110_series.print_headercenter, );
user_pref(printer_HP_Deskjet_1000_J110_series.print_headerleft, &T);
user_pref(printer_HP_Deskjet_1000_J110_series.print_headerright, &U);
user_pref(printer_HP_Deskjet_1000_J110_series.print_in_color, true);
user_pref(printer_HP_Deskjet_1000_J110_series.print_margin_bottom, 0.5);
user_pref(printer_HP_Deskjet_1000_J110_series.print_margin_left, 0.5);
user_pref(printer_HP_Deskjet_1000_J110_series.print_margin_right, 0.5);
user_pref(printer_HP_Deskjet_1000_J110_series.print_margin_top, 0.5);
user_pref(printer_HP_Deskjet_1000_J110_series.print_oddpages, true);
user_pref(printer_HP_Deskjet_1000_J110_series.print_orientation, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_page_delay, 50);
user_pref(printer_HP_Deskjet_1000_J110_series.print_paper_data, 1);
user_pref(printer_HP_Deskjet_1000_J110_series.print_paper_height,  11.00);
user_pref(printer_HP_Deskjet_1000_J110_series.print_paper_name, );
user_pref(printer_HP_Deskjet_1000_J110_series.print_paper_size_type, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_paper_size_unit, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_paper_width,   8.50);
user_pref(printer_HP_Deskjet_1000_J110_series.print_plex_name, );
user_pref(printer_HP_Deskjet_1000_J110_series.print_resolution_name, );
user_pref(printer_HP_Deskjet_1000_J110_series.print_reversed, false);
user_pref(printer_HP_Deskjet_1000_J110_series.print_scaling,   1.00);
user_pref(printer_HP_Deskjet_1000_J110_series.print_shrink_to_fit, true);
user_pref(printer_HP_Deskjet_1000_J110_series.print_to_file, false);
user_pref(printer_HP_Deskjet_1000_J110_series.print_to_filename, );
user_pref(printer_HP_Deskjet_1000_J110_series.print_unwriteable_margin_bottom, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_unwriteable_margin_left, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_unwriteable_margin_right, 0);
user_pref(printer_HP_Deskjet_1000_J110_series.print_unwriteable_margin_top, 0);
user_pref(privacy.cpd.cookies, false);
user_pref(privacy.cpd.sessions, false);
user_pref(privacy.popups.showBrowserMessage, false);
user_pref(privacy.sanitize.migrateFx3Prefs, true);
user_pref(privacy.sanitize.timeSpan, 0);
user_pref(security.warn_viewing_mixed, false);
user_pref(security.warn_viewing_mixed.show_once, false);
user_pref(services.sync.account, prosign@cox.net);
user_pref(services.sync.bookmarks.lastSync, 1352155288.55);
user_pref(services.sync.bookmarks.lastSyncLocal, 1358520785011);
user_pref(services.sync.bookmarks.syncID, 5vio_QAh3HFt);
user_pref(services.sync.client.GUID, yMPwRmUQGF);
user_pref(services.sync.client.name, T8r Salad's Firefox on Windows NT 6.1);
user_pref(services.sync.client.syncID, 2fIAraqX0n7_);
user_pref(services.sync.clients.lastRecordUpload, 1358520783);
user_pref(services.sync.clients.lastSync, 0);
user_pref(services.sync.clients.lastSyncLocal, 1358520783268);
user_pref(services.sync.clients.syncID, LYoDndQHPRRG);
user_pref(services.sync.clusterURL, https://phx-sync545.services.mozilla.com/);
user_pref(services.sync.deletePwd, true);
user_pref(services.sync.engine.history, false);
user_pref(services.sync.engine.prefs, false);
user_pref(services.sync.engine.prefs.modified, false);
user_pref(services.sync.engine.tabs, false);
user_pref(services.sync.forms.lastSync, 0);
user_pref(services.sync.forms.lastSyncLocal, 0);
user_pref(services.sync.forms.syncID, 6BlXsNxYYr4m);
user_pref(services.sync.globalScore, 0);
user_pref(services.sync.history.lastSync, 0);
user_pref(services.sync.history.lastSyncLocal, 0);
user_pref(services.sync.history.syncID, Y0p6LBZHMIzh);
user_pref(services.sync.lastClusterUpdate, 1317998532576);
user_pref(services.sync.lastPing, 1358520782);
user_pref(services.sync.lastSync, Mon Nov 05 2012 16:41:29 GMT-0600 (Central Standard Time));
user_pref(services.sync.lastversion, 1.7);
user_pref(services.sync.migrated, true);
user_pref(services.sync.nextHeartbeat, 0);
user_pref(services.sync.nextSync, 1358607185);
user_pref(services.sync.notifyTabState, 0);
user_pref(services.sync.numClients, 1);
user_pref(services.sync.passwords.lastSync, 1352155291.90);
user_pref(services.sync.passwords.lastSyncLocal, 1358520785012);
user_pref(services.sync.passwords.syncID, bQ4xPBlr5Jv2);
user_pref(services.sync.prefs.lastSync, 0);
user_pref(services.sync.prefs.lastSyncLocal, 0);
user_pref(services.sync.prefs.sync.browser.history_expire_days, true);
user_pref(services.sync.prefs.sync.browser.history_expire_days_min, true);
user_pref(services.sync.prefs.sync.browser.tabs.tabMaxWidth, true);
user_pref(services.sync.prefs.sync.browser.tabs.tabMinWidth, true);
user_pref(services.sync.prefs.sync.dom.disable_window_open_feature.status, true);
user_pref(services.sync.prefs.sync.dom.disable_window_status_change, true);
user_pref(services.sync.prefs.sync.security.enable_java, true);
user_pref(services.sync.prefs.syncID, jLHaQ_ZvUS2U);
user_pref(services.sync.syncInterval, 86400000);
user_pref(services.sync.syncThreshold, 1000);
user_pref(services.sync.tabs.lastSync, 0);
user_pref(services.sync.tabs.lastSyncLocal, 0);
user_pref(services.sync.tabs.syncID, oPZyEg8_w3To);
user_pref(services.sync.username, 4w5t7miwyxo4rzhymtcqlf4h37puuqgt);
user_pref(storage.vacuum.last.index, 0);
user_pref(storage.vacuum.last.places.sqlite, 1338398469);
user_pref(toolkit.telemetry.prompted, true);
user_pref(urlclassifier.keyupdatetime.https://sb-ssl.google.com/safebrowsing/newkey, 1361112767);
user_pref(xpinstall.whitelist.add, );
user_pref(xpinstall.whitelist.add.36, );
user_pref(browser.search.selectedEngine, bing);
user_pref(browser.search.defaultenginename, bing
FF - component: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\components\dpffcli.dll
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINNT_x86-msvc\components\WeaveCrypto.dll
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\T8r Salad\AppData\Local\DIRECTV Player\npPCShowPlugin.dll
FF - plugin: C:\Users\T8r Salad\AppData\Local\DIRECTV Player\npPlayerPlugin.dll
FF - plugin: C:\Users\T8r Salad\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\T8r Salad\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll
FF - plugin: C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Users\T8r Salad\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\T8r Salad\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - ExtSQL: !HIDDEN! 2013-01-17 22:52; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; C:\Program Files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension
.
============= SERVICES / DRIVERS ===============
.
R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2011-11-3 114184]
R1 DVMIO;DeviceVM IO Service;C:\Windows\System32\drivers\dvmio.sys [2010-1-29 20056]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2010/08/19 02:52:23];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2010-8-19 146928]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-11-16 89600]
R2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2010-9-27 75648]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-1-22 203264]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-1-9 659968]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-17 135952]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-1-15 127984]
R2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2012-11-28 23552]
R2 hasplms;Sentinel HASP License Manager;C:\Windows\System32\hasplms.exe -run --> C:\Windows\System32\hasplms.exe -run [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-12-16 102968]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2012-6-28 65657]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.EXE [2010-8-19 2320920]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-1-6 2184496]
R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-10-9 493248]
R2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2011-11-3 749112]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-2-26 2669840]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\amppal.sys [2012-1-9 195584]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-10-26 151936]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2010-7-28 10610400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\amppal.sys [2012-1-9 195584]
S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\System32\drivers\motoandroid.sys [2009-7-10 31744]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2012-1-25 22016]
S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2012-1-25 9728]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-2-26 273168]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-11-1 7680512]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-26 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-8-19 232992]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-9-11 333928]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-26 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-2 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2013-08-09 13:30:02 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E11ED67A-86F2-4559-9B1A-EABE3D91F189}\mpengine.dll
2013-08-06 23:07:39 216064 ----a-w- C:\Windows\SysWow64\gcapi_dll.dll
2013-07-25 04:15:29 63384 ----a-r- C:\Users\T8r Salad\AppData\Roaming\Microsoft\Installer\{43D1B973-3D12-42ba-9E6E-56A8FEFF5250}\ARPPRODUCTICON.exe
2013-07-25 04:15:28 -------- d-----w- C:\Users\T8r Salad\AppData\Local\DIRECTV Player
2013-07-22 19:54:50 -------- d-----w- C:\Windows\System32\MRT
2013-07-18 13:25:10 -------- d-----w- C:\ProgramData\r2 Studios
2013-07-18 13:25:06 -------- d-----w- C:\Program Files\r2 Studios
2013-07-16 21:59:00 -------- d-----w- C:\Users\T8r Salad\AppData\Roaming\webex
2013-07-16 21:58:23 -------- d-----w- C:\ProgramData\WebEx
2013-07-16 21:09:42 -------- d-----w- C:\ProgramData\LightScribe
2013-07-11 15:28:15 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-07-11 15:27:49 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-11 15:27:49 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
.
==================== Find3M  ====================
.
2013-08-09 23:16:49 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat
2013-08-02 07:50:21 151728 ----a-w- C:\Windows\SysWow64\WRusr.dll
2013-08-02 07:50:21 114184 ----a-w- C:\Windows\System32\drivers\WRkrn.sys
2013-08-02 07:50:21 104360 ----a-w- C:\Windows\System32\WRusr.dll
2013-07-11 22:05:06 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-11 22:05:06 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-22 16:51:06 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-22 16:51:06 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-06-22 16:51:06 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
.
============= FINISH: 16:20:16.40 ===============
 
 
Link to post
Share on other sites

  • Root Admin

Hi there..

Please run the following steps and post back all the logs as ATTACHMENTS by clicking on the More Reply Options button.
Please don't put logs in code or quote tags or copy/paste them into your reply unless you're unable to attach them.
Please enable your system to show hidden files: How to see hidden files in Windows

P2P/Piracy Warning:

  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.


STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02
Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.


STEP 03
Please download Malwarebytes Anti-Rootkit from here

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

STEP 04
Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus


STEP 05
Please download AdwCleaner by Xplode to your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • If prompted by the User Account Control click Yes to allow it to run.
  • Under Actions click on the Delete button.
  • Click OK on all prompts.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the entire contents of that logfile to your next reply.
  • You can find the logfile at C:\AdwCleaner[s1].txt where the number in brackets indicates how often it was run.


STEP 06
button_eos.gif

Please go here to run the online antivirus scannner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.



STEP 07
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.


 

Link to post
Share on other sites

RogueKiller V8.6.5 _x64_ [Aug  5 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : T8r Salad [Admin rights]
Mode : Scan -- Date : 08/10/2013 08:31:27
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 2 ¤¤¤
[sUSP PATH] PCShowServerPMWrapper.exe -- C:\Users\T8r Salad\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe [7] -> KILLED [TermProc]
[sUSP PATH] NDSPCShowServer.exe -- C:\Users\T8r Salad\AppData\Local\DIRECTV Player\NDSPCShowServer.exe [7] -> KILLED [TermProc]
 
¤¤¤ Registry Entries : 10 ¤¤¤
[RUN][sUSP PATH] HKCU\[...]\Run : Google Update ("C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND
[RUN][sUSP PATH] HKCU\[...]\Run : PCShowServer ("C:\Users\T8r Salad\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe" [7]) -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-3234435069-2337432931-1277263858-1001\[...]\Run : Google Update ("C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-3234435069-2337432931-1277263858-1001\[...]\Run : PCShowServer ("C:\Users\T8r Salad\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe" [7]) -> FOUND
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 4 ¤¤¤
[V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-3234435069-2337432931-1277263858-1001UA.job : C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND
[V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-3234435069-2337432931-1277263858-1001Core.job : C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND
[V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-3234435069-2337432931-1277263858-1001Core : C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND
[V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-3234435069-2337432931-1277263858-1001UA : C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] 5409b1cd23a2bb3a113fb4b9a40e9ce7
[bSP] 605dbfb8eb6280c37de5f0e0e187d455 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 453314 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 928796672 | Size: 23322 Mo
3 - [XXXXXX] FAT16-LBA (0x0e) [VISIBLE] Offset (sectors): 976560128 | Size: 103 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_S_08102013_083127.txt >>
Link to post
Share on other sites

Malwarebytes Anti-Rootkit BETA 1.06.1.1005

www.malwarebytes.org

 

Database version: v2013.08.10.01

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16635

T8r Salad :: T8RSALAD-PC [administrator]

 

8/10/2013 8:38:02 AM

mbar-log-2013-08-10 (08-38-02).txt

 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P

Scan options disabled: PUP

Objects scanned: 271267

Time elapsed: 34 minute(s), 26 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

Physical Sectors Detected: 0

(No malicious items detected)

 

(end)

 

 


---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.06.1.1005

 

© Malwarebytes Corporation 2011-2012

 

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

 

Account is Administrative

 

Internet Explorer version: 10.0.9200.16635

 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED

CPU speed: 2.394000 GHz

Memory total: 4083007488, free: 1995112448

 

Downloaded database version: v2013.08.08.01

Downloaded database version: v2013.08.08.02

Downloaded database version: v2013.08.08.03

Downloaded database version: v2013.08.08.04

Downloaded database version: v2013.08.08.05

Downloaded database version: v2013.08.08.06

Downloaded database version: v2013.08.08.07

Downloaded database version: v2013.08.09.01

Downloaded database version: v2013.08.09.02

Downloaded database version: v2013.08.09.03

Downloaded database version: v2013.08.09.04

Downloaded database version: v2013.08.09.05

Downloaded database version: v2013.08.09.06

Downloaded database version: v2013.08.09.07

Downloaded database version: v2013.08.10.01

Initializing...

------------ Kernel report ------------

     08/10/2013 08:37:58

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_GenuineIntel.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\DRIVERS\compbatt.sys

\SystemRoot\system32\DRIVERS\BATTC.SYS

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\DRIVERS\iaStor.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\drivers\msahci.sys

\SystemRoot\system32\drivers\PCIIDEX.SYS

\SystemRoot\system32\drivers\amdxata.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\System32\drivers\WRkrn.sys

\SystemRoot\System32\drivers\msrpc.sys

\SystemRoot\System32\drivers\NETIO.SYS

\SystemRoot\System32\drivers\NDIS.SYS

\SystemRoot\System32\drivers\TDI.SYS

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\DRIVERS\wd.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\system32\DRIVERS\hpdskflt.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\DRIVERS\disk.sys

\SystemRoot\system32\DRIVERS\CLASSPNP.SYS

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\vwififlt.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\termdd.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\drivers\mssmbios.sys

\SystemRoot\system32\DRIVERS\dvmio.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\atikmpag.sys

\SystemRoot\system32\DRIVERS\atikmdag.sys

\SystemRoot\system32\DRIVERS\igdpmd64.sys

\SystemRoot\System32\Drivers\fastfat.SYS

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\drivers\HDAudBus.sys

\SystemRoot\system32\DRIVERS\HECIx64.sys

\SystemRoot\system32\drivers\usbehci.sys

\SystemRoot\system32\drivers\USBPORT.SYS

\SystemRoot\system32\DRIVERS\Netwsw00.sys

\SystemRoot\system32\DRIVERS\vwifibus.sys

\SystemRoot\system32\DRIVERS\i8042prt.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\SynTP.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\Impcd.sys

\SystemRoot\system32\DRIVERS\Accelerometer.sys

\SystemRoot\system32\DRIVERS\CmBatt.sys

\SystemRoot\system32\drivers\wmiacpi.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\AMPPAL.sys

\SystemRoot\system32\drivers\CompositeBus.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\drivers\swenum.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\drivers\umbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\system32\DRIVERS\stwrt64.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_iaStor.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\WinUSB.sys

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\System32\Drivers\usbvideo.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\drivers\luafv.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\nwifi.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\??\C:\Windows\system32\drivers\aksdf.sys

\SystemRoot\system32\DRIVERS\aksfridge.sys

\??\C:\Windows\system32\drivers\hardlock.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\??\c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\system32\drivers\WudfPf.sys

\SystemRoot\System32\cdd.dll

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\system32\DRIVERS\asyncmac.sys

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\mbamswissarmy.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

\Windows\System32\autochk.exe

\Windows\System32\sechost.dll

\Windows\System32\msctf.dll

\Windows\System32\normaliz.dll

\Windows\System32\setupapi.dll

\Windows\System32\advapi32.dll

\Windows\System32\iertutil.dll

\Windows\System32\wininet.dll

\Windows\System32\kernel32.dll

\Windows\System32\imm32.dll

\Windows\System32\gdi32.dll

\Windows\System32\ole32.dll

\Windows\System32\usp10.dll

\Windows\System32\urlmon.dll

\Windows\System32\clbcatq.dll

\Windows\System32\Wldap32.dll

\Windows\System32\lpk.dll

\Windows\System32\psapi.dll

\Windows\System32\msvcrt.dll

\Windows\System32\imagehlp.dll

\Windows\System32\nsi.dll

\Windows\System32\comdlg32.dll

\Windows\System32\shell32.dll

\Windows\System32\oleaut32.dll

\Windows\System32\shlwapi.dll

\Windows\System32\difxapi.dll

\Windows\System32\rpcrt4.dll

\Windows\System32\user32.dll

\Windows\System32\ws2_32.dll

\Windows\System32\cfgmgr32.dll

\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

\Windows\System32\devobj.dll

\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

\Windows\System32\crypt32.dll

\Windows\System32\wintrust.dll

\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

\Windows\System32\KernelBase.dll

\Windows\System32\comctl32.dll

\Windows\System32\msasn1.dll

\Windows\SysWOW64\normaliz.dll

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xfffffa8007004060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IAAStorageDevice-1\

Lower Device Object: 0xfffffa800501d050

Lower Device Driver Name: \Driver\iaStor\

<<<2>>>

Device number: 0, partition: 2

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xfffffa8007004060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa80051359d0, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8007004060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa8005136b10, DeviceName: Unknown, DriverName: \Driver\hpdskflt\

DevicePointer: 0xfffffa800501d050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

Device number: 0, partition: 2

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\Windows\system32\drivers...

<<<2>>>

Device number: 0, partition: 2

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 41EA23B6

 

Partition information:

 

    Partition 0 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 2048  Numsec = 407552

    Partition file system is NTFS

    Partition is bootable

 

    Partition 1 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 409600  Numsec = 928387072

 

    Partition 2 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 928796672  Numsec = 47763456

 

    Partition 3 type is Other (0xe)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 976560128  Numsec = 210992

 

Disk Size: 500107862016 bytes

Sector size: 512 bytes

 

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...

Done!

Scan finished

=======================================

 

 

Removal queue found; removal started

Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...

Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_0_2048_i.mbam...

Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...

Removal finished

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.06.1.1005

 

© Malwarebytes Corporation 2011-2012

 

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

 

Account is Administrative

 

Internet Explorer version: 10.0.9200.16635

 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED

CPU speed: 2.394000 GHz

Memory total: 4083007488, free: 1878630400

 

Downloaded database version: v2013.08.08.01

Downloaded database version: v2013.08.08.02

Downloaded database version: v2013.08.08.03

Downloaded database version: v2013.08.08.04

Downloaded database version: v2013.08.08.05

Downloaded database version: v2013.08.08.06

Downloaded database version: v2013.08.08.07

Downloaded database version: v2013.08.09.01

Downloaded database version: v2013.08.09.02

Downloaded database version: v2013.08.09.03

Downloaded database version: v2013.08.09.04

Downloaded database version: v2013.08.09.05

Downloaded database version: v2013.08.09.06

Downloaded database version: v2013.08.09.07

Downloaded database version: v2013.08.10.01

Initializing...

------------ Kernel report ------------

     08/10/2013 09:14:19

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_GenuineIntel.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\DRIVERS\compbatt.sys

\SystemRoot\system32\DRIVERS\BATTC.SYS

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\DRIVERS\iaStor.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\drivers\msahci.sys

\SystemRoot\system32\drivers\PCIIDEX.SYS

\SystemRoot\system32\drivers\amdxata.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\System32\drivers\WRkrn.sys

\SystemRoot\System32\drivers\msrpc.sys

\SystemRoot\System32\drivers\NETIO.SYS

\SystemRoot\System32\drivers\NDIS.SYS

\SystemRoot\System32\drivers\TDI.SYS

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\DRIVERS\wd.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\system32\DRIVERS\hpdskflt.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\DRIVERS\disk.sys

\SystemRoot\system32\DRIVERS\CLASSPNP.SYS

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\vwififlt.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\termdd.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\drivers\mssmbios.sys

\SystemRoot\system32\DRIVERS\dvmio.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\atikmpag.sys

\SystemRoot\system32\DRIVERS\atikmdag.sys

\SystemRoot\system32\DRIVERS\igdpmd64.sys

\SystemRoot\System32\Drivers\fastfat.SYS

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\drivers\HDAudBus.sys

\SystemRoot\system32\DRIVERS\HECIx64.sys

\SystemRoot\system32\drivers\usbehci.sys

\SystemRoot\system32\drivers\USBPORT.SYS

\SystemRoot\system32\DRIVERS\Netwsw00.sys

\SystemRoot\system32\DRIVERS\vwifibus.sys

\SystemRoot\system32\DRIVERS\i8042prt.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\SynTP.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\Impcd.sys

\SystemRoot\system32\DRIVERS\Accelerometer.sys

\SystemRoot\system32\DRIVERS\CmBatt.sys

\SystemRoot\system32\drivers\wmiacpi.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\AMPPAL.sys

\SystemRoot\system32\drivers\CompositeBus.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\drivers\swenum.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\drivers\umbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\system32\DRIVERS\stwrt64.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_iaStor.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\WinUSB.sys

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\System32\Drivers\usbvideo.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\drivers\luafv.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\nwifi.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\??\C:\Windows\system32\drivers\aksdf.sys

\SystemRoot\system32\DRIVERS\aksfridge.sys

\??\C:\Windows\system32\drivers\hardlock.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\??\c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\system32\drivers\WudfPf.sys

\SystemRoot\System32\cdd.dll

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\system32\DRIVERS\asyncmac.sys

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\mbamswissarmy.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

\Windows\System32\autochk.exe

\Windows\System32\sechost.dll

\Windows\System32\msctf.dll

\Windows\System32\normaliz.dll

\Windows\System32\setupapi.dll

\Windows\System32\advapi32.dll

\Windows\System32\iertutil.dll

\Windows\System32\wininet.dll

\Windows\System32\kernel32.dll

\Windows\System32\imm32.dll

\Windows\System32\gdi32.dll

\Windows\System32\ole32.dll

\Windows\System32\usp10.dll

\Windows\System32\urlmon.dll

\Windows\System32\clbcatq.dll

\Windows\System32\Wldap32.dll

\Windows\System32\lpk.dll

\Windows\System32\psapi.dll

\Windows\System32\msvcrt.dll

\Windows\System32\imagehlp.dll

\Windows\System32\nsi.dll

\Windows\System32\comdlg32.dll

\Windows\System32\shell32.dll

\Windows\System32\oleaut32.dll

\Windows\System32\shlwapi.dll

\Windows\System32\difxapi.dll

\Windows\System32\rpcrt4.dll

\Windows\System32\user32.dll

\Windows\System32\ws2_32.dll

\Windows\System32\cfgmgr32.dll

\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

\Windows\System32\devobj.dll

\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

\Windows\System32\crypt32.dll

\Windows\System32\wintrust.dll

\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

\Windows\System32\KernelBase.dll

\Windows\System32\comctl32.dll

\Windows\System32\msasn1.dll

\Windows\SysWOW64\normaliz.dll

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xfffffa8007004060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IAAStorageDevice-1\

Lower Device Object: 0xfffffa800501d050

Lower Device Driver Name: \Driver\iaStor\

<<<2>>>

Device number: 0, partition: 2

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xfffffa8007004060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa80051359d0, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8007004060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa8005136b10, DeviceName: Unknown, DriverName: \Driver\hpdskflt\

DevicePointer: 0xfffffa800501d050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

Device number: 0, partition: 2

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\Windows\system32\drivers...

<<<2>>>

Device number: 0, partition: 2

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 41EA23B6

 

Partition information:

 

    Partition 0 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 2048  Numsec = 407552

    Partition file system is NTFS

    Partition is bootable

 

    Partition 1 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 409600  Numsec = 928387072

 

    Partition 2 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 928796672  Numsec = 47763456

 

    Partition 3 type is Other (0xe)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 976560128  Numsec = 210992

 

Disk Size: 500107862016 bytes

Sector size: 512 bytes

 

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...

Done!

 

Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 5.4.1 (08.10.2013:1)

OS: Windows 7 Home Premium x64

Ran by T8r Salad on Sat 08/10/2013 at  9:52:58.68

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{C0C6E1B9-707A-442E-9AB3-71E285D6370F}

Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"

Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"

 

 

 

~~~ Files

 

Successfully deleted: [File] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ebay.lnk"

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\babylon"

Successfully deleted: [Folder] "C:\ProgramData\big fish games"

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"

Successfully deleted: [Folder] "C:\Users\T8r Salad\AppData\Roaming\strongvault"

Successfully deleted: [Folder] "C:\Users\T8r Salad\appdata\local\downloadterms"

Successfully deleted: [Folder] "C:\Users\T8r Salad\appdata\local\smartbar"

Successfully deleted: [Folder] "C:\Users\T8r Salad\appdata\local\swvupdater"

Successfully deleted: [Folder] "C:\Users\T8r Salad\appdata\locallow\ilividtoolbarguid"

Successfully deleted: [Folder] "C:\Users\T8r Salad\appdata\locallow\smartbar"

Successfully deleted: [Folder] "C:\Program Files (x86)\delta"

Successfully deleted: [Folder] "C:\Program Files (x86)\search results toolbar"

Successfully deleted: [Folder] "C:\ai_recyclebin"

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

 

 

 

~~~ FireFox

 

Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"

Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"

Successfully deleted: [File] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\searchplugins\delta.xml

Successfully deleted: [File] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\searchplugins\search_results.xml

Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\cxfnl@nxazbwxrbgsgfqqp.net"

Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}"

Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}"

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\ilividtoolbarguid

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\ffxtlbr@babylon.com

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\cxfnl@nxazbwxrbgsgfqqp.net

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\staged

Failed to delete: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\{3EC9C995-8072-4FC0-953E-4F30620D17F3}

Successfully deleted: [Folder] C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\extensions\{F34C9277-6577-4DFF-B2D7-7D58092F272F}

Successfully deleted the following from C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\prefs.js

 

# Mozilla User Preferences

 

/* Do not edit this file.

 *

 * If you make changes to this file while the application is running,

 * the changes will be overwritten when the appl

Emptied folder: C:\Users\T8r Salad\AppData\Roaming\mozilla\firefox\profiles\e03hvm6l.default\minidumps [1 files]

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sat 08/10/2013 at  9:59:46.08

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

# AdwCleaner v2.306 - Logfile created 08/10/2013 at 10:29:52

# Updated 19/07/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : T8r Salad - T8RSALAD-PC

# Boot Mode : Normal

# Running from : C:\Users\T8r Salad\Downloads\AdwCleaner (2).exe

# Option [Delete]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

Deleted on reboot : C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

Deleted on reboot : C:\ProgramData\Browser Manager

Deleted on reboot : C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}

Folder Deleted : C:\Users\T8r Salad\AppData\Local\PackageAware

Folder Deleted : C:\Users\T8RSAL~1\AppData\Local\Temp\Smartbar

 

***** [Registry] *****

 

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v10.0.9200.16635

 

[OK] Registry is clean.

 

-\\ Mozilla Firefox v8.0 (en-US)

 

File : C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\prefs.js

 

[OK] File is clean.

 

-\\ Google Chrome v28.0.1500.95

 

File : C:\Users\T8r Salad\AppData\Local\Google\Chrome\User Data\Default\Preferences

 


 

*************************

 

AdwCleaner[R1].txt - [3144 octets] - [09/08/2013 19:18:40]

AdwCleaner[s1].txt - [1429 octets] - [10/08/2013 10:29:52]

 

########## EOF - C:\AdwCleaner[s1].txt - [1489 octets] ##########
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-08-2013

Ran by T8r Salad (administrator) on 10-08-2013 12:06:31

Running from C:\Users\T8r Salad\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 10

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(Webroot) C:\Program Files\Webroot\WRSA.exe

(AMD) C:\Windows\system32\atiesrxx.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe

(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe

(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(AMD) C:\Windows\system32\atieclxx.exe

(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe

(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe

(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(SafeNet Inc.) C:\Windows\system32\hasplms.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Webroot) C:\Program Files\Webroot\WRSA.exe

(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Acresso Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe

(NDS Technologies) C:\Users\T8r Salad\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe

() C:\Users\T8r Salad\AppData\Local\DIRECTV Player\NDSPCShowServer.exe

(Akamai Technologies, Inc.) C:\Users\T8r Salad\AppData\Local\Akamai\netsession_win.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

(Google Inc.) C:\Users\T8r Salad\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe

(Google Inc.) C:\Users\T8r Salad\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

(Akamai Technologies, Inc.) C:\Users\T8r Salad\AppData\Local\Akamai\netsession_win.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe

(Google Inc.) C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)

HKLM\...\Run: [smartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()

HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2009-12-16] (Hewlett-Packard)

HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-11-16] (IDT, Inc.)

HKLM\...\Run: [startupDelayer] - C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe [1080832 2013-06-01] (r2 Studios)

HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,

HKCU\...\Run: [Google Update] - C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-12] (Google Inc.)

HKCU\...\Run: [googletalk] - C:\Users\T8r Salad\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)

HKCU\...\Run: [iSUSPM] - C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [210208 2008-10-20] (Acresso Corporation)

HKCU\...\Run: [cdloader] - C:\Users\T8r Salad\AppData\Roaming\mjusbsp\cdloader2.exe [50592 2012-02-01] (magicJack L.P.)

HKCU\...\Run: [PCShowServer] - C:\Users\T8r Salad\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe [525240 2012-10-15] (NDS Technologies)

HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\T8r Salad\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)

HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google)

MountPoints2: G - G:\setup.exe -a

MountPoints2: {1f7388f8-2673-11e2-adf9-60eb691eacf5} - H:\setup.exe -a

MountPoints2: {71871200-cab8-11e1-b3c0-a8e8b222045a} - G:\setup.exe -a

MountPoints2: {7562b0d7-938e-11e0-bc6d-a4606b09fe4c} - G:\TL_Bootstrap.exe

MountPoints2: {a53ad97d-397e-11e2-9a04-0026c784a85e} - G:\setup.exe -a

HKLM-x32\...\Run: [WRSVC] - C:\Program Files\Webroot\WRSA.exe [749112 2013-08-02] (Webroot)

HKLM-x32\...\Run: [] -  [x]

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-01-27] ()

Lsa: [Notification Packages] DPPassFilter scecli

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.msn.iplay.com/?o=shp

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {C0C6E1B9-707A-442E-9AB3-71E285D6370F} URL = 

BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File

BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()

Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File


Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

 

FireFox:

========

FF ProfilePath: C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @oberon-media.com/ONCAdapter - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @nds.com/PCShowPlugin - C:\Users\T8r Salad\AppData\Local\DIRECTV Player\npPCShowPlugin.dll No File

FF Plugin HKCU: @nds.com/PlayerPlugin - C:\Users\T8r Salad\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)

FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\T8r Salad\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\T8r Salad\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\T8r Salad\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\T8r Salad\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\T8r Salad\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: NDS.com/PlayerPlugin - C:\Users\T8r Salad\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\bingober28785585.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml

FF Extension: No Name - C:\Users\T8r Salad\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

FF Extension: No Name - C:\Users\T8r Salad\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

FF Extension: Oberon GamesBar - C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\Extensions\gamesbar@oberon-media.com

FF Extension: Garmin Communicator - C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

FF Extension: No Name - C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\Extensions\{787e8757-f4d4-4ffc-be04-c267bf82d846}

FF Extension: No Name - C:\Users\T8r Salad\AppData\Roaming\Mozilla\Firefox\Profiles\e03hvm6l.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\

FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\

 

Chrome: 

=======

CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Shockwave Flash) - C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)

CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\plugins\npatgpc.dll (Cisco WebEx LLC)

CHR Plugin: (Google Talk Plugin) - C:\Users\T8r Salad\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\T8r Salad\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\T8r Salad\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Oberon com adapter) - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )

CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (PCShow Player Plugin) - C:\Users\T8r Salad\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

CHR Extension: () - C:\Users\T8RSAL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0

CHR StartMenuInternet: Google Chrome - C:\Users\T8r Salad\AppData\Local\Google\Chrome\Application\chrome.exe

 

==================== Services (Whitelisted) =================

 

R2 CronService; C:\Prey\platform\windows\cronsvc.exe [23552 2012-11-28] (Fork Ltd.)

R2 hasplms; C:\Windows\system32\hasplms.exe [4180576 2010-09-27] (SafeNet Inc.)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()

R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [749112 2013-08-02] (Webroot)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

 

==================== Drivers (Whitelisted) ====================

 

S3 CADlink; C:\Vision Pro LT7\CADlink.sys [11264 2008-04-08] (CADlink Technology)

S3 CADlink; C:\Vision Pro LT7\CADlink.sys [11264 2008-04-08] (CADlink Technology)

R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2010-01-29] (DeviceVM, Inc.)

R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw00.sys [11471872 2012-02-20] (Intel Corporation)

S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)

R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [114184 2013-08-02] (Webroot)

R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2010-01-27] (CyberLink Corp.)

R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2010-01-27] (CyberLink Corp.)

S3 Andbus; system32\DRIVERS\lgandbus64.sys [x]

S3 AndDiag; system32\DRIVERS\lganddiag64.sys [x]

S3 AndGps; system32\DRIVERS\lgandgps64.sys [x]

S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [x]

S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [x]

S3 AndNetGps; system32\DRIVERS\lgandnetgps64.sys [x]

S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [x]

S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [x]

S3 usbbus; system32\DRIVERS\lgx64bus.sys [x]

S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [x]

S3 USBModem; system32\DRIVERS\lgx64modem.sys [x]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-08-10 12:05 - 2013-08-10 12:05 - 01790633 _____ (Farbar) C:\Users\T8r Salad\Downloads\FRST64.exe

2013-08-10 12:04 - 2013-08-10 12:04 - 00000094 _____ C:\Users\T8r Salad\Desktop\ESET.txt

2013-08-10 10:40 - 2013-08-10 10:40 - 00000000 ____D C:\Program Files (x86)\ESET

2013-08-10 10:39 - 2013-08-10 10:39 - 02347384 _____ (ESET) C:\Users\T8r Salad\Downloads\esetsmartinstaller_enu.exe

2013-08-10 10:34 - 2013-08-10 10:34 - 00001558 _____ C:\Users\T8r Salad\Desktop\AdwCleaner[s1].txt

2013-08-10 10:34 - 2013-08-10 10:34 - 00001448 _____ C:\AdwCleaner[s2].txt

2013-08-10 10:34 - 2013-08-10 10:34 - 00001373 _____ C:\Users\T8r Salad\Desktop\AdwCleaner[R2].txt

2013-08-10 10:33 - 2013-08-10 10:33 - 00001373 _____ C:\AdwCleaner[R2].txt

2013-08-10 10:29 - 2013-08-10 10:30 - 00001558 _____ C:\AdwCleaner[s1].txt

2013-08-10 10:28 - 2013-08-10 10:28 - 00666633 _____ C:\Users\T8r Salad\Downloads\AdwCleaner (2).exe

2013-08-10 09:59 - 2013-08-10 09:59 - 00004768 _____ C:\Users\T8r Salad\Desktop\JRT.txt

2013-08-10 09:52 - 2013-08-10 09:52 - 00000000 ____D C:\Windows\ERUNT

2013-08-10 09:51 - 2013-08-10 09:51 - 00958418 _____ (Oleg N. Scherbakov) C:\Users\T8r Salad\Downloads\JRT.exe

2013-08-10 09:51 - 2013-08-10 09:51 - 00958418 _____ (Oleg N. Scherbakov) C:\Users\T8r Salad\Downloads\JRT (1).exe

2013-08-10 08:37 - 2013-08-10 09:46 - 00000000 ____D C:\Users\T8r Salad\Desktop\mbar

2013-08-10 08:37 - 2013-08-10 09:46 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-08-10 08:36 - 2013-08-10 08:36 - 12081912 _____ (Malwarebytes Corp.) C:\Users\T8r Salad\Downloads\mbar-1.06.1.1005.exe

2013-08-10 08:31 - 2013-08-10 08:31 - 00003583 _____ C:\Users\T8r Salad\Desktop\RKreport[0]_S_08102013_083127.txt

2013-08-10 08:28 - 2013-08-10 08:28 - 03800064 _____ C:\Users\T8r Salad\Downloads\RogueKillerX64 (2).exe

2013-08-10 08:28 - 2013-08-10 08:28 - 00000000 ____D C:\Windows\ERDNT

2013-08-10 08:26 - 2013-08-10 08:27 - 00000000 ____D C:\Program Files (x86)\ERUNT

2013-08-10 08:26 - 2013-08-10 08:26 - 00000888 _____ C:\Users\T8r Salad\Desktop\NTREGOPT.lnk

2013-08-10 08:26 - 2013-08-10 08:26 - 00000869 _____ C:\Users\T8r Salad\Desktop\ERUNT.lnk

2013-08-10 08:25 - 2013-08-10 08:25 - 00791393 _____ (Lars Hederer                                                ) C:\Users\T8r Salad\Downloads\erunt-setup.exe

2013-08-09 19:51 - 2013-08-09 19:51 - 00666633 _____ C:\Users\T8r Salad\Downloads\adwcleaner (1).exe

2013-08-09 19:18 - 2013-08-09 19:18 - 00003144 _____ C:\AdwCleaner[R1].txt

2013-08-09 19:13 - 2013-08-09 19:14 - 00666633 _____ C:\Users\T8r Salad\Downloads\adwcleaner.exe

2013-08-09 18:59 - 2013-08-09 18:59 - 00000000 ____D C:\Users\T8r Salad\Desktop\Malware 8-09-2013

2013-08-09 18:52 - 2013-08-09 18:53 - 03800064 _____ C:\Users\T8r Salad\Downloads\RogueKillerX64 (1).exe

2013-08-09 17:11 - 2013-08-10 08:29 - 00000000 ____D C:\Users\T8r Salad\Desktop\RK_Quarantine

2013-08-09 17:09 - 2013-08-09 17:10 - 03800064 _____ C:\Users\T8r Salad\Downloads\RogueKillerX64.exe

2013-08-09 16:19 - 2013-08-09 16:19 - 00688992 ____R (Swearware) C:\Users\T8r Salad\Downloads\dds.com

2013-08-08 16:54 - 2013-08-08 16:54 - 00001495 _____ C:\Users\T8r Salad\Downloads\webinar.ics

2013-08-07 13:53 - 2013-08-07 13:53 - 00000000 ____D C:\Users\T8r Salad\Desktop\Zacks Reports

2013-08-06 16:07 - 2013-08-06 16:07 - 00002014 _____ C:\Users\Public\Desktop\Foxit Reader.lnk

2013-08-06 16:07 - 2013-06-09 21:59 - 00216064 _____ C:\Windows\SysWOW64\gcapi_dll.dll

2013-08-04 14:03 - 2013-08-06 09:50 - 00000000 ____D C:\Users\T8r Salad\Desktop\Costco 8-5-2013

2013-08-03 20:58 - 2013-08-03 20:58 - 00013105 _____ C:\Users\T8r Salad\Desktop\Windows Defender.lnk

2013-08-01 09:13 - 2013-08-01 09:13 - 00000334 _____ C:\Users\T8r Salad\Downloads\UltimateWebinar.ics

2013-07-30 10:50 - 2013-07-30 10:50 - 00000000 ____D C:\Users\T8r Salad\AppData\Roaming\Oracle

2013-07-24 21:15 - 2013-07-24 21:15 - 00000000 ____D C:\Users\T8RSAL~1\AppData\Local\DIRECTV Player

2013-07-24 21:13 - 2013-07-24 21:14 - 13024568 _____ (DIRECTV) C:\Users\T8r Salad\Downloads\DIRECTV_Player_8.0.exe

2013-07-22 12:54 - 2013-07-22 12:58 - 00000000 ____D C:\Windows\system32\MRT

2013-07-21 14:55 - 2013-07-21 14:55 - 00005079 _____ C:\Users\T8r Salad\Downloads\thankyouforyouremail.zip

2013-07-19 20:26 - 2013-07-19 20:27 - 00000000 ____D C:\Users\T8r Salad\Desktop\Cindy

2013-07-19 20:26 - 2013-07-19 20:26 - 00000000 ____D C:\Users\T8r Salad\Desktop\CMI

2013-07-18 14:47 - 2013-07-18 14:47 - 00014228 _____ C:\Users\T8r Salad\Downloads\PAUL RHODES EVENT AUGUST 29, 2013.xlsx

2013-07-18 06:25 - 2013-07-18 06:25 - 00000000 ____D C:\ProgramData\r2 Studios

2013-07-18 06:25 - 2013-07-18 06:25 - 00000000 ____D C:\Program Files\r2 Studios

2013-07-16 15:03 - 2013-07-16 16:04 - 00000000 __SHD C:\Users\T8r Salad\Documents\cache

2013-07-16 14:59 - 2013-07-16 16:04 - 00000000 ____D C:\Users\T8r Salad\AppData\Roaming\webex

2013-07-16 14:58 - 2013-07-16 15:03 - 00000000 ____D C:\ProgramData\WebEx

2013-07-16 14:09 - 2013-07-16 14:09 - 00000000 ____D C:\ProgramData\LightScribe

2013-07-16 12:37 - 2013-07-16 12:37 - 00003086 _____ C:\Windows\System32\Tasks\{3F64657A-A4DD-44CE-931F-484F450A0772}

2013-07-16 06:01 - 2013-07-18 14:30 - 00000000 ____D C:\Users\T8r Salad\Desktop\Omega

2013-07-16 06:01 - 2013-07-18 09:43 - 00000000 ____D C:\Users\T8r Salad\Desktop\Oregon 2013

2013-07-11 19:22 - 2013-07-16 06:02 - 00000000 ____D C:\Users\T8r Salad\Desktop\Scarface script

2013-07-11 14:49 - 2013-06-11 16:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-07-11 14:49 - 2013-06-11 16:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-07-11 14:49 - 2013-06-11 16:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-07-11 14:49 - 2013-06-11 16:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-07-11 14:49 - 2013-06-11 16:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-07-11 14:49 - 2013-06-11 16:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-07-11 14:49 - 2013-06-11 16:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-07-11 14:49 - 2013-06-11 16:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-07-11 14:49 - 2013-06-11 16:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-07-11 14:49 - 2013-06-11 16:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-07-11 14:49 - 2013-06-11 16:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-07-11 14:49 - 2013-06-11 16:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-07-11 14:49 - 2013-06-11 16:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-07-11 14:49 - 2013-06-11 16:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-07-11 14:49 - 2013-06-11 16:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-07-11 14:49 - 2013-06-11 16:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-07-11 14:49 - 2013-06-11 16:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-07-11 14:49 - 2013-06-11 16:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-07-11 14:49 - 2013-06-11 16:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-07-11 14:49 - 2013-06-11 16:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-07-11 14:49 - 2013-06-11 16:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-07-11 14:49 - 2013-06-11 16:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-07-11 14:49 - 2013-06-11 16:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-07-11 14:49 - 2013-06-11 16:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-07-11 14:49 - 2013-06-11 16:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-07-11 14:49 - 2013-06-11 16:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-07-11 14:49 - 2013-06-11 16:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-07-11 14:49 - 2013-06-11 15:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-07-11 14:49 - 2013-06-11 15:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-07-11 14:49 - 2013-06-06 20:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-07-11 14:49 - 2013-06-06 19:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-07-11 08:28 - 2013-06-04 20:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-07-11 08:28 - 2013-06-03 23:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2013-07-11 08:28 - 2013-06-03 21:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2013-07-11 08:28 - 2013-05-05 23:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2013-07-11 08:28 - 2013-05-05 21:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2013-07-11 08:27 - 2013-04-09 16:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2013-07-11 08:27 - 2013-04-02 15:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

 

==================== One Month Modified Files and Folders =======

 

2013-08-10 12:06 - 2013-08-10 12:06 - 00000000 ____D C:\FRST

2013-08-10 12:05 - 2013-08-10 12:05 - 01790633 _____ (Farbar) C:\Users\T8r Salad\Downloads\FRST64.exe

2013-08-10 12:04 - 2013-08-10 12:04 - 00000094 _____ C:\Users\T8r Salad\Desktop\ESET.txt

2013-08-10 12:03 - 2012-05-31 05:40 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-08-10 12:00 - 2011-03-15 16:03 - 04505600 ___SH C:\Users\T8r Salad\Desktop\Thumbs.db

2013-08-10 11:54 - 2012-10-01 13:11 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-08-10 11:36 - 2013-01-24 07:58 - 00000029 _____ C:\Windows\SysWOW64\TempWmicBatchFile.bat

2013-08-10 11:36 - 2011-04-12 20:00 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3234435069-2337432931-1277263858-1001UA.job

2013-08-10 10:43 - 2009-07-13 21:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-08-10 10:43 - 2009-07-13 21:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-08-10 10:40 - 2013-08-10 10:40 - 00000000 ____D C:\Program Files (x86)\ESET

2013-08-10 10:40 - 2010-08-19 02:44 - 01109060 _____ C:\Windows\WindowsUpdate.log

2013-08-10 10:40 - 2009-07-13 22:13 - 00730512 _____ C:\Windows\system32\PerfStringBackup.INI

2013-08-10 10:39 - 2013-08-10 10:39 - 02347384 _____ (ESET) C:\Users\T8r Salad\Downloads\esetsmartinstaller_enu.exe

2013-08-10 10:36 - 2013-01-22 08:01 - 00000000 ___RD C:\Users\T8r Salad\Google Drive

2013-08-10 10:36 - 2012-10-01 13:11 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-08-10 10:35 - 2013-05-04 10:20 - 00013272 _____ C:\Windows\setupact.log

2013-08-10 10:35 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-08-10 10:34 - 2013-08-10 10:34 - 00001558 _____ C:\Users\T8r Salad\Desktop\AdwCleaner[s1].txt

2013-08-10 10:34 - 2013-08-10 10:34 - 00001448 _____ C:\AdwCleaner[s2].txt

2013-08-10 10:34 - 2013-08-10 10:34 - 00001373 _____ C:\Users\T8r Salad\Desktop\AdwCleaner[R2].txt

2013-08-10 10:33 - 2013-08-10 10:33 - 00001373 _____ C:\AdwCleaner[R2].txt

2013-08-10 10:30 - 2013-08-10 10:29 - 00001558 _____ C:\AdwCleaner[s1].txt

2013-08-10 10:28 - 2013-08-10 10:28 - 00666633 _____ C:\Users\T8r Salad\Downloads\AdwCleaner (2).exe

2013-08-10 10:27 - 2011-10-24 10:38 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2013-08-10 10:27 - 2010-11-01 17:47 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log

2013-08-10 09:59 - 2013-08-10 09:59 - 00004768 _____ C:\Users\T8r Salad\Desktop\JRT.txt

2013-08-10 09:52 - 2013-08-10 09:52 - 00000000 ____D C:\Windows\ERUNT

2013-08-10 09:51 - 2013-08-10 09:51 - 00958418 _____ (Oleg N. Scherbakov) C:\Users\T8r Salad\Downloads\JRT.exe

2013-08-10 09:51 - 2013-08-10 09:51 - 00958418 _____ (Oleg N. Scherbakov) C:\Users\T8r Salad\Downloads\JRT (1).exe

2013-08-10 09:46 - 2013-08-10 08:37 - 00000000 ____D C:\Users\T8r Salad\Desktop\mbar

2013-08-10 09:46 - 2013-08-10 08:37 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-08-10 09:12 - 2011-11-03 10:41 - 00000000 ____D C:\ProgramData\WRData

2013-08-10 08:36 - 2013-08-10 08:36 - 12081912 _____ (Malwarebytes Corp.) C:\Users\T8r Salad\Downloads\mbar-1.06.1.1005.exe

2013-08-10 08:31 - 2013-08-10 08:31 - 00003583 _____ C:\Users\T8r Salad\Desktop\RKreport[0]_S_08102013_083127.txt

2013-08-10 08:29 - 2013-08-09 17:11 - 00000000 ____D C:\Users\T8r Salad\Desktop\RK_Quarantine

2013-08-10 08:28 - 2013-08-10 08:28 - 03800064 _____ C:\Users\T8r Salad\Downloads\RogueKillerX64 (2).exe

2013-08-10 08:28 - 2013-08-10 08:28 - 00000000 ____D C:\Windows\ERDNT

2013-08-10 08:27 - 2013-08-10 08:26 - 00000000 ____D C:\Program Files (x86)\ERUNT

2013-08-10 08:26 - 2013-08-10 08:26 - 00000888 _____ C:\Users\T8r Salad\Desktop\NTREGOPT.lnk

2013-08-10 08:26 - 2013-08-10 08:26 - 00000869 _____ C:\Users\T8r Salad\Desktop\ERUNT.lnk

2013-08-10 08:25 - 2013-08-10 08:25 - 00791393 _____ (Lars Hederer                                                ) C:\Users\T8r Salad\Downloads\erunt-setup.exe

2013-08-09 19:51 - 2013-08-09 19:51 - 00666633 _____ C:\Users\T8r Salad\Downloads\adwcleaner (1).exe

2013-08-09 19:18 - 2013-08-09 19:18 - 00003144 _____ C:\AdwCleaner[R1].txt

2013-08-09 19:14 - 2013-08-09 19:13 - 00666633 _____ C:\Users\T8r Salad\Downloads\adwcleaner.exe

2013-08-09 18:59 - 2013-08-09 18:59 - 00000000 ____D C:\Users\T8r Salad\Desktop\Malware 8-09-2013

2013-08-09 18:53 - 2013-08-09 18:52 - 03800064 _____ C:\Users\T8r Salad\Downloads\RogueKillerX64 (1).exe

2013-08-09 17:36 - 2011-04-12 20:00 - 00000872 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3234435069-2337432931-1277263858-1001Core.job

2013-08-09 17:10 - 2013-08-09 17:09 - 03800064 _____ C:\Users\T8r Salad\Downloads\RogueKillerX64.exe

2013-08-09 16:19 - 2013-08-09 16:19 - 00688992 ____R (Swearware) C:\Users\T8r Salad\Downloads\dds.com

2013-08-08 17:06 - 2011-01-20 10:35 - 00000000 ____D C:\Users\T8r Salad\Documents\Outlook Files

2013-08-08 16:54 - 2013-08-08 16:54 - 00001495 _____ C:\Users\T8r Salad\Downloads\webinar.ics

2013-08-07 13:53 - 2013-08-07 13:53 - 00000000 ____D C:\Users\T8r Salad\Desktop\Zacks Reports

2013-08-07 06:41 - 2010-11-03 07:24 - 00000000 ____D C:\Users\T8r Salad\AppData\Roaming\Skype

2013-08-06 16:53 - 2012-02-28 16:19 - 00000000 ____D C:\Program Files (x86)\QBrew

2013-08-06 16:07 - 2013-08-06 16:07 - 00002014 _____ C:\Users\Public\Desktop\Foxit Reader.lnk

2013-08-06 15:23 - 2012-02-26 14:02 - 00000000 ____D C:\Users\T8r Salad\Desktop\Beer

2013-08-06 13:08 - 2010-11-01 19:05 - 00000000 ____D C:\Vision Pro LT7

2013-08-06 09:50 - 2013-08-04 14:03 - 00000000 ____D C:\Users\T8r Salad\Desktop\Costco 8-5-2013

2013-08-05 17:38 - 2010-11-01 17:45 - 00000000 ____D C:\Users\T8r Salad\AppData\Roaming\Mozilla

2013-08-05 09:21 - 2010-11-01 17:40 - 00000000 ____D C:\Users\T8r Salad\AppData\Roaming\Adobe

2013-08-05 09:21 - 2010-02-27 20:01 - 00000000 ____D C:\ProgramData\Adobe

2013-08-04 14:15 - 2011-08-10 11:05 - 00000000 ____D C:\Users\T8r Salad\Desktop\aRon

2013-08-03 20:58 - 2013-08-03 20:58 - 00013105 _____ C:\Users\T8r Salad\Desktop\Windows Defender.lnk

2013-08-02 00:50 - 2011-11-03 10:41 - 00151728 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll

2013-08-02 00:50 - 2011-11-03 10:41 - 00114184 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys

2013-08-02 00:50 - 2011-11-03 10:41 - 00104360 _____ (Webroot) C:\Windows\system32\WRusr.dll

2013-08-01 09:13 - 2013-08-01 09:13 - 00000334 _____ C:\Users\T8r Salad\Downloads\UltimateWebinar.ics

2013-07-31 05:55 - 2012-10-01 13:11 - 00000000 ____D C:\Program Files (x86)\Google

2013-07-30 14:38 - 2012-01-07 14:11 - 00002391 _____ C:\Users\T8r Salad\Desktop\Google Chrome.lnk

2013-07-30 10:50 - 2013-07-30 10:50 - 00000000 ____D C:\Users\T8r Salad\AppData\Roaming\Oracle

2013-07-29 18:30 - 2013-03-24 18:01 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-07-29 18:30 - 2010-11-03 07:24 - 00000000 ____D C:\ProgramData\Skype

2013-07-26 13:33 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF

2013-07-25 15:54 - 2013-05-04 10:20 - 00004614 _____ C:\Windows\PFRO.log

2013-07-25 13:57 - 2013-05-02 20:36 - 00000000 ____D C:\Users\T8r Salad\Desktop\Frisbee

2013-07-25 12:10 - 2013-02-13 07:57 - 00000000 ____D C:\Users\T8r Salad\Desktop\Hayley

2013-07-24 21:15 - 2013-07-24 21:15 - 00000000 ____D C:\Users\T8RSAL~1\AppData\Local\DIRECTV Player

2013-07-24 21:14 - 2013-07-24 21:13 - 13024568 _____ (DIRECTV) C:\Users\T8r Salad\Downloads\DIRECTV_Player_8.0.exe

2013-07-22 12:58 - 2013-07-22 12:54 - 00000000 ____D C:\Windows\system32\MRT

2013-07-21 14:55 - 2013-07-21 14:55 - 00005079 _____ C:\Users\T8r Salad\Downloads\thankyouforyouremail.zip

2013-07-21 08:09 - 2013-02-03 07:56 - 00000348 _____ C:\Windows\Tasks\HPCeeScheduleForT8r Salad.job

2013-07-20 13:07 - 2013-02-03 07:56 - 00003210 _____ C:\Windows\System32\Tasks\HPCeeScheduleForT8r Salad

2013-07-19 20:27 - 2013-07-19 20:26 - 00000000 ____D C:\Users\T8r Salad\Desktop\Cindy

2013-07-19 20:26 - 2013-07-19 20:26 - 00000000 ____D C:\Users\T8r Salad\Desktop\CMI

2013-07-19 20:25 - 2010-09-30 10:56 - 00003720 _____ C:\Windows\System32\Tasks\Registration

2013-07-18 14:47 - 2013-07-18 14:47 - 00014228 _____ C:\Users\T8r Salad\Downloads\PAUL RHODES EVENT AUGUST 29, 2013.xlsx

2013-07-18 14:30 - 2013-07-16 06:01 - 00000000 ____D C:\Users\T8r Salad\Desktop\Omega

2013-07-18 09:43 - 2013-07-16 06:01 - 00000000 ____D C:\Users\T8r Salad\Desktop\Oregon 2013

2013-07-18 06:25 - 2013-07-18 06:25 - 00000000 ____D C:\ProgramData\r2 Studios

2013-07-18 06:25 - 2013-07-18 06:25 - 00000000 ____D C:\Program Files\r2 Studios

2013-07-17 11:52 - 2011-04-13 07:11 - 00003224 _____ C:\Windows\System32\Tasks\HPCeeScheduleForT8RSALAD-PC$

2013-07-17 11:52 - 2011-04-13 07:11 - 00000348 _____ C:\Windows\Tasks\HPCeeScheduleForT8RSALAD-PC$.job

2013-07-16 16:04 - 2013-07-16 15:03 - 00000000 __SHD C:\Users\T8r Salad\Documents\cache

2013-07-16 16:04 - 2013-07-16 14:59 - 00000000 ____D C:\Users\T8r Salad\AppData\Roaming\webex

2013-07-16 15:03 - 2013-07-16 14:58 - 00000000 ____D C:\ProgramData\WebEx

2013-07-16 14:09 - 2013-07-16 14:09 - 00000000 ____D C:\ProgramData\LightScribe

2013-07-16 12:37 - 2013-07-16 12:37 - 00003086 _____ C:\Windows\System32\Tasks\{3F64657A-A4DD-44CE-931F-484F450A0772}

2013-07-16 06:02 - 2013-07-11 19:22 - 00000000 ____D C:\Users\T8r Salad\Desktop\Scarface script

2013-07-15 15:15 - 2013-06-11 09:39 - 00014228 _____ C:\Users\T8r Salad\Desktop\PAUL RHODES EVENT AUGUST 29, 2013.xlsx

2013-07-12 21:49 - 2012-10-01 13:11 - 00003900 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-07-12 21:49 - 2012-10-01 13:11 - 00003648 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2013-07-12 17:31 - 2011-04-12 20:00 - 00003906 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3234435069-2337432931-1277263858-1001UA

2013-07-12 17:31 - 2011-04-12 20:00 - 00003510 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3234435069-2337432931-1277263858-1001Core

2013-07-11 17:39 - 2011-05-09 09:29 - 00021742 _____ C:\Users\T8r Salad\AppData\Roaming\Comma Separated Values (DOS).EML

2013-07-11 17:35 - 2011-07-06 19:38 - 00000000 ____D C:\Users\T8r Salad\AppData\Roaming\Dropbox

2013-07-11 17:34 - 2011-07-06 19:40 - 00000000 ___RD C:\Users\T8r Salad\Dropbox

2013-07-11 17:10 - 2012-05-27 15:34 - 00001032 _____ C:\Users\T8r Salad\Desktop\Dropbox.lnk

2013-07-11 17:10 - 2012-05-27 15:32 - 00000000 ____D C:\Users\T8r Salad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2013-07-11 16:05 - 2010-11-01 17:44 - 00000000 ____D C:\Users\T8r Salad\AppData\Roaming\HpUpdate

2013-07-11 15:05 - 2012-05-31 05:40 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-07-11 15:05 - 2012-05-31 05:40 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2013-07-11 15:05 - 2011-05-13 05:48 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-07-11 15:05 - 2010-11-02 08:02 - 00000000 ____D C:\Users\T8RSAL~1\AppData\Local\Adobe

2013-07-11 15:01 - 2009-07-13 21:45 - 00436424 _____ C:\Windows\system32\FNTCACHE.DAT

2013-07-11 14:59 - 2012-05-24 12:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-07-11 14:59 - 2012-05-24 12:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2013-07-11 14:59 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Defender

2013-07-11 14:59 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender

2013-07-11 14:57 - 2010-02-27 19:27 - 00000000 ____D C:\ProgramData\Microsoft Help

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2013-08-02 00:45

 

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2013

Ran by T8r Salad at 2013-08-10 12:08:09

Running from C:\Users\T8r Salad\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Installed Programs =======================

 

   

Acrobat.com (x32 Version: 1.6.65)

Adobe Acrobat 6.0 Professional (x32 Version: 006.000.000)

Adobe AIR (x32 Version: 1.5.0.7220)

Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)

Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)

Adobe Illustrator 10.0.3 (x32 Version: 10.0.3)

Adobe Photoshop CS (x32 Version: CS)

Adobe Reader X (10.1.7) (x32 Version: 10.1.7)

Adobe Shockwave Player (x32 Version: 11.5.1.601)

Adobe Shockwave Player 11.5 (x32 Version: 11.5.9.615)

Adobe SVG Viewer 3.0 (x32 Version:  3.0)

Akamai NetSession Interface (HKCU)

Apple Application Support (x32 Version: 2.3.4)

Apple Software Update (x32 Version: 2.1.3.127)

ATI Catalyst Install Manager (Version: 3.0.758.0)

Bejeweled 2 Deluxe (x32 Version: 2.2.0.82)

Blackhawk Striker 2 (x32 Version: 2.2.0.82)

Blasterball 3 (x32 Version: 2.2.0.82)

Build-a-lot 2 (x32 Version: 2.2.0.82)

Cake Mania (x32 Version: 2.2.0.82)

Catalyst Control Center - Branding (x32 Version: 1.00.0000)

Catalyst Control Center Core Implementation (x32 Version: 2010.0122.858.16002)

Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0122.858.16002)

Catalyst Control Center Graphics Full New (x32 Version: 2010.0122.858.16002)

Catalyst Control Center Graphics Light (x32 Version: 2010.0122.858.16002)

Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0122.858.16002)

Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0122.858.16002)

Catalyst Control Center InstallProxy (x32 Version: 2010.0122.858.16002)

Catalyst Control Center Localization All (x32 Version: 2010.0122.858.16002)

CCC Help Chinese Standard (x32 Version: 2010.0122.0857.16002)

CCC Help Chinese Traditional (x32 Version: 2010.0122.0857.16002)

CCC Help Czech (x32 Version: 2010.0122.0857.16002)

CCC Help Danish (x32 Version: 2010.0122.0857.16002)

CCC Help Dutch (x32 Version: 2010.0122.0857.16002)

CCC Help English (x32 Version: 2010.0122.0857.16002)

CCC Help Finnish (x32 Version: 2010.0122.0857.16002)

CCC Help French (x32 Version: 2010.0122.0857.16002)

CCC Help German (x32 Version: 2010.0122.0857.16002)

CCC Help Greek (x32 Version: 2010.0122.0857.16002)

CCC Help Hungarian (x32 Version: 2010.0122.0857.16002)

CCC Help Italian (x32 Version: 2010.0122.0857.16002)

CCC Help Japanese (x32 Version: 2010.0122.0857.16002)

CCC Help Korean (x32 Version: 2010.0122.0857.16002)

CCC Help Norwegian (x32 Version: 2010.0122.0857.16002)

CCC Help Polish (x32 Version: 2010.0122.0857.16002)

CCC Help Portuguese (x32 Version: 2010.0122.0857.16002)

CCC Help Russian (x32 Version: 2010.0122.0857.16002)

CCC Help Spanish (x32 Version: 2010.0122.0857.16002)

CCC Help Swedish (x32 Version: 2010.0122.0857.16002)

CCC Help Thai (x32 Version: 2010.0122.0857.16002)

CCC Help Turkish (x32 Version: 2010.0122.0857.16002)

ccc-core-static (x32 Version: 2010.0122.858.16002)

ccc-utility64 (Version: 2010.0122.858.16002)

Chuzzle Deluxe (x32 Version: 2.2.0.82)

CinemaNow Media Manager (x32 Version: 1.9.1.102)

Cisco AnyConnect VPN Client (x32 Version: 2.4.0202)

Cisco Connect (x32 Version: 1.4.11299.0)

Cisco WebEx Meetings (x32)

Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)

CyberLink DVD Suite (x32 Version: 7.0.2527)

D3DX10 (x32 Version: 15.4.2368.0902)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)

Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82)

DIRECTV Player (x32 Version: 8.0)

Dora's Carnival Adventure (x32 Version: 2.2.0.82)

Dropbox (HKCU Version: 2.0.22)

DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715)

eaner (Version: 4.03)

ERUNT 1.1j (x32)

Escape Rosecliff Island (x32 Version: 2.2.0.82)

ESET Online Scanner v3 (x32)

ESU for Microsoft Windows 7 (x32 Version: 1.0.0)

Faerie Solitaire (x32 Version: 2.2.0.82)

Fairy Tale Mysteries - The Puppet Thief (x32)

FATE (x32 Version: 2.2.0.82)

ffdshow [rev 2527] [2008-12-19] (x32 Version: 1.0)

Foxit Reader (x32 Version: 6.0.6.722)

Garmin Communicator Plugin (x32 Version: 4.0.3)

Garmin Communicator Plugin x64 (Version: 4.0.3)

Google Chrome (HKCU Version: 28.0.1500.95)

Google Drive (x32 Version: 1.11.4865.2530)

Google Earth Plug-in (x32 Version: 7.1.1.1888)

Google Talk (remove only) (HKCU)

Google Talk Plugin (x32 Version: 4.4.2.14502)

Google Update Helper (x32 Version: 1.3.21.153)

Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000)

HP 3D DriveGuard (Version: 4.1.16.1)

HP Advisor (x32 Version: 3.4.10144.3282)

HP Customer Experience Enhancements (x32 Version: 6.0.1.7)

HP Deskjet 1000 J110 series Basic Device Software (Version: 22.50.231.0)

HP Deskjet 1000 J110 series Help (x32 Version: 140.0.65.65)

HP Games (x32 Version: 1.0.0.80)

HP MediaSmart CinemaNow 2.0 (x32 Version: 2.0)

HP MediaSmart DVD (x32 Version: 4.0.3727)

HP MediaSmart Internet TV (x32 Version: 3.2.2513)

HP MediaSmart Movies and TV (Version: 1.0.0.10)

HP MediaSmart Music (x32 Version: 4.0.3722)

HP MediaSmart Photo (x32 Version: 4.0.3722)

HP MediaSmart SmartMenu (Version: 3.1.1.12)

HP MediaSmart Video (x32 Version: 4.0.3722)

HP MediaSmart Webcam (x32 Version: 4.0.2511)

HP MediaSmart/TouchSmart Netflix (x32 Version: 1.0.9.0)

HP Quick Launch (x32 Version: 2.7.2)

HP QuickWeb Installer (x32 Version: 1.2.9.1)

HP Setup (x32 Version: 1.2.3988.3281)

HP SimplePass Identity Protection (Version: 5.20.205)

HP Software Framework (x32 Version: 4.5.10.1)

HP Support Assistant (x32 Version: 7.0.39.15)

HP Update (x32 Version: 5.005.000.002)

HP User Guides 0177 (x32 Version: 1.01.0000)

HP Wireless Assistant (Version: 4.0.3.2)

HPDiagnosticAlert (x32 Version: 1.00.0000)

IDT Audio (x32 Version: 1.0.6292.0)

Intel PROSet Wireless

Intel® Management Engine Components (x32 Version: 6.0.0.1179)

Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.1.0.0096)

Intel® Rapid Storage Technology (x32 Version: 9.6.2.1001)

Intel® Turbo Boost Technology Driver (x32 Version: 01.00.01.1002)

Intel® PROSet/Wireless WiFi Software (Version: 15.01.0500.0903)

Java 7 Update 25 (x32 Version: 7.0.250)

Java Auto Updater (x32 Version: 2.1.9.5)

Jewel Quest 3 (x32 Version: 2.2.0.82)

Jewel Quest Solitaire 2 (x32 Version: 2.2.0.82)

Junk Mail filter update (x32 Version: 15.4.3502.0922)

LabelPrint (x32 Version: 2.5.2515)

LightScribe System Software (x32 Version: 1.18.20.1)

magicJack (HKCU Version: 2.0.6073.4413)

Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)

Map CONHI Drives V14 (x32 Version: 1.4.0)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Mouse and Keyboard Center (Version: 2.1.177.0)

Microsoft Office 2010 Service Pack 1 (SP1) (x32)

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.6612.1000)

Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Suite Activation Assistant (x32 Version: 2.9)

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Silverlight (Version: 5.1.20513.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Works (x32 Version: 9.7.0621)

Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)

Motorola Device Manager (x32 Version: 2.2.17)

Motorola Device Software Update (x32 Version: 1.0.30)

Motorola Mobile Drivers Installation 5.6.0 (Version: 5.6.0)

Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.0.3715)

Mozilla Firefox 8.0 (x86 en-US) (x32 Version: 8.0)

MSVCRT (x32 Version: 15.4.2862.0708)

MSVCRT_amd64 (x32 Version: 15.4.2862.0708)

MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)

MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)

MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)

MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)

MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)

Mystery P.I. - The New York Fortune (x32 Version: 2.2.0.82)

Penguins! (x32 Version: 2.2.0.82)

PhotoNow! (x32 Version: 1.1.6904)

Plants vs. Zombies (x32 Version: 2.2.0.82)

Poker Superstars III (x32 Version: 2.2.0.82)

Polar Bowler (x32 Version: 2.2.0.82)

Polar Golfer (x32 Version: 2.2.0.82)

Power2Go (x32 Version: 6.1.3715)

PowerDirector (x32 Version: 8.0.2514)

PX Profile Update (x32 Version: 1.00.1.)

Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.21.531.2010)

Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30111)

Recovery Manager (x32 Version: 5.5.2512)

Roxio CinemaNow 2.0 (x32 Version: 1.0.254)

Skype™ 6.6 (x32 Version: 6.6.106)

Startup Delayer v3.0 (build 333) (x32 Version: 3.0 (build 333))

Synaptics Pointing Device Driver (Version: 15.3.29.0)

TextTwist 2 (x32 Version: 2.2.0.82)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)

Update for Microsoft Office 2010 (KB2494150) (x32)

Update for Microsoft Office 2010 (KB2553065) (x32)

Update for Microsoft Office 2010 (KB2553092) (x32)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2566458) (x32)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)

Validity Sensors DDK (Version: 4.1.129.0)

Virtual Families (x32 Version: 2.2.0.82)

Virtual Villagers - The Secret City (x32 Version: 2.2.0.82)

Vision Machine Tools Suite 4 (x32)

Vision Pro LT7 (C:\Vision Pro LT7) (x32 Version: 7)

Webroot SecureAnywhere (x32 Version: 8.0.2.167)

Wheel of Fortune 2 (x32 Version: 2.2.0.82)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3502.0922)

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)

Windows Live Installer (x32 Version: 15.4.3502.0922)

Windows Live Language Selector (Version: 15.4.3502.0922)

Windows Live Mail (x32 Version: 15.4.3502.0922)

Windows Live Messenger (x32 Version: 15.4.3502.0922)

Windows Live MIME IFilter (Version: 15.4.3502.0922)

Windows Live Movie Maker (x32 Version: 15.4.3502.0922)

Windows Live Photo Common (x32 Version: 15.4.3502.0922)

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)

Windows Live PIMT Platform (x32 Version: 15.4.3502.0922)

Windows Live SOXE (x32 Version: 15.4.3502.0922)

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)

Windows Live Sync (x32 Version: 14.0.8089.726)

Windows Live UX Platform (x32 Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922)

Windows Live Writer (x32 Version: 15.4.3502.0922)

Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

Windows Media Encoder 9 Series (x32 Version: 9.00.2980)

Windows Media Encoder 9 Series (x32)

Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)

Yahoo! Detect (x32)

Zuma's Revenge (x32 Version: 2.2.0.82)

ZumoCast (x32)

 

==================== Restore Points  =========================

 

16-07-2013 11:55:09 Windows Update

19-07-2013 13:51:16 Windows Update

22-07-2013 19:54:02 Windows Update

22-07-2013 19:59:49 Windows Update

26-07-2013 19:02:53 Windows Update

30-07-2013 11:50:28 Windows Update

06-08-2013 14:42:53 Windows Update

 

==================== Hosts content: ==========================

 

2009-07-13 19:34 - 2011-10-30 08:37 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {0BDD6850-B254-479A-9441-2F6C730A007E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)

Task: {12B33554-B9F9-4952-991B-AE0CE04E3B46} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)

Task: {1CD3F08B-764D-4223-B5E8-B979C3E12DD7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)

Task: {21E38367-02A4-4233-AC64-191F639E8D76} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)

Task: {2E7F4D53-A841-4AC7-953E-B48C68497E81} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)

Task: {32774068-3385-4DF4-9104-1A294B5EAE62} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe No File

Task: {3ABF4D36-0F1F-4207-96A1-8BDF96954E04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-01] (Google Inc.)

Task: {4D815BB3-5D7E-4889-BD62-8AC439A2F200} - System32\Tasks\{304EEF1E-A6EF-4AD8-BE4E-480D96A64920} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.)

Task: {4E7B4664-7B23-459B-8831-C88FE292D146} - System32\Tasks\HPCeeScheduleForT8RSALAD-PC$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)

Task: {5A0F58A7-9C2F-436F-B888-C06FC0E77C80} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3234435069-2337432931-1277263858-1001UA => C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-12] (Google Inc.)

Task: {62AD6AAA-89DA-4B12-A138-D98DD3127424} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)

Task: {63894C29-3D03-4240-A14C-4D051EE825B0} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-01-26] ()

Task: {66506090-E3FE-40E2-BD77-14A6DF23CC63} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)

Task: {799AF727-3B22-42C7-B6A8-60978DADC462} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3234435069-2337432931-1277263858-1001Core => C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-12] (Google Inc.)

Task: {7CB558A6-DB29-4F9B-9CE3-236A78C282FF} - System32\Tasks\HPCeeScheduleForT8r Salad => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)

Task: {8616A2F5-343C-484C-83BA-4DD4CD2140A5} - System32\Tasks\{9F887320-24FD-4F24-A5AA-0435B7279B3E} => C:\Program Files (x86)\Zecter\ZumoCast\zumolauncher.exe [2011-10-18] ()

Task: {8D0956DF-D870-47D1-8A92-CD07A9CBBAD4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)

Task: {92C49C4C-380D-47D0-91DF-9532EFDDC8A4} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe No File

Task: {951C4F48-8D88-4B33-8172-FF532A4E8917} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-07-29] (Hewlett-Packard)

Task: {B359341F-7CD8-4216-B35F-CFBD63ADE053} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-01] (Google Inc.)

Task: {B44D1098-4C35-4664-A720-98326954EB14} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)

Task: {BE83CC89-3A45-4D5D-80D0-ACDEE30D6479} - System32\Tasks\{92CC979A-87A6-4B2C-8601-F7D521373110} => C:\Program Files (x86)\Zecter\ZumoCast\zumolauncher.exe [2011-10-18] ()

Task: {C1A56535-806A-429C-AF15-7925A3090C89} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task

Task: {C2425DBB-4C23-4D52-906B-78615F30F4FD} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-13] (Microsoft Corporation)

Task: {D0AACBED-ED31-4093-9943-0B047C83024F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-11] (Adobe Systems Incorporated)

Task: {E0205F84-82AB-477E-BBF7-7DCDA4072AB8} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-01-26] ()

Task: {E2F1A708-9BDB-4F1A-9DCE-82BD6A00559E} - System32\Tasks\{E3082EE9-D424-44CA-872F-0779BC1B5264} => c:\users\t8r salad\appdata\local\google\chrome\application\chrome.exe [2013-07-24] (Google Inc.)

Task: {FCE03AD5-1112-4A4F-AFFE-59CF74FB9812} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)

Task: {FE084DCA-4E9E-4A21-82C2-37497BBC42D8} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe No File

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3234435069-2337432931-1277263858-1001Core.job => C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3234435069-2337432931-1277263858-1001UA.job => C:\Users\T8r Salad\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\HPCeeScheduleForT8r Salad.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\Windows\Tasks\HPCeeScheduleForT8RSALAD-PC$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

 

==================== Faulty Device Manager Devices =============

 

Name: Microsoft Virtual WiFi Miniport Adapter #2

Description: Microsoft Virtual WiFi Miniport Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: vwifimp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64

Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Cisco Systems

Service: vpnva

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Microsoft Virtual WiFi Miniport Adapter

Description: Microsoft Virtual WiFi Miniport Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: vwifimp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (08/10/2013 10:40:19 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (08/10/2013 10:13:00 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

 

 

System errors:

=============

 

Microsoft Office Sessions:

=========================

Error: (08/10/2013 10:40:19 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\T8r Salad\Downloads\esetsmartinstaller_enu.exe

 

Error: (08/10/2013 10:13:00 AM) (Source: SideBySide)(User: )

Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

 

 

CodeIntegrity Errors:

===================================

  Date: 2013-07-29 16:09:43.210

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-07-29 16:09:43.054

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-07-24 12:05:51.793

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-07-24 12:05:51.590

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-30 15:00:21.158

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-30 15:00:21.002

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-19 09:25:25.317

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-19 09:25:25.177

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-18 10:36:30.512

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-18 10:36:30.356

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 50%

Total physical RAM: 3893.86 MB

Available physical RAM: 1938.16 MB

Total Pagefile: 7785.9 MB

Available Pagefile: 5774.34 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:442.69 GB) (Free:346.64 GB) NTFS (Disk=0 Partition=2) ==>[system with boot components (obtained from reading drive)]

Drive d: (RECOVERY) (Fixed) (Total:22.78 GB) (Free:3.31 GB) NTFS (Disk=0 Partition=3) ==>[system with boot components (obtained from reading drive)]

Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT (Disk=0 Partition=4)

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 466 GB) (Disk ID: 41EA23B6)

Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=443 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=23 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=103 MB) - (Type=0E)

 

==================== End Of Log ============================

Link to post
Share on other sites

  • Root Admin

Please download the attached fixlist.txt file and save it to the Desktop or location where you have FRST
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.
 

fixlist.txt

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-08-2013

Ran by T8r Salad at 2013-08-10 15:06:03 Run:2

Running from C:\Users\T8r Salad\Desktop

Boot Mode: Normal

==============================================

 

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => Key not found.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f7388f8-2673-11e2-adf9-60eb691eacf5} => Key not found.

HKCR\CLSID\{1f7388f8-2673-11e2-adf9-60eb691eacf5} => Key not found.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71871200-cab8-11e1-b3c0-a8e8b222045a} => Key not found.

HKCR\CLSID\{71871200-cab8-11e1-b3c0-a8e8b222045a} => Key not found.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7562b0d7-938e-11e0-bc6d-a4606b09fe4c} => Key not found.

HKCR\CLSID\{7562b0d7-938e-11e0-bc6d-a4606b09fe4c} => Key not found.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a53ad97d-397e-11e2-9a04-0026c784a85e} => Key not found.

HKCR\CLSID\{a53ad97d-397e-11e2-9a04-0026c784a85e} => Key not found.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.

HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value not found.

HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value not found.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.

HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.

HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C0C6E1B9-707A-442E-9AB3-71E285D6370F} => Key not found.

HKCR\CLSID\{C0C6E1B9-707A-442E-9AB3-71E285D6370F} => Key not found.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.

HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.

HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.

HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{C345E174-3E87-4F41-A01C-B066A90A49B4} => Key not found.

HKCR\Wow6432Node\CLSID\{C345E174-3E87-4F41-A01C-B066A90A49B4} => Key not found.

HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2 => Key not found.

C:\Windows\SysWOW64\npDeployJava1.dll not found.

HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2 => Key not found.

C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll not found.

C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll not found.

C:\Windows\SysWOW64\npDeployJava1.dll not found.

 

==== End of Fixlog ====

Link to post
Share on other sites

  • Root Admin

Well that's odd.  It lists many keys and files then says it can't find them as though they'd already been removed.

 

Okay so how is the computer running now? 

Are there still any signs of an infection?

 

 

Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files


Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.
 

Link to post
Share on other sites

MiniToolBox by Farbar  Version: 13-07-2013

Ran by T8r Salad (administrator) on 11-08-2013 at 21:26:31

Running from "C:\Users\T8r Salad\Downloads"

Microsoft Windows 7 Home Premium  Service Pack 1 (X64)

Boot Mode: Normal

***************************************************************************

 

========================= Flush DNS: ===================================

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========================= IE Proxy Settings: ============================== 

 

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

 

========================= FF Proxy Settings: ============================== 

 

 

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

 

========================= Hosts content: =================================

 

 

 

========================= IP Configuration: ================================

 

Intel® Centrino® Wireless-N 1000 = Wireless Network Connection (Connected)

Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 = Local Area Connection 3 (Hardware not present)

Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Hardware not present)

Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Hardware not present)

 

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

 

reset

set global icmpredirects=enabled

set interface interface="Local Area Connection 3" forwarding=enabled advertise=enabled metric=1 nud=enabled

 

 

popd

# End of IPv4 configuration

 

 

 

Windows IP Configuration

 

   Host Name . . . . . . . . . . . . : T8rSalad-PC

   Primary Dns Suffix  . . . . . . . : 

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

   DNS Suffix Search List. . . . . . : ph.cox.net

 

Wireless LAN adapter Wireless Network Connection:

 

   Connection-specific DNS Suffix  . : ph.cox.net

   Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 1000

   Physical Address. . . . . . . . . : 00-26-C7-84-A8-5E

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . : fe80::593d:4cb8:1c53:3611%12(Preferred) 

   IPv4 Address. . . . . . . . . . . : 192.168.1.122(Preferred) 

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Lease Obtained. . . . . . . . . . : Sunday, August 11, 2013 1:27:11 PM

   Lease Expires . . . . . . . . . . : Monday, August 12, 2013 3:00:07 PM

   Default Gateway . . . . . . . . . : 192.168.1.1

   DHCP Server . . . . . . . . . . . : 192.168.1.1

   DHCPv6 IAID . . . . . . . . . . . : 318777031

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-38-36-0C-60-EB-69-1E-AC-F5

   DNS Servers . . . . . . . . . . . : 68.105.28.11

                                       68.105.29.11

                                       68.105.28.12

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Tunnel adapter isatap.ph.cox.net:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : ph.cox.net

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Local Area Connection* 11:

 

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:8f6:149e:3f57:fe85(Preferred) 

   Link-local IPv6 Address . . . . . : fe80::8f6:149e:3f57:fe85%22(Preferred) 

   Default Gateway . . . . . . . . . : ::

   NetBIOS over Tcpip. . . . . . . . : Disabled

Server:  cdns1.cox.net

Address:  68.105.28.11

 

Name:    google.com

Addresses:  2607:f8b0:4007:800::1002

 74.125.239.9

 74.125.239.14

 74.125.239.0

 74.125.239.1

 74.125.239.2

 74.125.239.3

 74.125.239.4

 74.125.239.5

 74.125.239.6

 74.125.239.7

 74.125.239.8

 

 

Pinging google.com [74.125.224.163] with 32 bytes of data:

Reply from 74.125.224.163: bytes=32 time=23ms TTL=54

Reply from 74.125.224.163: bytes=32 time=24ms TTL=54

 

Ping statistics for 74.125.224.163:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 23ms, Maximum = 24ms, Average = 23ms

Server:  cdns1.cox.net

Address:  68.105.28.11

 

Name:    yahoo.com

Addresses:  206.190.36.45

 98.138.253.109

 98.139.183.24

 

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=138ms TTL=53

Reply from 98.139.183.24: bytes=32 time=103ms TTL=53

 

Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 103ms, Maximum = 138ms, Average = 120ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

 12...00 26 c7 84 a8 5e ......Intel® Centrino® Wireless-N 1000

  1...........................Software Loopback Interface 1

 23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

 22...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

===========================================================================

 

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.122     25

        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306

        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306

  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306

      192.168.1.0    255.255.255.0         On-link     192.168.1.122    281

    192.168.1.122  255.255.255.255         On-link     192.168.1.122    281

    192.168.1.255  255.255.255.255         On-link     192.168.1.122    281

        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link     192.168.1.122    281

  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306

  255.255.255.255  255.255.255.255         On-link     192.168.1.122    281

===========================================================================

Persistent Routes:

  None

 

IPv6 Route Table

===========================================================================

Active Routes:

 If Metric Network Destination      Gateway

 22     58 ::/0                     On-link

  1    306 ::1/128                  On-link

 22     58 2001::/32                On-link

 22    306 2001:0:4137:9e76:8f6:149e:3f57:fe85/128

                                    On-link

 12    281 fe80::/64                On-link

 22    306 fe80::/64                On-link

 22    306 fe80::8f6:149e:3f57:fe85/128

                                    On-link

 12    281 fe80::593d:4cb8:1c53:3611/128

                                    On-link

  1    306 ff00::/8                 On-link

 22    306 ff00::/8                 On-link

 12    281 ff00::/8                 On-link

===========================================================================

Persistent Routes:

  None

========================= Winsock entries =====================================

 

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)

Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)

x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)

x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (08/11/2013 09:41:54 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

 

Error: (08/10/2013 03:01:43 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

 

System errors:

=============

Error: (08/11/2013 01:25:56 PM) (Source: DCOM) (User: )

Description: {53362C64-A296-4F2D-A2F8-FD984D08340B}

 

Error: (08/10/2013 07:42:50 PM) (Source: bowser) (User: )

Description: The master browser has received a server announcement from the computer CINDYJO-LAPTOP

that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B84199AD-FAA2-44B7-8D6D-875D85D025A3}.

The master browser is stopping or an election is being forced.

 

 

Microsoft Office Sessions:

=========================

Error: (08/11/2013 09:41:54 AM) (Source: SideBySide)(User: )

Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

 

Error: (08/10/2013 03:01:43 PM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\T8r Salad\Downloads\esetsmartinstaller_enu.exe

 

 

CodeIntegrity Errors:

===================================

  Date: 2013-07-29 16:09:43.210

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-07-29 16:09:43.054

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-07-24 12:05:51.793

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-07-24 12:05:51.590

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-30 15:00:21.158

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-30 15:00:21.002

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-19 09:25:25.317

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-19 09:25:25.177

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-18 10:36:30.512

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-18 10:36:30.356

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Vision Pro LT7\CADlink.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

 

=========================== Installed Programs ============================

 

Acrobat.com (Version: 1.6.65)

Adobe Acrobat 6.0 Professional (Version: 006.000.000)

Adobe AIR (Version: 1.5.0.7220)

Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)

Adobe Flash Player 11 Plugin (Version: 11.7.700.224)

Adobe Illustrator 10.0.3 (Version: 10.0.3)

Adobe Photoshop CS (Version: CS)

Adobe Reader X (10.1.7) (Version: 10.1.7)

Adobe Shockwave Player (Version: 11.5.1.601)

Adobe Shockwave Player 11.5 (Version: 11.5.9.615)

Adobe SVG Viewer 3.0 (Version:  3.0)

Akamai NetSession Interface

Apple Application Support (Version: 2.3.4)

Apple Software Update (Version: 2.1.3.127)

ATI Catalyst Install Manager (Version: 3.0.758.0)

Bejeweled 2 Deluxe (Version: 2.2.0.82)

Blackhawk Striker 2 (Version: 2.2.0.82)

Blasterball 3 (Version: 2.2.0.82)

Build-a-lot 2 (Version: 2.2.0.82)

Cake Mania (Version: 2.2.0.82)

Catalyst Control Center - Branding (Version: 1.00.0000)

Catalyst Control Center Core Implementation (Version: 2010.0122.858.16002)

Catalyst Control Center Graphics Full Existing (Version: 2010.0122.858.16002)

Catalyst Control Center Graphics Full New (Version: 2010.0122.858.16002)

Catalyst Control Center Graphics Light (Version: 2010.0122.858.16002)

Catalyst Control Center Graphics Previews Common (Version: 2010.0122.858.16002)

Catalyst Control Center Graphics Previews Vista (Version: 2010.0122.858.16002)

Catalyst Control Center InstallProxy (Version: 2010.0122.858.16002)

Catalyst Control Center Localization All (Version: 2010.0122.858.16002)

CCC Help Chinese Standard (Version: 2010.0122.0857.16002)

CCC Help Chinese Traditional (Version: 2010.0122.0857.16002)

CCC Help Czech (Version: 2010.0122.0857.16002)

CCC Help Danish (Version: 2010.0122.0857.16002)

CCC Help Dutch (Version: 2010.0122.0857.16002)

CCC Help English (Version: 2010.0122.0857.16002)

CCC Help Finnish (Version: 2010.0122.0857.16002)

CCC Help French (Version: 2010.0122.0857.16002)

CCC Help German (Version: 2010.0122.0857.16002)

CCC Help Greek (Version: 2010.0122.0857.16002)

CCC Help Hungarian (Version: 2010.0122.0857.16002)

CCC Help Italian (Version: 2010.0122.0857.16002)

CCC Help Japanese (Version: 2010.0122.0857.16002)

CCC Help Korean (Version: 2010.0122.0857.16002)

CCC Help Norwegian (Version: 2010.0122.0857.16002)

CCC Help Polish (Version: 2010.0122.0857.16002)

CCC Help Portuguese (Version: 2010.0122.0857.16002)

CCC Help Russian (Version: 2010.0122.0857.16002)

CCC Help Spanish (Version: 2010.0122.0857.16002)

CCC Help Swedish (Version: 2010.0122.0857.16002)

CCC Help Thai (Version: 2010.0122.0857.16002)

CCC Help Turkish (Version: 2010.0122.0857.16002)

ccc-core-static (Version: 2010.0122.858.16002)

ccc-utility64 (Version: 2010.0122.858.16002)

CCleaner (Version: 4.03)

Chuzzle Deluxe (Version: 2.2.0.82)

CinemaNow Media Manager (Version: 1.9.1.102)

Cisco AnyConnect VPN Client (Version: 2.4.0202)

Cisco Connect (Version: 1.4.11299.0)

Cisco WebEx Meetings

Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)

CyberLink DVD Suite (Version: 7.0.2527)

D3DX10 (Version: 15.4.2368.0902)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Diner Dash 2 Restaurant Rescue (Version: 2.2.0.82)

DIRECTV Player (Version: 8.0)

Dora's Carnival Adventure (Version: 2.2.0.82)

Dropbox (Version: 2.0.22)

DVD Menu Pack for HP MediaSmart Video (Version: 4.0.3715)

Escape Rosecliff Island (Version: 2.2.0.82)

ESU for Microsoft Windows 7 (Version: 1.0.0)

Faerie Solitaire (Version: 2.2.0.82)

Fairy Tale Mysteries - The Puppet Thief

FATE (Version: 2.2.0.82)

ffdshow [rev 2527] [2008-12-19] (Version: 1.0)

Foxit Reader (Version: 6.0.6.722)

Garmin Communicator Plugin (Version: 4.0.3)

Garmin Communicator Plugin x64 (Version: 4.0.3)

Google Chrome (Version: 28.0.1500.95)

Google Drive (Version: 1.11.4865.2530)

Google Earth Plug-in (Version: 7.1.1.1888)

Google Talk (remove only)

Google Talk Plugin (Version: 4.4.2.14502)

Google Update Helper (Version: 1.3.21.153)

Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)

HP 3D DriveGuard (Version: 4.1.16.1)

HP Advisor (Version: 3.4.10144.3282)

HP Customer Experience Enhancements (Version: 6.0.1.7)

HP Deskjet 1000 J110 series Basic Device Software (Version: 22.50.231.0)

HP Deskjet 1000 J110 series Help (Version: 140.0.65.65)

HP Games (Version: 1.0.0.80)

HP MediaSmart CinemaNow 2.0 (Version: 2.0)

HP MediaSmart DVD (Version: 4.0.3727)

HP MediaSmart Internet TV (Version: 3.2.2513)

HP MediaSmart Movies and TV (Version: 1.0.0.10)

HP MediaSmart Music (Version: 4.0.3722)

HP MediaSmart Photo (Version: 4.0.3722)

HP MediaSmart SmartMenu (Version: 3.1.1.12)

HP MediaSmart Video (Version: 4.0.3722)

HP MediaSmart Webcam (Version: 4.0.2511)

HP MediaSmart/TouchSmart Netflix (Version: 1.0.9.0)

HP Quick Launch (Version: 2.7.2)

HP QuickWeb Installer (Version: 1.2.9.1)

HP Setup (Version: 1.2.3988.3281)

HP SimplePass Identity Protection (Version: 5.20.205)

HP Software Framework (Version: 4.5.10.1)

HP Support Assistant (Version: 7.0.39.15)

HP Update (Version: 5.005.000.002)

HP User Guides 0177 (Version: 1.01.0000)

HP Wireless Assistant (Version: 4.0.3.2)

HPDiagnosticAlert (Version: 1.00.0000)

IDT Audio (Version: 1.0.6292.0)

Intel PROSet Wireless

Intel® Management Engine Components (Version: 6.0.0.1179)

Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.1.0.0096)

Intel® Rapid Storage Technology (Version: 9.6.2.1001)

Intel® Turbo Boost Technology Driver (Version: 01.00.01.1002)

Intel® PROSet/Wireless WiFi Software (Version: 15.01.0500.0903)

Java 7 Update 25 (Version: 7.0.250)

Java Auto Updater (Version: 2.1.9.5)

Jewel Quest 3 (Version: 2.2.0.82)

Jewel Quest Solitaire 2 (Version: 2.2.0.82)

Junk Mail filter update (Version: 15.4.3502.0922)

LabelPrint (Version: 2.5.2515)

LightScribe System Software (Version: 1.18.20.1)

magicJack (Version: 2.0.6073.4413)

Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)

Map CONHI Drives V14 (Version: 1.4.0)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Mouse and Keyboard Center (Version: 2.1.177.0)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)

Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)

Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Suite Activation Assistant (Version: 2.9)

Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Silverlight (Version: 5.1.20513.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Works (Version: 9.7.0621)

Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)

Motorola Device Manager (Version: 2.2.17)

Motorola Device Software Update (Version: 1.0.30)

Motorola Mobile Drivers Installation 5.6.0 (Version: 5.6.0)

Movie Theme Pack for HP MediaSmart Video (Version: 4.0.3715)

Mozilla Firefox 8.0 (x86 en-US) (Version: 8.0)

MSVCRT (Version: 15.4.2862.0708)

MSVCRT_amd64 (Version: 15.4.2862.0708)

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)

MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)

MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)

MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)

Mystery P.I. - The New York Fortune (Version: 2.2.0.82)

Penguins! (Version: 2.2.0.82)

PhotoNow! (Version: 1.1.6904)

Plants vs. Zombies (Version: 2.2.0.82)

Poker Superstars III (Version: 2.2.0.82)

Polar Bowler (Version: 2.2.0.82)

Polar Golfer (Version: 2.2.0.82)

Power2Go (Version: 6.1.3715)

PowerDirector (Version: 8.0.2514)

PX Profile Update (Version: 1.00.1.)

Realtek Ethernet Controller Driver For Windows 7 (Version: 7.21.531.2010)

Realtek USB 2.0 Card Reader (Version: 6.1.7600.30111)

Recovery Manager (Version: 5.5.2512)

Roxio CinemaNow 2.0 (Version: 1.0.254)

Skype™ 6.6 (Version: 6.6.106)

Startup Delayer v3.0 (build 333) (Version: 3.0 (build 333))

Synaptics Pointing Device Driver (Version: 15.3.29.0)

TextTwist 2 (Version: 2.2.0.82)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Validity Sensors DDK (Version: 4.1.129.0)

Virtual Families (Version: 2.2.0.82)

Virtual Villagers - The Secret City (Version: 2.2.0.82)

Vision Machine Tools Suite 4

Vision Pro LT7 (C:\Vision Pro LT7) (Version: 7)

Webroot SecureAnywhere (Version: 8.0.2.167)

Wheel of Fortune 2 (Version: 2.2.0.82)

Windows Live Communications Platform (Version: 15.4.3502.0922)

Windows Live Essentials (Version: 15.4.3502.0922)

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)

Windows Live Installer (Version: 15.4.3502.0922)

Windows Live Language Selector (Version: 15.4.3502.0922)

Windows Live Mail (Version: 15.4.3502.0922)

Windows Live Messenger (Version: 15.4.3502.0922)

Windows Live MIME IFilter (Version: 15.4.3502.0922)

Windows Live Movie Maker (Version: 15.4.3502.0922)

Windows Live Photo Common (Version: 15.4.3502.0922)

Windows Live Photo Gallery (Version: 15.4.3502.0922)

Windows Live PIMT Platform (Version: 15.4.3502.0922)

Windows Live SOXE (Version: 15.4.3502.0922)

Windows Live SOXE Definitions (Version: 15.4.3502.0922)

Windows Live Sync (Version: 14.0.8089.726)

Windows Live UX Platform (Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)

Windows Live Writer (Version: 15.4.3502.0922)

Windows Live Writer Resources (Version: 15.4.3502.0922)

Windows Media Encoder 9 Series

Windows Media Encoder 9 Series (Version: 9.00.2980)

Windows Media Player Firefox Plugin (Version: 1.0.0.8)

Yahoo! Detect

Zuma's Revenge (Version: 2.2.0.82)

ZumoCast

 

========================= Devices: ================================

 

Name: Microsoft Virtual WiFi Miniport Adapter #2

Description: Microsoft Virtual WiFi Miniport Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: vwifimp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64

Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Cisco Systems

Service: vpnva

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Microsoft Virtual WiFi Miniport Adapter

Description: Microsoft Virtual WiFi Miniport Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: vwifimp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

========================= Memory info: ===================================

 

Percentage of memory in use: 44%

Total physical RAM: 3893.86 MB

Available physical RAM: 2149.98 MB

Total Pagefile: 7785.9 MB

Available Pagefile: 5837.79 MB

Total Virtual: 4095.88 MB

Available Virtual: 3958.74 MB

 

========================= Partitions: =====================================

 

1 Drive c: () (Fixed) (Total:442.69 GB) (Free:346.72 GB) NTFS

2 Drive d: (RECOVERY) (Fixed) (Total:22.78 GB) (Free:3.31 GB) NTFS

3 Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT

 

========================= Users: ========================================

 

User accounts for \\T8RSALAD-PC

 

Administrator            Guest                    T8r Salad                

 

========================= Minidump Files ==================================

 

No minidump file found

 

 

**** End of log ****
Link to post
Share on other sites

Forum Deity: Fantastic...I rebooted the computer to make sure it re-started fine = okay. No hangups and I have ran Malwarebytes several times, both quick scan and full scan without any reports of PUP or other such garbage. I thank you for your time and MrCharlie as well for his time, both of your expertise and guidance. Very much appreciated.

 

One question remains is every so often I get a Google Installer error that wants me to report to Microsoft and I hit send or report or whatever. Is this a whole nother animal to deal with or is it an ignore it situation?

 

thanks again...T8r

Link to post
Share on other sites

  • Root Admin

It is normal and it basically sends a bug report to those companies that help them to be able to find and fix certain bugs so that they no longer happen.  So it's a good thing overall to send them the reports when it does happen.

 

Please go ahead and remove all the tools we've used and read up on how to keep the computer clean.

 

Best Practices for Safe Computing - Prevention of Malware Infection

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.