PUP issue

[HyperPhoenix]

I seen a thread similar to my problem in this forum but was not followed through so here goes:

 

DDS:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by Eun at 11:47:27 on 2013-12-28
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6051.3974 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
C:\Program Files (x86)\USIM Editor\iconcs10970707.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\loggingserver.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k HPService
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = <-loopback>
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.3.3\AVG SafeGuard toolbar_toolbar.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.3.3\AVG SafeGuard toolbar_toolbar.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
mRun: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [uSBestCR] C:\Program Files (x86)\USIM Editor\iconcs10970707.exe RunFromReg
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\81715c85-37eb-4501-813a-5f414b81e7ac.exe /check
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Users\Eun\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - C:\Users\Eun\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll





TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{449196B0-206E-48E4-8F0C-43BC318E6299} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{449196B0-206E-48E4-8F0C-43BC318E6299}\2656C6B696E6E2836623 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{449196B0-206E-48E4-8F0C-43BC318E6299}\741435051425D27657563747 : DHCPNameServer = 192.168.3.1
TCP: Interfaces\{449196B0-206E-48E4-8F0C-43BC318E6299}\C4F6B6964656D696 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{449196B0-206E-48E4-8F0C-43BC318E6299}\C696E6B6379737 : DHCPNameServer = 167.206.245.129 167.206.245.130
TCP: Interfaces\{97D92A2F-8128-48B4-A293-E5A90EEE204C} : DHCPNameServer = 75.75.75.75 75.75.76.76
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.3\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~2\browse~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [bLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"




x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Eun\AppData\Roaming\Mozilla\Firefox\Profiles\jawynhf6.default\


FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.3\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Nexon\NGM\npNxGame.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - ExtSQL: 2013-11-05 02:02; avg@toolbar; C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.1.3.3
FF - ExtSQL: 2013-11-21 08:39; firefox@passwordbox.com; C:\Program Files (x86)\PasswordBox\Firefox
FF - ExtSQL: !HIDDEN! 2012-05-14 22:00; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2013-3-8 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2013-3-8 205320]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2011-11-8 55856]
R1 aswKbd;aswKbd;C:\windows\System32\drivers\aswKbd.sys [2012-11-19 21136]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2012-2-3 1032416]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2012-2-3 409832]
R1 avgtp;avgtp;C:\windows\System32\drivers\avgtpx64.sys [2013-3-22 46368]
R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\windows\System32\drivers\hssdrv6.sys [2013-4-24 46792]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-2-3 89600]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-8-8 1166848]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2012-2-3 38984]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-2-3 84328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-11 50344]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-3-27 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-3-27 1104208]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928]
R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2013-4-26 570664]
R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2013-4-26 390440]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-8 13336]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-11-8 1692480]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
R2 TurboB;Turbo Boost UI Monitor driver;C:\windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-11-8 2655768]
R2 vToolbarUpdater17.1.3;vToolbarUpdater17.1.3;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe [2013-11-21 1643696]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\windows\System32\drivers\AmpPal.sys [2011-8-8 299008]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-3-27 1304912]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\drivers\btmaux.sys [2012-2-13 95232]
R3 btmhsf;btmhsf;C:\windows\System32\drivers\btmhsf.sys [2012-2-13 747008]
R3 iBtFltCoex;iBtFltCoex;C:\windows\System32\drivers\iBtFltCoex.sys [2012-3-21 60928]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-11-8 317440]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\drivers\iwdbus.sys [2011-6-21 25496]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 taphss6;Anchorfree HSS VPN Adapter;C:\windows\System32\drivers\taphss6.sys [2013-4-24 42184]
S2 AfaService;Afa Card Reader Service;C:\windows\System32\afasrv64.exe --> C:\windows\System32\afasrv64.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\windows\System32\drivers\AmpPal.sys [2011-8-8 299008]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\System32\drivers\CtClsFlt.sys [2011-11-8 176096]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2013-12-12 111616]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\drivers\intelaud.sys [2011-6-21 34200]
S3 MHIKEY10;MHIKEY10;C:\windows\System32\drivers\MHIKEY10x64.sys [2010-9-15 60288]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-7-27 340240]
S3 npggsvc;nProtect GameGuard Service;C:\windows\System32\GameMon.des -service --> C:\windows\System32\GameMon.des -service [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-11-16 19456]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-11-8 250984]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-11-16 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2012-11-16 30208]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-2-4 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-12-28 16:36:59    29696    ----a-w-    C:\windows\System32\drivers\scfilter.sys.bak
2013-12-27 17:43:41    --------    d-----w-    C:\Users\Eun\AppData\Roaming\Malwarebytes
2013-12-27 17:43:31    --------    d-----w-    C:\ProgramData\Malwarebytes
2013-12-27 17:21:41    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{63E8847B-3E70-4496-BF69-8A6B39DC0891}\offreg.dll
2013-12-27 16:54:30    10315576    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{63E8847B-3E70-4496-BF69-8A6B39DC0891}\mpengine.dll
2013-12-27 02:34:15    --------    d-----w-    C:\Users\Eun\AppData\Local\NPE
2013-12-27 02:34:15    --------    d-----w-    C:\ProgramData\Norton
2013-12-17 03:24:51    --------    d-----w-    C:\Program Files (x86)\Naver
2013-12-13 02:29:57    167424    ----a-w-    C:\Program Files\Windows Media Player\wmplayer.exe
2013-12-13 02:29:57    164864    ----a-w-    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2013-12-13 02:29:56    12625920    ----a-w-    C:\windows\System32\wmploc.DLL
2013-12-13 02:29:56    12625408    ----a-w-    C:\windows\SysWow64\wmploc.DLL
2013-12-12 08:18:34    335360    ----a-w-    C:\windows\System32\msieftp.dll
2013-12-11 15:27:35    --------    d-----w-    C:\Users\Eun\AppData\Roaming\AVAST Software
2013-12-04 02:09:05    --------    d-----w-    C:\Program Files\iPod
2013-12-04 02:09:04    --------    d-----w-    C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-04 02:09:04    --------    d-----w-    C:\Program Files\iTunes
2013-12-04 02:09:04    --------    d-----w-    C:\Program Files (x86)\iTunes
.
==================== Find3M  ====================
.
2013-12-11 12:06:56    92544    ----a-w-    C:\windows\System32\drivers\aswRdr2.sys
2013-12-11 12:06:56    84328    ----a-w-    C:\windows\System32\drivers\aswMonFlt.sys
2013-12-11 12:06:56    65776    ----a-w-    C:\windows\System32\drivers\aswRvrt.sys
2013-12-11 12:06:56    205320    ----a-w-    C:\windows\System32\drivers\aswVmm.sys
2013-12-11 12:06:56    1032416    ----a-w-    C:\windows\System32\drivers\aswSnx.sys
2013-12-11 12:06:55    43152    ----a-w-    C:\windows\avastSS.scr
2013-12-11 00:18:18    71048    ----a-w-    C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 00:18:18    692616    ----a-w-    C:\windows\SysWow64\FlashPlayerApp.exe
2013-11-26 10:19:07    2724864    ----a-w-    C:\windows\System32\mshtml.tlb
2013-11-26 10:18:23    4096    ----a-w-    C:\windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ----a-w-    C:\windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ----a-w-    C:\windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02    2724864    ----a-w-    C:\windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39    139264    ----a-w-    C:\windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ----a-w-    C:\windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ----a-w-    C:\windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ----a-w-    C:\windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ----a-w-    C:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    C:\windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ----a-w-    C:\windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ----a-w-    C:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ----a-w-    C:\windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ----a-w-    C:\windows\SysWow64\wininet.dll
2013-11-23 18:26:20    417792    ----a-w-    C:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34    465920    ----a-w-    C:\windows\System32\WMPhoto.dll
2013-11-22 14:36:01    96168    ----a-w-    C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-21 12:08:55    46368    ----a-w-    C:\windows\System32\drivers\avgtpx64.sys
2013-11-19 08:33:38    267936    ------w-    C:\windows\System32\MpSigStub.exe
2013-11-12 02:23:09    2048    ----a-w-    C:\windows\System32\tzres.dll
2013-11-12 02:07:29    2048    ----a-w-    C:\windows\SysWow64\tzres.dll
2013-10-30 02:19:52    301568    ----a-w-    C:\windows\SysWow64\msieftp.dll
2013-10-30 01:24:31    3155968    ----a-w-    C:\windows\System32\win32k.sys
2013-10-19 02:18:57    81408    ----a-w-    C:\windows\System32\imagehlp.dll
2013-10-19 01:36:59    159232    ----a-w-    C:\windows\SysWow64\imagehlp.dll
2013-10-12 02:32:04    150016    ----a-w-    C:\windows\System32\wshom.ocx
2013-10-12 02:31:04    202752    ----a-w-    C:\windows\System32\scrrun.dll
2013-10-12 02:30:42    830464    ----a-w-    C:\windows\System32\nshwfp.dll
2013-10-12 02:29:21    859648    ----a-w-    C:\windows\System32\IKEEXT.DLL
2013-10-12 02:29:08    324096    ----a-w-    C:\windows\System32\FWPUCLNT.DLL
2013-10-12 02:04:36    121856    ----a-w-    C:\windows\SysWow64\wshom.ocx
2013-10-12 02:03:31    163840    ----a-w-    C:\windows\SysWow64\scrrun.dll
2013-10-12 02:03:08    656896    ----a-w-    C:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25    216576    ----a-w-    C:\windows\SysWow64\FWPUCLNT.DLL
2013-10-12 01:33:39    156160    ----a-w-    C:\windows\System32\cscript.exe
2013-10-12 01:33:26    168960    ----a-w-    C:\windows\System32\wscript.exe
2013-10-12 01:15:48    141824    ----a-w-    C:\windows\SysWow64\wscript.exe
2013-10-12 01:15:48    126976    ----a-w-    C:\windows\SysWow64\cscript.exe
2013-10-05 20:25:35    1474048    ----a-w-    C:\windows\System32\crypt32.dll
2013-10-05 19:57:25    1168384    ----a-w-    C:\windows\SysWow64\crypt32.dll
2013-10-04 02:28:31    190464    ----a-w-    C:\windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17    197120    ----a-w-    C:\windows\System32\credui.dll
2013-10-04 02:24:49    1930752    ----a-w-    C:\windows\System32\authui.dll
2013-10-04 02:16:30    116736    ----a-w-    C:\windows\System32\drivers\drmk.sys
2013-10-04 01:58:50    152576    ----a-w-    C:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25    168960    ----a-w-    C:\windows\SysWow64\credui.dll
2013-10-04 01:56:00    1796096    ----a-w-    C:\windows\SysWow64\authui.dll
2013-10-04 01:36:04    230400    ----a-w-    C:\windows\System32\drivers\portcls.sys
2013-10-03 02:23:48    404480    ----a-w-    C:\windows\System32\gdi32.dll
2013-10-03 02:00:44    311808    ----a-w-    C:\windows\SysWow64\gdi32.dll
.
============= FINISH: 11:47:38.84 ===============
 

--

 

Attach:

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2/3/2012 5:36:00 PM
System Uptime: 12/28/2013 8:54:56 AM (3 hours ago)
.
Motherboard: Dell Inc. |  | 0Y0RMG
Processor: Intel® Core i5-2430M CPU @ 2.40GHz | CPU 1 | 2401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 581 GiB total, 431.203 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: USB Video Device
Device ID: USB\VID_1BCF&PID_2880&MI_00\7&B2FCF74&0&0000
Manufacturer: Microsoft
Name: Integrated Webcam
PNP Device ID: USB\VID_1BCF&PID_2880&MI_00\7&B2FCF74&0&0000
Service: usbvideo
.
Class GUID:
Description: hp LaserJet 9050
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer:
Name: hp LaserJet 9050
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
==== System Restore Points ===================
.
RP237: 12/17/2013 8:59:17 AM - Windows Update
RP238: 12/24/2013 3:29:53 AM - Windows Update
RP239: 12/27/2013 11:53:43 AM - Windows Update
.
==== Installed Programs ======================
.
???
?????
64 Bit HP CIO Components Installer
Accidental Damage Services Agreement
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.8)
Advanced Audio FX Engine
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
AVG SafeGuard toolbar
Banctec Service Agreement
Bandicam
Bandisoft MPEG-1 Decoder
Bejeweled 2 Deluxe
Bing Rewards Client Installer
Blackhawk Striker 2
Bonjour
Bounce Symphony
BufferChm
Build-a-lot 2
C&C 3: The Forgotten
C4700
Cake Mania
CCleaner
Chuzzle Deluxe
Command & Conquer 3
Command & Conquer™ 4 Tiberian Twilight
Command & Conquer™ Red Alert™ 3 Uprising
Complete Care Business Service Agreement
Consumer In-Home Service Agreement
D3DX10
Defcon v1.43
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Edoc Viewer
Dell Getting Started Guide
Dell Home Systems Service Agreement
Dell MusicStage
Dell PhotoStage
Dell Resource CD
Dell Stage
Dell Touchpad
Dell VideoStage
Dell Webcam Central
Destinations
DeviceDiscovery
Diner Dash 2 Restaurant Rescue
DirectX 9 Runtime
Dora's World Adventure
eBay
Elsword version v3.1106.5.1
Escape Whisper Valley
Farm Frenzy
FATE
Fiddler
Final Drive Fury
Final Drive Nitro
Free YouTube Download version 3.2.12.827
Free YouTube to MP3 Converter version 3.12.12.827
Google Chrome
Google Update Helper
GPBaseService2
HeroesGo
Hewlett-Packard ACLM.NET v1.1.0.0
Hotspot Shield 2.93
HP Customer Participation Program 14.0
HP Imaging Device Functions 14.0
HP Photo Creations
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6
HP Product Detection
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPDiagnosticAlert
HPPhotoGadget
HPProductAssistant
HPSSupply
iCloud
IDT Audio
Intel PROSet Wireless
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® PROSet/Wireless Software for Bluetooth® Technology
Intel® PROSet/Wireless WiFi Software
Intel® Rapid Storage Technology
Intel® Turbo Boost Technology Monitor 2.0
Intel® WiDi
Intel® Wireless Display
iTunes
Java 7 Update 17 (64-bit)
Java 7 Update 45
Java Auto Updater
Java SE Development Kit 7 Update 11 (64-bit)
Java 6 Update 31
Java 6 Update 39 (64-bit)
JavaFX 2.1.1
Jewel Quest
Jewel Quest Solitaire 2
Juniper Networks, Inc. Setup Client
Juniper Networks, Inc. Setup Client Activex Control
Junk Mail filter update
Lunia
Luxor
MarketResearch
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Mouse and Keyboard Center
Microsoft Office 2010
Microsoft Office Access database engine 2007 (English)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
My Dell
MyTomTom 3.2.0.700
Namco All-Stars PAC-MAN
NCLEX-RN 4000 - Individual Version
Nero 10 Movie ThemePack Basic
Nero Blu-ray Player
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
Network64
Nexon Game Manager
Pando Media Booster
Penguins!
PhotoShowExpress
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
PowerISO
Premium Service Agreement
PS_AIO_06_C4700_SW_Min
QualxServ Service Agreement
Quickset64
QuickTime
QuickTransfer
RBVirtualFolder64Inst
Realtek Ethernet Controller Driver
Realtek USB 2.0 Card Reader
Renesas Electronics USB 3.0 Host Controller Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Roxio File Backup
Samantha Swift
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shop for HP Supplies
Skype Click to Call
Skype™ 6.11
SmartWebPrinting
SolutionCenter
Sonic CinePlayer Decoder Pack
Status
SyncUP
Toolbox
TrayApp
TrustedID
TrustedID IDMonitor Identity Protection
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Update Installer for WildTangent Games App
USIM Editor 1.0.35.0
Virtual Villagers 4 - The Tree of Life
Visual Studio C++ 10.0 Runtime
WebReg
Wedding Dash - Ready, Aim, Love!
WildTangent Games
WildTangent Games App (Dell Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WindSlayer 2
WinRAR 4.10 (64-bit)
Yahoo! Toolbar
Zinio Reader 4
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
12/28/2013 8:56:10 AM, Error: Service Control Manager [7000]  - The Afa Card Reader Service service failed to start due to the following error:  The system cannot find the file specified.
12/26/2013 9:27:48 PM, Error: Service Control Manager [7023]  - The HP Network Devices Support service terminated with the following error:  %%-2147467243
12/26/2013 10:24:01 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 10:21:08 PM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 10:21:08 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/26/2013 10:21:08 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/26/2013 10:20:59 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/26/2013 10:20:51 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/26/2013 10:17:01 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\windows\System32\IWMSSvc.dll Error Code: 21
12/26/2013 10:16:45 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  aswRvrt aswSnx aswSP aswTdi aswVmm discache SCDEmu spldr Wanarpv6
12/26/2013 10:16:11 PM, Error: sptd [4]  - Driver detected an internal error in its data structures for .
12/26/2013 10:04:14 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
12/26/2013 10:03:25 PM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 10:03:20 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
12/26/2013 10:02:45 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD aswRdr aswRvrt aswSnx aswSP aswTdi aswVmm DfsC discache HssDRV6 NetBIOS NetBT nsiproxy Psched rdbss SCDEmu spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl
12/26/2013 10:02:42 PM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 10:02:42 PM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
12/26/2013 10:02:42 PM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
12/26/2013 10:02:42 PM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 10:02:42 PM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 10:02:42 PM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
12/26/2013 10:02:42 PM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 10:02:42 PM, Error: Service Control Manager [7001]  - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 10:02:42 PM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 10:02:42 PM, Error: Service Control Manager [7001]  - The Hotspot Shield Service service depends on the DHCP Client service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 10:02:42 PM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
12/26/2013 10:02:42 PM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
12/24/2013 4:43:21 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
12/24/2013 4:43:21 AM, Error: Service Control Manager [7000]  - The Windows Live ID Sign-in Assistant service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
12/23/2013 9:39:52 PM, Error: Service Control Manager [7031]  - The Hotspot Shield Routing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
12/21/2013 10:52:35 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service service to connect.
12/21/2013 10:52:35 AM, Error: Service Control Manager [7000]  - The Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================

 

--

 

Finally I did a RougeKill but did NOT do any other action after the scan:

 

 

RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Eun [Admin rights]
Mode : Scan -- Date : 12/28/2013 11:52:33
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][File] @ : C:\Users\Eun\AppData\Local\{a47d8b6a-ff28-849b-8f6e-21831dfb042a}\@ [-] --> FOUND
[ZeroAccess][Folder] U : C:\WINDOWS\Installer\{a47d8b6a-ff28-849b-8f6e-21831dfb042a}\U [-] --> FOUND
[ZeroAccess][Folder] U : C:\Users\Eun\AppData\Local\{a47d8b6a-ff28-849b-8f6e-21831dfb042a}\U [-] --> FOUND
[ZeroAccess][Folder] L : C:\WINDOWS\Installer\{a47d8b6a-ff28-849b-8f6e-21831dfb042a}\L [-] --> FOUND
[ZeroAccess][Folder] L : C:\Users\Eun\AppData\Local\{a47d8b6a-ff28-849b-8f6e-21831dfb042a}\L [-] --> FOUND

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD6400BPVT-75HXZT3 +++++
--- User ---
[MBR] 2ecb667720908531b739768c4b5ab7d6
[bSP] f3e38db2d3b49d7610a8d76330b5a2d3 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 595378 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_12282013_115233.txt >>
RKreport[0]_S_12282013_113724.txt




 

[MrCharlie]

Please read the following information first.

You're infected with Rootkit.ZeroAccess, a BackDoor Trojan.

BACKDOOR WARNING

------------------------------

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

http://www.dslreports.com/faq/10451

When Should I Format, How Should I Reinstall

http://www.dslreports.com/faq/10063

I will try my best to clean this machine but I can't guarantee that it will be 100% secure afterwards.

I would change all my passwords and keep a close eye on all your sensitive accounts.

Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

-----------------------------------------

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

If the logs are large, you can attach them:

To attach a log:

Bottom right corner of this page.

New window that comes up.

MrC

[HyperPhoenix]

Will replacing my hard drive and loading the OS be another solution?

[MrCharlie]

Yes it would, but you don't have to replace the hard drive.

Formatting the hard drive and installing a new operating system will get rid of any virus on the system.

MrC

[HyperPhoenix]

And finally, backing up my vital files after post-exposure would be useless because transferring the files to the reformatted drive would carry the same Trojan as well?

[MrCharlie]

It's possible, I suggest we clean the computer first, then you can do what ever you want.

 

MrC

[HyperPhoenix]

Ok files posted

FRST.txt

Addition.txt

[MrCharlie]

Download the attached fixlist.txt to the same folder as FRST.

Run FRST.exe and click Fix only once and wait

The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.

Then......

Download Malwarebytes Anti-Rootkit from HERE

• Unzip the contents to a folder in a convenient location.
• Open the folder where the contents were unzipped and run mbar.exe
• Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
• Click on the Cleanup button to remove any threats and reboot if prompted to do so.
• Wait while the system shuts down and the cleanup process is performed.
• Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
• When done, please post the two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txt

To attach a log if needed:

Bottom right corner of this page.

New window that comes up.

MrC

[HyperPhoenix]

Files posted:

Fixlog.txt

mbar-log-2013-12-30 (01-01-04).txt

mbar-log-2013-12-30 (01-39-40).txt

system-log.txt

[MrCharlie]

OK...Next:

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

[HyperPhoenix]

ComboFix 13-12-29.01 - Eun 12/30/2013  14:43:31.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6051.4468 [GMT -5:00]
Running from: c:\users\Eun\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\programdata\PCDr\6422\AddOnDownloaded\1aff7cd0-71c5-4682-8a81-f3488d648a52.dll
c:\programdata\PCDr\6422\AddOnDownloaded\4024761b-0217-45f9-98b3-a2cd8c309252.dll
c:\programdata\PCDr\6422\AddOnDownloaded\5eb0ad41-431b-4bf8-b498-110b0b5cd0ab.dll
c:\programdata\PCDr\6422\AddOnDownloaded\61c13bfc-28f4-44bc-beec-efa429fa40f0.dll
c:\programdata\PCDr\6422\AddOnDownloaded\721f0e40-f9ae-403d-b919-f31f136f926d.dll
c:\programdata\PCDr\6422\AddOnDownloaded\a42876a0-cd50-444f-b999-c31d0b73f57c.dll
c:\programdata\PCDr\6422\AddOnDownloaded\b46fef86-eb4a-44db-ad48-0c00477a0097.dll
c:\programdata\PCDr\6422\AddOnDownloaded\ec1edaed-f34f-4e3a-96eb-bbdad2af9a8a.dll
c:\programdata\PCDr\6422\AddOnDownloaded\f63e05a5-1f40-4c42-b80a-d0995b6e38a7.dll
c:\users\Eun\Documents\~WRL2733.tmp
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Files Created from 2013-11-28 to 2013-12-30  )))))))))))))))))))))))))))))))
.
.
2013-12-30 19:57 . 2013-12-30 19:57    --------    d-----w-    c:\users\Public\AppData\Local\temp
2013-12-30 19:57 . 2013-12-30 19:57    --------    d-----w-    c:\users\fbwuser\AppData\Local\temp
2013-12-30 19:57 . 2013-12-30 19:57    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-12-30 07:31 . 2013-12-30 19:49    75888    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{63E8847B-3E70-4496-BF69-8A6B39DC0891}\offreg.dll
2013-12-30 06:01 . 2013-12-30 06:39    117464    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2013-12-30 06:00 . 2013-12-30 06:38    89304    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2013-12-29 13:55 . 2013-12-29 13:55    --------    d-----w-    c:\users\Eun\AppData\Local\CrashDumps
2013-12-29 05:58 . 2013-12-30 05:58    --------    d-----w-    C:\FRST
2013-12-28 16:36 . 2013-12-28 16:52    29696    ----a-w-    c:\windows\system32\drivers\scfilter.sys.bak
2013-12-27 17:43 . 2013-12-27 17:43    --------    d-----w-    c:\users\Eun\AppData\Roaming\Malwarebytes
2013-12-27 17:43 . 2013-12-27 17:43    --------    d-----w-    c:\programdata\Malwarebytes
2013-12-27 16:54 . 2013-12-04 03:28    10315576    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{63E8847B-3E70-4496-BF69-8A6B39DC0891}\mpengine.dll
2013-12-27 02:34 . 2013-12-27 03:25    --------    d-----w-    c:\users\Eun\AppData\Local\NPE
2013-12-27 02:34 . 2013-12-27 02:34    --------    d-----w-    c:\programdata\Norton
2013-12-27 02:32 . 2013-12-27 02:32    --------    d-----w-    c:\users\norton
2013-12-17 03:24 . 2013-12-17 03:45    --------    d-----w-    c:\program files (x86)\Naver
2013-12-13 02:29 . 2013-05-10 04:30    167424    ----a-w-    c:\program files\Windows Media Player\wmplayer.exe
2013-12-13 02:29 . 2013-05-10 03:48    164864    ----a-w-    c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-13 02:29 . 2013-05-10 05:56    12625920    ----a-w-    c:\windows\system32\wmploc.DLL
2013-12-13 02:29 . 2013-05-10 04:56    12625408    ----a-w-    c:\windows\SysWow64\wmploc.DLL
2013-12-13 02:29 . 2013-05-10 05:56    14631424    ----a-w-    c:\windows\system32\wmp.dll
2013-12-12 08:18 . 2013-10-30 02:32    335360    ----a-w-    c:\windows\system32\msieftp.dll
2013-12-11 15:27 . 2013-12-11 15:27    --------    d-----w-    c:\users\Eun\AppData\Roaming\AVAST Software
2013-12-04 02:09 . 2013-12-04 02:09    --------    d-----w-    c:\program files\iPod
2013-12-04 02:09 . 2013-12-04 02:09    --------    d-----w-    c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-04 02:09 . 2013-12-04 02:09    --------    d-----w-    c:\program files\iTunes
2013-12-04 02:09 . 2013-12-04 02:09    --------    d-----w-    c:\program files (x86)\iTunes
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-14 08:00 . 2012-02-05 18:37    90708896    ----a-w-    c:\windows\system32\MRT.exe
2013-12-11 12:06 . 2013-03-08 17:13    65776    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2013-12-11 12:06 . 2013-03-08 17:13    205320    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2013-12-11 12:06 . 2012-04-11 15:51    92544    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
2013-12-11 12:06 . 2012-02-03 22:43    409832    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2013-12-11 12:06 . 2012-02-03 22:43    38984    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2013-12-11 12:06 . 2012-02-03 22:43    65264    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2013-12-11 12:06 . 2012-02-03 22:43    1032416    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2013-12-11 12:06 . 2012-02-03 22:43    84328    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2013-12-11 12:06 . 2012-02-03 22:43    334648    ----a-w-    c:\windows\system32\aswBoot.exe
2013-12-11 12:06 . 2012-02-03 22:43    43152    ----a-w-    c:\windows\avastSS.scr
2013-12-11 00:18 . 2012-04-11 18:19    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 00:18 . 2012-02-08 21:07    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-26 07:15 . 2013-11-26 07:15    940032    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 07:15 . 2013-11-26 07:15    194048    ----a-w-    c:\windows\SysWow64\elshyph.dll
2013-11-26 07:15 . 2013-11-26 07:15    942592    ----a-w-    c:\windows\system32\jsIntl.dll
2013-11-26 07:15 . 2013-11-26 07:15    86016    ----a-w-    c:\windows\SysWow64\iesysprep.dll
2013-11-26 07:15 . 2013-11-26 07:15    86016    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2013-11-26 07:15 . 2013-11-26 07:15    74240    ----a-w-    c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-26 07:15 . 2013-11-26 07:15    71680    ----a-w-    c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-26 07:15 . 2013-11-26 07:15    645120    ----a-w-    c:\windows\SysWow64\jsIntl.dll
2013-11-26 07:15 . 2013-11-26 07:15    62464    ----a-w-    c:\windows\SysWow64\tdc.ocx
2013-11-26 07:15 . 2013-11-26 07:15    61952    ----a-w-    c:\windows\SysWow64\MshtmlDac.dll
2013-11-26 07:15 . 2013-11-26 07:15    61952    ----a-w-    c:\windows\SysWow64\iesetup.dll
2013-11-26 07:15 . 2013-11-26 07:15    51200    ----a-w-    c:\windows\SysWow64\ieetwproxystub.dll
2013-11-26 07:15 . 2013-11-26 07:15    48640    ----a-w-    c:\windows\SysWow64\mshtmler.dll
2013-11-26 07:15 . 2013-11-26 07:15    454656    ----a-w-    c:\windows\SysWow64\vbscript.dll
2013-11-26 07:15 . 2013-11-26 07:15    36352    ----a-w-    c:\windows\SysWow64\imgutil.dll
2013-11-26 07:15 . 2013-11-26 07:15    34816    ----a-w-    c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-26 07:15 . 2013-11-26 07:15    337408    ----a-w-    c:\windows\SysWow64\html.iec
2013-11-26 07:15 . 2013-11-26 07:15    247808    ----a-w-    c:\windows\system32\msls31.dll
2013-11-26 07:15 . 2013-11-26 07:15    24576    ----a-w-    c:\windows\SysWow64\licmgr10.dll
2013-11-26 07:15 . 2013-11-26 07:15    235008    ----a-w-    c:\windows\system32\elshyph.dll
2013-11-26 07:15 . 2013-11-26 07:15    195584    ----a-w-    c:\windows\system32\msrating.dll
2013-11-26 07:15 . 2013-11-26 07:15    182272    ----a-w-    c:\windows\SysWow64\msls31.dll
2013-11-26 07:15 . 2013-11-26 07:15    151552    ----a-w-    c:\windows\SysWow64\iexpress.exe
2013-11-26 07:15 . 2013-11-26 07:15    139264    ----a-w-    c:\windows\SysWow64\wextract.exe
2013-11-26 07:15 . 2013-11-26 07:15    13312    ----a-w-    c:\windows\SysWow64\mshta.exe
2013-11-26 07:15 . 2013-11-26 07:15    112128    ----a-w-    c:\windows\SysWow64\ieUnatt.exe
2013-11-26 07:15 . 2013-11-26 07:15    111616    ----a-w-    c:\windows\SysWow64\IEAdvpack.dll
2013-11-26 07:15 . 2013-11-26 07:15    1051136    ----a-w-    c:\windows\SysWow64\mshtmlmedia.dll
2013-11-26 07:15 . 2013-11-26 07:15    90112    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2013-11-26 07:15 . 2013-11-26 07:15    84992    ----a-w-    c:\windows\system32\mshtmled.dll
2013-11-26 07:15 . 2013-11-26 07:15    83968    ----a-w-    c:\windows\system32\MshtmlDac.dll
2013-11-26 07:15 . 2013-11-26 07:15    81408    ----a-w-    c:\windows\system32\icardie.dll
2013-11-26 07:15 . 2013-11-26 07:15    774144    ----a-w-    c:\windows\system32\jscript.dll
2013-11-26 07:15 . 2013-11-26 07:15    77312    ----a-w-    c:\windows\system32\tdc.ocx
2013-11-26 07:15 . 2013-11-26 07:15    626176    ----a-w-    c:\windows\system32\msfeeds.dll
2013-11-26 07:15 . 2013-11-26 07:15    62464    ----a-w-    c:\windows\system32\pngfilt.dll
2013-11-26 07:15 . 2013-11-26 07:15    616104    ----a-w-    c:\windows\system32\ieapfltr.dat
2013-11-26 07:15 . 2013-11-26 07:15    548352    ----a-w-    c:\windows\system32\vbscript.dll
2013-11-26 07:15 . 2013-11-26 07:15    52224    ----a-w-    c:\windows\system32\msfeedsbs.dll
2013-11-26 07:15 . 2013-11-26 07:15    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2013-11-26 07:15 . 2013-11-26 07:15    48128    ----a-w-    c:\windows\system32\imgutil.dll
2013-11-26 07:15 . 2013-11-26 07:15    453120    ----a-w-    c:\windows\system32\dxtmsft.dll
2013-11-26 07:15 . 2013-11-26 07:15    413696    ----a-w-    c:\windows\system32\html.iec
2013-11-26 07:15 . 2013-11-26 07:15    40448    ----a-w-    c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 07:15 . 2013-11-26 07:15    30208    ----a-w-    c:\windows\system32\licmgr10.dll
2013-11-26 07:15 . 2013-11-26 07:15    296960    ----a-w-    c:\windows\system32\dxtrans.dll
2013-11-26 07:15 . 2013-11-26 07:15    263376    ----a-w-    c:\windows\system32\iedkcs32.dll
2013-11-26 07:15 . 2013-11-26 07:15    243200    ----a-w-    c:\windows\system32\webcheck.dll
2013-11-26 07:15 . 2013-11-26 07:15    235520    ----a-w-    c:\windows\system32\url.dll
2013-11-26 07:15 . 2013-11-26 07:15    167424    ----a-w-    c:\windows\system32\iexpress.exe
2013-11-26 07:15 . 2013-11-26 07:15    147968    ----a-w-    c:\windows\system32\occache.dll
2013-11-26 07:15 . 2013-11-26 07:15    143872    ----a-w-    c:\windows\system32\wextract.exe
2013-11-26 07:15 . 2013-11-26 07:15    13824    ----a-w-    c:\windows\system32\mshta.exe
2013-11-26 07:15 . 2013-11-26 07:15    135680    ----a-w-    c:\windows\system32\iepeers.dll
2013-11-26 07:15 . 2013-11-26 07:15    13312    ----a-w-    c:\windows\system32\msfeedssync.exe
2013-11-26 07:15 . 2013-11-26 07:15    131072    ----a-w-    c:\windows\system32\IEAdvpack.dll
2013-11-26 07:15 . 2013-11-26 07:15    1228800    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2013-11-26 07:15 . 2013-11-26 07:15    105984    ----a-w-    c:\windows\system32\iesysprep.dll
2013-11-26 07:15 . 2013-11-26 07:15    101376    ----a-w-    c:\windows\system32\inseng.dll
2013-11-22 14:36 . 2013-11-22 14:36    96168    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-19 08:33 . 2010-11-21 03:27    267936    ------w-    c:\windows\system32\MpSigStub.exe
2013-10-14 23:00 . 2013-11-26 07:18    28368    ----a-w-    c:\windows\system32\IEUDINIT.EXE
2013-10-12 02:30 . 2013-11-14 06:36    830464    ----a-w-    c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-14 06:36    859648    ----a-w-    c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-14 06:36    324096    ----a-w-    c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-14 06:36    656896    ----a-w-    c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-14 06:36    216576    ----a-w-    c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25 . 2013-11-14 06:37    1474048    ----a-w-    c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-14 06:37    1168384    ----a-w-    c:\windows\SysWow64\crypt32.dll
2013-10-04 02:28 . 2013-11-14 06:37    190464    ----a-w-    c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 02:25 . 2013-11-14 06:37    197120    ----a-w-    c:\windows\system32\credui.dll
2013-10-04 02:24 . 2013-11-14 06:37    1930752    ----a-w-    c:\windows\system32\authui.dll
2013-10-04 01:58 . 2013-11-14 06:37    152576    ----a-w-    c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56 . 2013-11-14 06:37    168960    ----a-w-    c:\windows\SysWow64\credui.dll
2013-10-04 01:56 . 2013-11-14 06:37    1796096    ----a-w-    c:\windows\SysWow64\authui.dll
2013-10-03 02:23 . 2013-11-14 06:36    404480    ----a-w-    c:\windows\system32\gdi32.dll
2013-10-03 02:00 . 2013-11-14 06:36    311808    ----a-w-    c:\windows\SysWow64\gdi32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2012-08-21 67496]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-04-30 885760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"USBestCR"="c:\program files (x86)\USIM Editor\iconcs10970707.exe" [2010-07-02 7041024]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-11 3568312]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"RequireSignedAppInit_DLLs"=0 (0x0)
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ       autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 AfaService;Afa Card Reader Service;c:\windows\system32\afasrv64.exe;c:\windows\SYSNATIVE\afasrv64.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MHIKEY10;MHIKEY10;c:\windows\system32\Drivers\MHIKEY10x64.sys;c:\windows\SYSNATIVE\Drivers\MHIKEY10x64.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 NTPASp50a64;NTPASp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\NTPASp50a64.sys;c:\windows\SYSNATIVE\Drivers\NTPASp50a64.sys [x]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va005;X6va005;c:\users\Eun\AppData\Local\Temp\005B2AF.tmp;c:\users\Eun\AppData\Local\Temp\005B2AF.tmp [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R3 X6va010;X6va010;c:\windows\SysWOW64\Drivers\X6va010;c:\windows\SysWOW64\Drivers\X6va010 [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 X6va013;X6va013;c:\windows\SysWOW64\Drivers\X6va013;c:\windows\SysWOW64\Drivers\X6va013 [x]
R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
R4 X6va006;X6va006;c:\users\Eun\AppData\Local\Temp\00643D5.tmp;c:\users\Eun\AppData\Local\Temp\00643D5.tmp [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [x]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt    REG_MULTI_SZ       hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 01:51    1210320    ----a-w-    c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-12-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 00:18]
.
2013-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-03 22:43]
.
2013-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-03 22:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2013-04-22 19:11    287048    ----a-w-    c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-11 12:06    326944    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-20 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-20 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-20 416024]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-28 1935120]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-04-30 2055016]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-25 525312]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-03-15 178960]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-03-27 11407120]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <-loopback>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Eun\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Eun\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Eun\AppData\Roaming\Mozilla\Firefox\Profiles\jawynhf6.default\

FF - prefs.js: browser.search.selectedEngine - Google


FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-11-21 08:39; firefox@passwordbox.com; c:\program files (x86)\PasswordBox\Firefox
FF - ExtSQL: !HIDDEN! 2012-05-14 22:00; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Bandicam - c:\program files (x86)\Bandicam\uninstall.exe
AddRemove-WT089446 - c:\program files (x86)\WildTangent\Dell Games\Wedding Dash - Ready
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Eun\AppData\Local\Temp\005B2AF.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va006]
"ImagePath"="\??\c:\users\Eun\AppData\Local\Temp\00643D5.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va010]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va010"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va013]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va013"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va015]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-12-30  15:10:51
ComboFix-quarantined-files.txt  2013-12-30 20:10
.
Pre-Run: 469,176,524,800 bytes free
Post-Run: 472,525,078,528 bytes free
.
- - End Of File - - A6D9DAD3B69C9D7BBFA38BB55CAD9B88

[MrCharlie]

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look similar to this, not "sponsored ad links":

• Double click on AdwCleaner.exe to run the tool.

  Vista/Windows 7/8 users right-click and select Run As Administrator

• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• When it's done you'll see: Pending: Please uncheck elements you don't want removed.
• Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
• Look over the log especially under Files/Folders for any program you want to save.
• If there's a program you may want to save, just uncheck it from AdwCleaner.
• If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
• If you're ready to clean it all up.....click the Clean button.
• After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
• Copy and paste the contents of that logfile in your next reply.
• A copy of that logfile will also be saved in the C:\AdwCleaner folder.
• Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
• To restore an item that has been deleted:
• Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a FULL Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

[HyperPhoenix]

AdwCleaner\AdwCleaner[R0].txt

# AdwCleaner v3.016 - Report created 30/12/2013 at 16:37:07
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Eun - Eun-PC
# Running from : C:\Users\Eun\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : hshld
Service Found : HssSrv
Service Found : hsstrayservice
Service Found : hsswd

***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\safeguard-secure-search.xml
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Users\Eun\AppData\Roaming\Mozilla\Firefox\Profiles\jawynhf6.default\searchplugins\safeguard-secure-search.xml
File Found : C:\Users\Eun\AppData\Roaming\Mozilla\Firefox\Profiles\jawynhf6.default\searchplugins\WebSearch.xml
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Found : C:\Users\norton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found C:\Program Files (x86)\BrowseToSave
Folder Found C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Found C:\Program Files (x86)\hotspot shield
Folder Found C:\Program Files (x86)\WebSearch
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\hotspot shield
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Found C:\ProgramData\SoftSafe
Folder Found C:\Users\Eun\AppData\Roaming\dvdvideosoftiehelpers
Folder Found C:\windows\SysWOW64\hotspot shield

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\anchorfree
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\anchorfree
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Found : HKLM\Software\hotspotshield
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_avidemux_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_avidemux_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_halo-combat-evolved_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_halo-combat-evolved_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Eun\AppData\Roaming\Mozilla\Firefox\Profiles\jawynhf6.default\prefs.js ]

Line Found : user_pref("aol_toolbar.default.homepage.check", false);
Line Found : user_pref("aol_toolbar.default.search.check", false);
Line Found : user_pref("browser.search.defaultenginename,S", "WebSearch");

Line Found : user_pref("browser.search.order.1,S", "WebSearch");
Line Found : user_pref("browser.search.selectedEngine,S", "WebSearch");
Line Found : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Line Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);

Line Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Found : user_pref("sweetim.toolbar.searchguard.enable", "");

*************************

AdwCleaner[R0].txt - [7364 octets] - [30/12/2013 16:37:07]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7424 octets] ##########

[HyperPhoenix]

AdwCleaner\AdwCleaner[s0].txt :

 

# AdwCleaner v3.016 - Report created 30/12/2013 at 16:43:12
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Eun - Eun-PC
# Running from : C:\Users\Eun\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : hshld
Service Deleted : HssSrv
[#] Service Deleted : hsstrayservice
Service Deleted : hsswd

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\hotspot shield
Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Deleted : C:\Program Files (x86)\BrowseToSave
Folder Deleted : C:\Program Files (x86)\hotspot shield
Folder Deleted : C:\Program Files (x86)\WebSearch
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\windows\SysWOW64\hotspot shield
Folder Deleted : C:\Users\Eun\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Deleted : C:\Users\norton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\Eun\AppData\Roaming\Mozilla\Firefox\Profiles\jawynhf6.default\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Eun\AppData\Roaming\Mozilla\Firefox\Profiles\jawynhf6.default\searchplugins\WebSearch.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_avidemux_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_avidemux_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_halo-combat-evolved_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_halo-combat-evolved_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\hotspotshield
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Eun\AppData\Roaming\Mozilla\Firefox\Profiles\jawynhf6.default\prefs.js ]

Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Line Deleted : user_pref("aol_toolbar.default.search.check", false);
Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");

Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);

Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

*************************

AdwCleaner[R0].txt - [7533 octets] - [30/12/2013 16:37:07]
AdwCleaner[s0].txt - [7428 octets] - [30/12/2013 16:43:12]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [7488 octets] ##########
 

[HyperPhoenix]

Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a FULL Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

 

 

Is this another program because I don't see  this option in the Anti-root kit program you told me to download from earlier

[MrCharlie]

I'm sorry, you don't have it installed:

http://www.bleepingcomputer.com/virus-removal/how-to-use-malwarebytes-anti-malware-tutorial

MrC

[HyperPhoenix]

No worries:

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.30.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Eun :: Eun-PC [administrator]

Protection: Disabled

12/30/2013 4:53:53 PM
mbam-log-2013-12-30 (16-53-53).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 476667
Time elapsed: 58 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

[MrCharlie]

OK...update and run a scan with your Avast and you should be OK.

MrC

[HyperPhoenix]

Nothing picked up on the full scan.

 

Experiencing random slowdowns but it's not frequent though it can be me installing and using Malwarebytes pro

[MrCharlie]

Well are you going to re-install the OS or just use it like this??

 

MrC

[MrCharlie]

How are we doing??

 

Do you still need help or can I close this post??

 

MrC

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!